Hey, yesterday my forum was hacked and my forum directory was removed!
So, now I re-uploaded a FRESH copy of MyBB, downloaded from the site.
I have a database saved a day before they hack it.
However, I lost the MySQL password of the database, they removed the config.php too, and I didn't have it saved anywhere. How do I get it back now?
In the database, all the tables are still there from my forum.
And I was wondering, do I have to re-upload the database? Because the tables are ALREADY there. However, when installing the new MyBB, will the tables overwrite? If I use the same prefix mybb_
Thanks in advance.
How do you know the tables are there if you don't have a password to access the database?
Ask your host for the password if you don't know it.
Always backups both files and database. The database doesn't contain stuff like avatars, attachments, and such.
Well, you didn't understand what I mean.
My site was hacked because one of my administrators uploaded a shell and gave it to his friends lol. Sounds odd, I know. But I learnt the lesson from this, I can't trust anyone.
So, they gained access to the whole forum, they added even more shells in each directory, and yesterday when I tried to access my site, it says there isn't such a directory 'forum'. I was like wtf. I logged in cPanel and all the files were gone and a message was there, "we owned you, I hope you liked the rm -rf".
I know that the tables are there, because I got access to cPanel and PhpMyAdmin. All the tables are in the database, nothing is corrupted, but I don't know the password of the database unfortunately. Would the host be able to reset it for me or somehow get it?
Anyway, I didn't save a backup of my files, because I was unsure of the files, they might have put a shell anywhere, so I decided to re-upload a fresh new copy of myBB. Don't worry about the attachments, I don't really need them. I got a copy of the images needed
So, what am I supposed to do now? How do I re-install a new copy without overwritting on the current tables, because everything is there already and how do I get the pass? I have a backup of the SQL only, which I downloaded from my forum's admin panel.
(2011-07-25, 10:33 AM)XiluN^ Wrote: [ -> ]I know that the tables are there, because I got access to cPanel and PhpMyAdmin. All the tables are in the database, nothing is corrupted, but I don't know the password of the database unfortunately.
That's just the thing, usually you don't get to see the database if you don't know the password. phpMyAdmin and cPanel usually require you to enter the password your self. So something is odd here, maybe you saved the password in your browser?
(2011-07-25, 10:33 AM)XiluN^ Wrote: [ -> ]Would the host be able to reset it for me or somehow get it?
If the cpanel has no option to reset the password you have to ask your host, yes.
Quote:How do I re-install a new copy without overwritting on the current tables, because everything is there already and how do I get the pass?
Make sure to check your templates as they can contain backdoors too (fix or at least a warning for that is upcoming in MyBB 1.6.4). Check also for hidden administrator accounts.
Also, reset all passwords. Or at least the login / post keys. Since the hackers had access to your database they may just be able to hack you again in some way (knowing the login key lets them produce a valid session cookie without actually knowing your password, and with admin/mod permissions they can then proceed to delete threads and such).
It's an ugly business getting hacked.
Yes, I would reset everything, after I get the things going on and install the forum.
The cPanel DOES require a password (I know it), but not for the database one. The PhpMyAdmin is not password protected.
The templates may be backdoored, as you said, that's why I install a new fresh MyBB copy.
The only way to change the password of the database is by knowing the old one.
Anyway, my current problem is, I am not sure what to do. I uploaded a fresh MyBB copy to my website, do I install it with new database or wait for host to get the old db pass which contains all the tables of my forum.
(2011-07-25, 10:52 AM)XiluN^ Wrote: [ -> ]The templates may be backdoored, as you said, that's why I install a new fresh MyBB copy.
I was talking about the templates that get stored in the database, which you were asking to keep if I understood you right.
Ask your host for mysql password as you can not use the database without one.
(2011-07-25, 10:56 AM)frostschutz Wrote: [ -> ] (2011-07-25, 10:52 AM)XiluN^ Wrote: [ -> ]The templates may be backdoored, as you said, that's why I install a new fresh MyBB copy.
I was talking about the templates that get stored in the database, which you were asking to keep if I understood you right.
Ask your host for mysql password as you can not use the database without one.
You're right! I just submitted a ticket, waiting for answer now.
After I get the password, do I use the same database details as before or just install a new database?
And which templates are stored in the SQL? I never knew it.
This time, just make sure every details and passwords are new.
Do change login keys, force logout everyone.
Install new MyBB, make sure you upload remaining files needed by your plugin.
Then proceeding uploading old database back up.
My host told me to create a new user for the database? Is it okay?
Anyway, I overwritten the tables already, nobody here is enough knowledgeable to help me I guess. I think this is a waste of time posting in this thread anymore.
A mod feel free to close this or delete and ban me.
Thanks.
Of course. Just make sure you change the database user in ./inc/config.php too.