Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Printable View

28-10-13
Joe Richardson

Hotel Keeps Being Hacked. Any Help Will Be Appreciated

My hotel keeps getting hacked and i can't figure out how. Somehow, he can edit all the user data, and rank everyone owner etc. Any help would help my alot.

hendo-hotel.co.uk
28-10-13
Billy Baggins

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

What cms and emu are you using? and theme maybe

AFAIK mysql has a logging option which will save every query ran to a log file. If you enable that then you would see the query being ran which will give you an idea of where the exploit it. Unless they have direct access to your db/server
28-10-13
Joe Richardson

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Quote:

Originally Posted by Billy Baggins

What cms and emu are you using? and theme maybe

AFAIK mysql has a logging option which will save every query ran to a log file. If you enable that then you would see the query being ran which will give you an idea of where the exploit it. Unless they have direct access to your db/server

Source version of phoenix 3.11.0, and RevCMS. They didn't get on the vps. Also, I don't have the AFAIK. Sounds a good tool to get.
28-10-13
Billy Baggins

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

afaik means as far as I know :P
28-10-13
The General

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Phoenix. No exploits in there. Must be your CMS.

Filter all $_POST & $_GET variables that are directly used in a query.
28-10-13
Joe Richardson

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Quote:

Originally Posted by HillBilly

Phoenix. No exploits in there. Must be your CMS.

Filter all $_POST & $_GET variables that are directly used in a query.

Could you direct me into a place on how to do that. I'm still learning haha. You always help me hillbilly. Thank you mate.
28-10-13
The General

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

like:

UPDATE users WHERE username = $_POST['username'];

That query can be exploited but you can escape that by replacing $_POST['username'] with mysql_real_escape_string($_POST['username'])
28-10-13
Joe Richardson

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Quote:

Originally Posted by HillBilly

like:

UPDATE users WHERE username = $_POST['username'];

That query can be exploited but you can escape that by replacing $_POST['username'] with mysql_real_escape_string($_POST['username'])

I don't really understand all that. I just know i should place that somewhere haha. I know he's sql injecting me. I'll find that and do whatever haha. Thanks.

Would you be able to have a quick look at my skin folder, and find this exploit. I mean, when you have some spare time.

Bump this please.

I really need help with this.
29-10-13
1nc1n1gr4t3

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Are u running xampp?
29-10-13
Joe Richardson

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Quote:

Originally Posted by 1nc1n1gr4t3

Are u running xampp?

No. Im using iis
29-10-13
1nc1n1gr4t3

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Then i can't help you, it would be obvious if you had xampp cause xampp is using a security thing called.. erm.. hm.. i forgot the name but anyways its using a sort of hackable source so u can view others root name and root password..
29-10-13
The General

Re: Hotel Keeps Being Hacked. Any Help Will Be Appreciated

Quote:

Originally Posted by 1nc1n1gr4t3

Then i can't help you, it would be obvious if you had xampp cause xampp is using a security thing called.. erm.. hm.. i forgot the name but anyways its using a sort of hackable source so u can view others root name and root password..

You're so stupid. WebDav is no hackable source. Its just a remote folder people can access. Most people forget to change te login details thats why some call it a backdoor or exploit.