my site was hacked please help!!!

  Post new topicReply to topicPrintable Version
<< View previous topic View next topic >>
Share: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
#1   my site was hacked please help!!!
samy
CZ Newbie
samy has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Sep 01, 2004
0.00 posts per day
Posts: 26
Points: 1,670
   
HELP ME ASAP PLEASE SOME carolers HACKED MY SITE!!!

//Edit: LINK REMOVED. REASON: DO NOT POST A LINK TO YOUR SITE WITHOUT A WARNING REGARDING THE SEXUAL CONTENT ON YOUR SITE! - KH

what files they could edit to do that i have no clue how they hacked it also
i run phpnuke 7.3 sec fixed

what to do



Back to top Reply with quote
#2   re: my site was hacked please help!!!
Wolverine
CZ Newbie
Wolverine has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Sep 17, 2004
0.00 posts per day
Posts: 4
Points: 2,015
   
did you use a installer.? nukesql.php by any chance.? if you did delete it



Back to top Reply with quote
#3   re: my site was hacked please help!!!
samy
CZ Newbie
samy has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Sep 01, 2004
0.00 posts per day
Posts: 26
Points: 1,670
   
nothing my site is online like 2 month now ;/ i didnt use no installers



Back to top Reply with quote
#4   re: my site was hacked please help!!!
SpLiNteR
CZ Addict
SpLiNteR has been a member for over 20 year's 20 Year Member
uk.gif
Occupation: Student
Age: 34
Gender: Male
Fav. Sports Team: Leeds United
Website:
Status: Offline
Joined: Feb 08, 2004
0.05 posts per day
Posts: 397
Points: 206,328
AIM Address Yahoo Messenger MSN Messenger ICQ Number
You didn't actually mention the problem. Are you locked out of admin? Has everything been deleted? From looking at the site, all your news seems intact so that doesn't look wrong. Could you be more specific please?




_________________
Back to top Reply with quote
#5   re: my site was hacked please help!!!
samy
CZ Newbie
samy has been a member for over 20 year's 20 Year Member
Status: Offline
Joined: Sep 01, 2004
0.00 posts per day
Posts: 26
Points: 1,670
   
those morons did some kind of sql injection worm i installed nukesentinel wich was suppose to protect my site and now they did it again the 1st time we fixed it...
what to do im desparate already from this phpnuke id move to phpfusion long ago but i dont wanna loose all my databses n stuff ;( what can i do to protect myself from sql injections and stuff? greetz kaktuz.com admin



Back to top Reply with quote
#6   
Telli
Site Admin
Occupation: Self Employed
Age: 46
Gender: Male
Fav. Sports Team: Detroit Red Wings
Website:
Status: Offline
Joined: May 26, 2003
1.03 posts per day
Posts: 8089
Points: 494,440
   
Open your db/mysql.php and find the following section of code and replace with this. I don't believe Sentinal has this covered but not sure.


   //
   // Base query method
   //
   function sql_query($query = "", $transaction = FALSE)
   {
      unset($this->query_result);
             if ($query[0] == 'S') {
                $query_parts = preg_split('/(union)([\s\ ]+)(all|distinct|select)/i', $query, -1, PREG_SPLIT_NO_EMPTY); //Security fix by Telli © 2002-2004 Codezwiz
                if (count($query_parts) > 1) {
                    $query = '';
                    foreach($query_parts AS $part) {
                        if ($query != '') $query .= 'UNI0N SELECT';
                        $query .= $part;
                    }
                }
            }
            $this->query_result = @mysql_query($query, $this->db_connect_id);
      if($this->query_result)
      {
         unset($this->row[$this->query_result]);
         unset($this->rowset[$this->query_result]);

         return $this->query_result;
      }
      else
      {

         return ( $transaction == END_TRANSACTION ) ? true : false;
      }
   }

   //
   // Other query methods
   //




_________________
The path of the righteous man is beset on all sides by the inequities of the selfish and the tyranny of evil men. Blessed is he, who in the name of charity and good will, shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who would attempt to poison and destroy my brothers. And you will know my name is the Lord when I lay my vengeance upon thee. Ezekiel 25:17
Back to top Reply with quote
Display posts from previous:      
Add To: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
<< View previous topic View next topic >>
Post new topicReply to topic

Jump to 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum