General Question About My site

[Mr-Scripts]

Well recently it was hacked things i cant get my head around.

1. the hacker could make a account without having a password ( even though on register you need to fill in all forms password username etc )

No one knows my cpanel or msql passwords and no one else has acess to my pc plus my passwords are 18 long with upper and lower case with symbols

2. he was randomly staff then after i banned him the person came back as a user and did the same even though he was`nt staff he could ban and kill people etc

 

3. [ATTACH=CONFIG]914[/ATTACH]

Points 3 shows and example of what i have in place where every page players use/ and if that put anything after the .php

the guy that hacked it when i clicked on what pages he used none of them where unnormal basically he clicked in game features he did not access staff panels as there protected by htaccess

ive had to take my game down till i get a idea what the person did/ get more time to make sure its secure

Edited April 1, 2013 by Mr-Scripts

[Mr-Scripts]

Code you're using is...

Give us a clue.

its a base game but i dont know what it was orginally called ive just developed it from the source i was given i can provide demo if needed

[Mr-Scripts]

Sure. Let me try and work out what it uses -- may be a known exploit if we can track down the code name / version

Thank you Guest i have private messaged you a link and demo account to use

 

Plus here a link of in game features the hacker used

my_account,profile

[ATTACH=CONFIG]916[/ATTACH]

No password

[ATTACH=CONFIG]917[/ATTACH]

Edited April 2, 2013 by Mr-Scripts

[Mr-Scripts]

seems wired i cant find it any where

[sniko]

Are you on a shared server?