I've been hacked!! - But how?

N

Nathan

Perch
Thankfully, only my weekly site poll. But, it's an MS SQL database and worrying how someone managed to get into it. Would going through the server logs help identify how they broke in? The approximate time was just before 09 January 2006 at 5:23pm (GMT+2). I'm panicking that my forum, or worse, main site databases will be also hackerable and need to patch them if I have left a stupid opening (probably just a stipid common.inc file with my login details that someone has been able to download!)

The Poll was a free one from WWG and I use the same forum, so I will also post a message there asking for advice.

Thanks for any help you can offer,

Cheers

Nathan
 
Hello Nathan,

Would going through the server logs help identify how they broke in?
Yes, it certainely would. If you have transfer log enabled, you can download your logs and check. Else, open a ticket with the URL and we will help you locate the loophole.
 
Tanmaya, that is an amazing offer of help that I am sure only JH would offer. Way beyond what is required of a Web host.

JH rocks!

I'll open a ticket with the details.

Cheers

Nathan
 
Sounds like it could be SQL Injection, they simply inject SQL queries into another part of your site or even the address bar, they may have learnt about the structure of your databse. The best thing you can do is learn about SQL Injection and defend yourself against it
 
As networx says it is most likely an SQL injection attack. I've written a short article on what they are and how to prevent them here.

As for preventing them now, I'd suggest upgrading your forums as soon as possible. Webwiz forums are up to version 7.97 which includes a lot of security fixes over version 6.34 that you're running.
 
You must log in or register to reply here.
Back
Top