MyBB Community Forums
BON Forums was Hacked via SQL Injection - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Community Archive (https://community.mybb.com/forum-106.html)
+--- Forum: Archived Forums (https://community.mybb.com/forum-143.html)
+---- Forum: Archived Development and Support (https://community.mybb.com/forum-155.html)
+----- Forum: MyBB 1.6 (https://community.mybb.com/forum-138.html)
+------ Forum: 1.6 Security Management and Support (https://community.mybb.com/forum-153.html)
+------ Thread: BON Forums was Hacked via SQL Injection (/thread-128993.html)



BON Forums was Hacked via SQL Injection - John Dave B. - 2012-11-08

After for so many days, I thought the malware was found on the jscripts. But, this was hacked via SQL Injection. Please help me guys terminate this malware/virus in my SQL/Database. Thanks! Sad


RE: BON Forums was Hacked via SQL Injection - pavemen - 2012-11-08

first we need to know what is happening and under what conditions. like any showthread, specific showthread, user profiles, a post where a specific user has posted, etc.


RE: BON Forums was Hacked via SQL Injection - borbole - 2012-11-08

(2012-11-08, 09:16 PM)John Dave B. Wrote: After for so many days, I thought the malware was found on the jscripts. But, this was hacked via SQL Injection. Please help me guys terminate this malware/virus in my SQL/Database. Thanks! Sad

Did you ask your host to check their logs and provide you with an answer regarding the point of entry how that malicious sql query was able to be inserted in your db?


RE: BON Forums was Hacked via SQL Injection - John Dave B. - 2012-11-08

YES sir. I ask the host to scan first then give the log of the malicious sql query. Hope this could be solved.


RE: BON Forums was Hacked via SQL Injection - dragonexpert - 2012-11-09

If it was done in the templates which is what I'd think it would be, I'd suggest using the diff tool with templates to find any differences then edit out the malicious code while waiting to find out the source.


RE: BON Forums was Hacked via SQL Injection - John Dave B. - 2012-11-09

(2012-11-09, 12:03 AM)dragonexpert Wrote: If it was done in the templates which is what I'd think it would be, I'd suggest using the diff tool with templates to find any differences then edit out the malicious code while waiting to find out the source.
Okay sir! After I export the database, it has a trojan horse virus.