Jump to content
MakeWebGames

I've been hacked please help


Bennyh789

Recommended Posts

It could be a million different things. One quick way is to download your raw access logs and begin looking. If you don't know what your looking for, then send em to me and I'll take a look.

Or your FTP pass could of been jacked from the millions of viruses programmed to do just that. Then some malicious files were uploaded.

1) Change your passwords.

2) Check the "last modified" date on all your files on your server

3) Download and view the FTP & Access logs

Depending if we find the cause, your scripts may need securing.

Link to comment
Share on other sites

Re-uploading the files will not a help an SQL injection at all. Someone exploited one of your queries because you did not properly cleanse a variable. Never trust the user input. You must strip tags, replace entities and add slashes. If you get me those access logs, I'll find where he "performed" this SQL attack and tell you what you need to patch or secure more.

Link to comment
Share on other sites

someone changed some settings or just an file you used.. to this;

<meta http-equiv="refresh" content="0;URL=http://k-k-k.com/">

if you use this code somewhere in your source.. when you visit that page where the script is used.. you will immediatly be sended to the url is used..

if i was you , i would use a back up of your website and replace the infected files..

and if you cant.. then download your source and use an search program to find these keys/codes

then you will solve it :D so good luck

Edited by H4x0r666
Link to comment
Share on other sites

raw logs show nothing, and sorry to say but that is your own fault! Those issues are being discussed for a few years, and a few ways to fix them are widely spread around here.p

You need help? Sure, someone might give you some help, but you need to open your wallet if you don't know how to do it.

And an advice... There are only a couple of people around here who might do the trick effectively.

Link to comment
Share on other sites

Those can't be the true access logs. They were just from October 3rd, and most were the cron jobs running. The only non cron-job was a login.php hit. So, not much help. Unless your security on the login.php page is poor.

However, seems you got it. Hope it doesn't happen again.

Best of luck.

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...