2009-03-31, 06:14 PM
Hey all,
I've read some similar posts on this. Basically I have the problem where someone uploaded (actually created a folder) and uploaded about 10 files. Some very large.
They actually created a cgi-bin & php folder within the sub-folder of /forum/uploads/
I caught this pretty quickly and removed all those files. I'm kind of worried about logging into the admin now in case I missed anything.
I dont want my PW being sent off to them.
Could I possibly directly change the password via the md5 pass directly in the database and the salt?
Anyone have an example for the md5 & salt for say password "changeme"
?
Or am I being to paranoid? The pass is used elsewhere so this is why I want to change it directly via the DB and not login once with it and change it.
And will setting the uploads folder to 555 for now allow it to work correctly (show images) and not allow uploads?
I've read some similar posts on this. Basically I have the problem where someone uploaded (actually created a folder) and uploaded about 10 files. Some very large.
They actually created a cgi-bin & php folder within the sub-folder of /forum/uploads/
I caught this pretty quickly and removed all those files. I'm kind of worried about logging into the admin now in case I missed anything.
I dont want my PW being sent off to them.
Could I possibly directly change the password via the md5 pass directly in the database and the salt?
Anyone have an example for the md5 & salt for say password "changeme"
?
Or am I being to paranoid? The pass is used elsewhere so this is why I want to change it directly via the DB and not login once with it and change it.
And will setting the uploads folder to 555 for now allow it to work correctly (show images) and not allow uploads?