 |
|
| View previous topic :: View next topic |
| Author |
Message |
stevelamb
Guest
|
 Posted: Mon Mar 31, 2003 1:56 am Post subject: |
 |
|
We've been hacked twice now in the last week. First time they added a new story on the home page - an anti-war message. The second time an anti-war message again, but this time replacing an existing story. How are they doing this and what can I do to stop it? We have .htaccess on our phpMyAdmin and we're not hosting ourselves - we use a web host.
We're using phpnuke 5.6 and have modified many parts of it so can't really upgrade.
thanks
|
|
| Back to top |
|
 |
|
|
|
chatserv
President
Joined: 19 Aug 2001
Posts: 3258
|
|
| Back to top |
|
|
stevelamb
Guest
|
| Posted: Mon Mar 31, 2003 7:35 am Post subject: |
|
|
Hi
Thanks for quick reply.
Is it just that first bug fix, the change to line 35 in index.php? can you explain to me what it means?
thanks again |
|
| Back to top |
|
|
chatserv
President
Joined: 19 Aug 2001
Posts: 3258
|
| Posted: Mon Mar 31, 2003 8:59 am Post subject: |
|
|
| The hack that was being used to alter site stories basically converted the $score variable into a sql command to alter story titles and content, adding a integer value check to the score variable attempts to make sure nothing besides a score value is used. |
|
| Back to top |
|
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
Forums Index
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
