MyBB Community Forums
My website was SQL Injected. - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 Security Management and Support (https://community.mybb.com/forum-153.html)
+------ Thread: My website was SQL Injected. (/thread-104725.html)

Pages: 1 2 3


My website was SQL Injected. - Alternate - 2011-09-26

Hi, earlier today I was on my website and then it said it was defaced and I was deowned from using it. The screen came up black with a defacing message saying something like; "You've been hacked by ____ himself, go cry". I was talking to the hacker earlier today and he was threatening to dump my whole database on HackForums, he already created a thread in HackForums and he was about to post it. He fortunately talked to me for a while and I persuaded him not to do so, also he gave me Administrator. I attempted to delete him from power and got some high up HackForums members to do so to. They couldn't do it, he basically owns the site now. He's apparently got my passwords to everything, my whole database and I checked the administration log and he's downloaded my back-up database too. I'm affraid that he could possibly get my passwords to my Xbox, Paypal and my hotmail account if he somehow looked into my ownership. Is there any possible way of taking leadership again and blocking him out from the website? He's actually done an SQL Injection attack and deleted my account. He created me a new one though, he's created numerous links for him to get himself back in if something happened.

I spent a lot of time working on getting that website up and running and he mentioned that I had terrible security which possibly was correct, I don't know how to improve my security and I don't want to lose my website due to a short-standing HackForums member. Please give me some advice and how I can get rid of him for good. Also is it possible for him to actually get my account information from other websites and everything just from getting into my owner account.

URL; http://uzi-gaming.com/

NOTE: He doesn't have permissions to view the cPanel or access it at all, also he hasn't ratted/key logged me.

Thanks a lot.


RE: My website was SQL Injected. - dragonexpert - 2011-09-26

If you have the passwords to other things stored in your database, I would recommend going into PHPMyAdmin and deleting them. If you are able to get his IP, use the Ban By IP in the Admin CP. If it won't let you, use a .htaccess file to deny access to the site with his IP.

I'd recommend changing the password on the account he created for you. Edit the /inc/config.php file and change the super admin line to whatever uid you now have and make sure his uid is not in there. Also check every instance that you grab data and escape it before it gets used for a query.


RE: My website was SQL Injected. - Alternate - 2011-09-26

Thanks man, I need to find the information to my cPanel firstly though. Also is it possible to gain leadership back? What if he changes his IP or uses a proxy, he'll be able to get back in again?


RE: My website was SQL Injected. - jsebean - 2011-09-26

is this a mybb security problem?


RE: My website was SQL Injected. - House123 - 2011-09-26

HF skidd, anyways, deactivate all plugins because you prolly got hacked by sql vulnerable plugin... force users to change their passwords... change your password to something with big and small letters and numbers so if he get your database again he wont be able to decrypt the password.. also check you computer for viruses... skidds usually steal/log your ftp/forum/cpanel passwords and then deface your site...


RE: My website was SQL Injected. - dragonexpert - 2011-09-26

(2011-09-26, 09:38 PM)Alternate Wrote: Thanks man, I need to find the information to my cPanel firstly though. Also is it possible to gain leadership back? What if he changes his IP or uses a proxy, he'll be able to get back in again?
Once you log into PHPMyAdmin run this query
UPDATE mybb_users SET usergroup='7' WHERE uid='put his uid here'
Rebuild the ban cache and it should have his account banned.


RE: My website was SQL Injected. - House123 - 2011-09-26

(2011-09-26, 09:38 PM)Alternate Wrote: Thanks man, I need to find the information to my cPanel firstly though. Also is it possible to gain leadership back? What if he changes his IP or uses a proxy, he'll be able to get back in again?

contact your host and tell him what happend, let him check for root scripts that might have been installed by "hacker"... I advise you to delete all files, create a sql dump of the forum reupload clean mybb files and configure them... and everything else that needs to be uploaded.. you can gain leadership by setting admin gruop as yours in phpmyadmin


RE: My website was SQL Injected. - Alternate - 2011-09-26

Nevermind, my website's done now..


RE: My website was SQL Injected. - Everett777 - 2011-09-26

Isn't this like illegal? Couldn't you like call the police or something?


RE: My website was SQL Injected. - sunjava1 - 2011-09-26

You are using mybb 1.6.4 ???