• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

OTS hacking

Sort by date Sort by votes
1: Did you recheck that your phpmyadmin is only accessable from localhost? (Did you test to enter your friends house and try to enter phpmyadmin?)

2: Do you use Gesior ACC? Any Beta release of it?

3: Do you got remote access to the server?

4: If you got remote access to the server/computer your hosting on, what kind of remote access tool do you use?
 
Upvote 0 Downvote
Samik said:
@znote
1. Yes, I tested it and all was working well, but today, these lines of code have been removed and it was 'unprotected' again.
2. Yes, I use Gesior ACC, the newest version for TFS 0.3.5 (v6?).
3. No, I don't use remote access to server (just admin.xml in data/XML directory (allowed for localhost only).
Click to expand...

"these lines of code have been removed and it was 'unprotected' again."
What lines? Did you use the build-in .htaccess type xampp got?

Check if you have dropped the PMA user on your phpmyadmin.

Try to rename phpmyadmin to something else

Enter your tFS server, config.lua, change passwordtype from "plain" to "shal" or "md5".

For maximum security, you can remove all form for access to the phpmyadmin by removing it while not using it.

But I think you used wrong method securing phpmyadmin with.

Also, for maximum security, use TFSCMS and not Gesior. If you want a flawless CMS. But you will miss many functions.
 
Upvote 0 Downvote
Samik said:
PMA user has been protected with password.
If I rename phpmyadmin (in xampp directory) I can't get to database.
Click to expand...

Enter xampp or xampplite

enter apache/conf/extra/httpd-xampp.conf

And you will find this:
PHP: 
    </Directory>

    Alias /phpmyadmin "C:/xampplite/phpMyAdmin/"
    <Directory "C:/xampplite/phpMyAdmin">
        AllowOverride AuthConfig
        Order allow,deny
        Allow from all
    </Directory>

# Access restriction via Remote
<IfModule auth_remote_module>
    <Directory "C:/xampplite/htdocs/fonts">
    AllowOverride All
    AuthType           Basic
    AuthName           "AUTH REMOTE TEST"
    AuthRemoteServer   127.0.0.1
    AuthRemotePort     80
    AuthRemoteURL      /forbidden/
    Require            valid-user
    #User: user / Password: pass
</Directory>
</IfModule>
Here you can easy change phpmyadmin settings. If you change the dir to phpmyadmin, make it example phpmynameadmin or ilovereputation then you can enter apache/conf/extra/httpd-xampp.conf and write the correct phpmyadmin details there and its solved. ^^

Note the remote tool here as well. Not quite sure, but to me it looks like a huge vulnerability. You should make sure to not use the default username and password for xampp's remote tool.

The fact that you didnt know about httpd-xampp.conf file is proof that you secured phpmyadmin in a wrong method. Meaning you used an insecure wannabe "secure" mode for it.
 
Upvote 0 Downvote
It does not work to only reinstall xampp, if they placed the shell in the gesior aac system you will still be hackable. So either you can look for the shell file or you must replace _EVERYTHING_
 
Upvote 0 Downvote
Ahh yeah forgot to mention it. If you are shell'd your in problems. Reinstall the OS or find the shell. :p
 
Upvote 0 Downvote

Similar threads

C
  • Question
Looking for help in configure my ots with windows
Replies
1
Views
159
Lemonice
Lemonice
E
  • Question
Windows RSA question
Replies
4
Views
319
endziu2222
E
L
  • Question
Windows Help me please, someone is making DDOS on my OT.
Replies
9
Views
782
imperianic
imperianic
2
  • Question
TFS 1.5 communication error
Replies
3
Views
343
2057623
2
Back
Top