View Full Version : Someones hacking my pixelpost database
Any ideas how to stop a hacker from writing HTML code to my pixelpost database? Someone is writing some <iframe> stuff to categories and my pixelpost config making it point people to a trojan virus. thoughts??
04-22-2007, 06:02 PM
For starters, change your database password.
Then update your pixelpost.php file to reflect the changes.
I've done that, but i assume they already got my password by reading my pixelpost.php file...
04-22-2007, 07:17 PM
what pixelpost version are you using?
1.3...and yeah, i know i know.i should upgrade :)
But i have so much custom stuff in my index.php and admin section, im afraid to mess that up :)
04-22-2007, 08:57 PM
better you messing it up then your hacker does...
First of all try to protect your admin dir by setting there controlled access through http loging option (many admin panels has got special function for making dirs secure accessed).
I did setup permissions on my admin directory with a username and password via my hosting website control panel. I also changed my pixepost database password. It took the hackers a few hours to break through again and write html code ontop of my categories. Each time a photo shows that has a category, it also pops the virus....any thoughts to protect the database?
04-23-2007, 12:58 PM
could it be that you have already some weird code in your scripts? Perhaps something so simple like the send-forgotten-password function misused (don't know the routine in 1.3, but perhaps one can perform the form with a replaced email adress?
I strongly believe it would be less work to make a complete new installation with 1.6 than to fix that issue
Where do i find the "forgot password" function?
And also, upgrading to 1.6 will fix the issue you think? 1.6 uses the same database tables doesn't it? Heck, if 1.6 will fix the issue, i'll definitely do that!
Maybe this will convince you to upgrade ;): Security advisory (http://www.frsirt.com/english/advisories/2006/0823) for Pixelpost version 1.5-beta and prior.
With this vulnerability they can fetch almost any data from the database, and from any tables. So yeah, upgrading might help. The final 1.5 version seems to be safe. And 1.6 is still in beta, but I'll stick with 1.6 myself for now.
New versions usually include security patches, I'm a little surprised that devs/admins even give other possible solutions first. :confused:
04-23-2007, 03:29 PM
1.6 isn't in beta anymore ;)
The reason we're trying another solution is because of the hacks applied here. But I strongly advise the following:
1. Copy all files and folders related to Pixelpost to your computer as a backup
2. Remove all files related to Pixelpost (if you done it well, you have all your images on your own pc.
3. The next step is important and you have to feel comfortable with this: export your database (structure and data). This gives a nice ASCII file with all the database content. You can try to remove all suspicious code but this is not what I recommend.
4. Drop the entire database
5. Create a new database (different name, different user, different password)
6. Download the new version from our website
7. Extract all files on your server.
8. Install Pixelpost
9. (and this requires the most work) reupload all the images. For descriptions you can look at the database backup (the ascii file) but make sure you don't copy/paste malicious code in your new blog.
This will remove the comments. This might be the only way to make sure you have a clean blog. (if you have the knowledge to clean the comments you can import them again... but only do this if yoy know what you're doing.)
fun fun :)
First i think im gonna try upgrading to 1.6 and getting all my custom stuff back in my index.php. The only thing im worried about here is what the upgrade will do to my current database. When i run the "admin" index.php, im afraid on what it'll do. I'll have a backup of my database, but still..its worrisome. does the initial run of the admin index.php write over and replace anything, or does it just try to build tables?
04-24-2007, 04:47 AM
It is always an upgrade process, so it starts from 1.3 and then upgrades the database. Should go quite easy, but still, you never know.
04-24-2007, 06:04 AM
overthink your custom stuff in index.php. There have been a lot of changes ad a bunch of new addons with 1.4, 1.5 and 1.6
So perhaps you even don't have to hack the core files anymore but could realize your custom workflow with addons?
If you tell us what you want to implement, we can tell you
yeah, theres no doubt i should have done it with addons in the first place, but at the time i didnt know any better. The main custom things are some silly visual stuff that i built in the index.php.......i dont think it'll be a big deal to implement again (if i do it the same silly way) when i upgrade. ...
I guess the main problem that im worried about is that I programmed the multicategory thing in the first place that was implemented in the following releases....and i see that you are using the same table names that i originally created and named, but i havent checked to make sure that all the column names have the same name. I dont want to start the upgrade until im sure all my categories will be in place....I've also added some columns to some other tables, but really they arent that important....
vBulletin® v3.7.3, Copyright ©2000-2013, Jelsoft Enterprises Ltd.