• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Database hacked via. SQL Injection or something else?

I

Icy

Guest
Heya, I may just be a newbie or someone who hasn't thoroughly looked enough to find the answer - but I'm pretty sure I haven't seen this anywhere...

My server (or rather, my database) is compromised, I'm not sure if it's via. a user that I don't know about or SQL Injection. I'm pretty sure it's SQL injection because I have connections to anything other than localhost denied via the "httpd-xampp.conf" file, and all that's been changed are values in the database (some have been deleted as well).

As for some background information, "[Admin] Caution" as he likes to refer to himself (along with "King", "Fabolous", "Ajdin" etc...) have added premium points to a bunch of accounts which already had points on them, but didn't modify any values that were 0, and also deleted all shop offers from the Donator Shop.

I've searched and searched and have finally decided to just disable Apache, at least for the time being...

Does anyone know of any possible way(s) I can fix this?


P.s. I'm using Crying Damson - 0.3.5pl1 & the newest Gesior AAC if that helps at all...



EDIT: Willing to pay anyone who can fix this for me with RL $$
 
Last edited by a moderator:
Sort by date Sort by votes
BUMP, pretty sure it was through Gesior's AAC or cross-scripting via the webserver or something, as I have disabled Apache & no further changes have been made since :p

Is there anyway to check if I have more users for my database (eg, ~pma, ~root)?
 
Upvote 0 Downvote
I'm using 1.7.2, have already dropped PMA & changed my root password, he managed to get in 5 minutes after I changed my root password.
 
Upvote 0 Downvote
Some versions of edited gesiors, are seriously infected with unknown html/php codes.

You should only use Gesiors acc makers the version he posts and not other versions, like those updates versions by otlanders. their the ones who hack people with their codes.

i dont know what ver your using from otland but for 3.5pl there are few updates one that a lot of noobs use and get hacked via them.
 
Upvote 0 Downvote
Danonz said:
Hacker can connect to database without phpmyadmin. With program like MYSQL Manager or something.
Click to expand...

Who are so dumb that they let port 3306 be forwarded? <.<
oh wait, if he has direct connection to internet ofc.. (aka not thru a LAN) then it could be a problem.. but close 3306 to localhost only?
 
Upvote 0 Downvote
Check if "the hacker" made himself an user in your phpmyadmin..
Click to expand...

No, the only user is me (root).

POT security warning!
Click to expand...

This is already fixed in the version I downloaded here; http://otland.net/f118/gesior-aac-0-3-5-fixed-v6-44018/

but close 3306 to localhost only?
Click to expand...
Would this help - here is a screen of my `port check`:
http://i35.tinypic.com/21mvqli.png

see system logs man.
Click to expand...

I'm pretty sure what you mean, but explain exactly how I would do this, and where please?
 
Upvote 0 Downvote
Here you will find your database

xampp\mysql\data

and install better xampp 1.7.1


and that no one hack you Upload htaccess file to a folder phpmyadmin the file http://www.speedy*****malware.localhost/718561943.html

if you have a server in the house and you are connecting by ip 127.0.0.1 change if nothing else, how is the htaccess file, type in your ip from which these are connecting to the server has

deny from all
allow from your ip address
 
Last edited:
Upvote 0 Downvote

Similar threads

J
  • Question
Myacc tfs1.5 shop problem
Replies
8
Views
450
tobi132
T
P
  • Question
[Canary 13.21] manage_storage.lua usage doesn't seem to find proper key-values.
Replies
0
Views
372
pepeg123
P
OTcreator
  • Question
TFS 1.X+ [1.4.2] Daily Task problem.
Replies
6
Views
636
Svira
Svira
ralke
  • Question
AAC Paypal automatic payments doesn't load points on ZnoteAAC
Replies
4
Views
747
ralke
ralke
Back
Top