Serveur hacked with Swift emu r5

Printable View

25-08-13
Mal3ck

Serveur hacked with Swift emu r5

Today I opened a French server, I am under swift emu r5 then coded CMS 0, when I have opened us directly hacked, hackers have us delete the users table! I do not think this is a flaw in the CMS so you can tell me if there is a flaw in the emulator? it's urgent thank you in advance

Sorry for my bad english im french
25-08-13
Quentin Thomine

Re: Serveur hacked with Swift emu r5

hello I'm french I had the same hack for my case it was a good break on habbophp, not the emu pirateurs also simply remove the user table as you.
25-08-13
The General

Re: Serveur hacked with Swift emu r5

Check your MySQL error logs to see if they made a mistake. If they did then you're able to easily find out the exploit.
25-08-13
PsyBen

Re: Serveur hacked with Swift emu r5

Quote:

Originally Posted by HillBilly

Check your MySQL error logs to see if they made a mistake. If they did then you're able to easily find out the exploit.

Hi, I'm the owner of the server whose Mal3ck speak. I can not check my mysql logs because I have not had time to enable the log function.

In fact, the users table was cleared, but the rest was not touched. Surely injection via the emulator. Is that possible?
25-08-13
AKllX

Re: Serveur hacked with Swift emu r5

I wouldn't say surely if you are using phpmyadmin or some exploitable CMS such HabboPHP or one of these RevCMS edits. Anyway all mysql injection possibilities were patched in the open thread so all you need to do is read it and patch your code
25-08-13
NoBrain

Re: Serveur hacked with Swift emu r5

It probably wasn't the emulators fault and more likely your own for not reviewing all code before sending the website live. Kinda foolish of you :)
25-08-13
Bloodraven

Re: Serveur hacked with Swift emu r5

I found no exploits in Swift that haven't already been patched in the thread, and I work on it daily.
25-08-13
PsyBen

Re: Serveur hacked with Swift emu r5

We encode our php by ourselves we can use PDO so no SQL injection. However I find it strange that only the user table was empty and not delete the hacker might well have deleted the database to complete what he did not.

Sorry for my bad english I'm french..

According to a member it would be possible to register with an account that would grader administrator directly. It is also possible to disconnect members in an apartment with a fail. it is possible that member told me?
26-08-13
NoBrain

Re: Serveur hacked with Swift emu r5

Quote:

Originally Posted by PsyBen

We encode our php by ourselves we can use PDO so no SQL injection. However I find it strange that only the user table was empty and not delete the hacker might well have deleted the database to complete what he did not.

Sorry for my bad english I'm french..

According to a member it would be possible to register with an account that would grader administrator directly. It is also possible to disconnect members in an apartment with a fail. it is possible that member told me?

Maybe you fucked up a bit with the PHP? Maybe you used a too weak password for MySQL
26-08-13
PsyBen

Re: Serveur hacked with Swift emu r5

I found the problem, it was a SQL injection via the marketplace_offer.
But however I have another problem now, when we an apostrophe, as it follows a slash: / '

What to do?
27-08-13
Superfun

Re: Serveur hacked with Swift emu r5

Secure all user input on querys with magic quotes or use PDO (bindvalue's)