1
marijun
one of my sites got hacked :(
  • 2005/9/8 6:01

  • marijun

  • Just popping in

  • Posts: 53

  • Since: 2004/6/4 1


yeah, i know, its probably my fault for not upgrading...it was running 2.0.9.2 i think. i did have the protector module installed though and it appears to have done its job well for a few minutes anyway.

i found this in the error log:
[Thu Sep  8 00:17:34 2005] [errorPHP Warning:  mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/include/precheck.inc.php on line 16
[Thu Sep  8 00:17:33 2005] [errorPHP Warning:  mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/include/precheck.inc.php on line 16
[Thu Sep  8 00:17:33 2005] [errorPHP Warning:  mysql_result(): supplied argument is not a valid MySQL result resource in /home/centaur/public_html/modules/protector/class/protector.php on line 485


anyone know what that means?

this is from around the same time as the hack happened, so i assume this had something to do with it. i posted a news article just a few minutes before, and i went back about an hour later to find the site hacked.

here's the busted site, if anyone's interested - http://www.halfmanhalfhorse.com

it appears as though almost all the default XOOPS tables have been deleted from the database. i emailed my host and asked for a backup, so hopefully they have something mroe recent than i do. until then, i'm just curious as to what happened. any ideas, guys?
Marion Morris
Gravity Squared Media - The Science of Design
http://www.gravitysquared.com

2
WarDick
Re: one of my sites got hacked :(
  • 2005/9/8 6:27

  • WarDick

  • Just can't stay away

  • Posts: 890

  • Since: 2003/9/13


Have you actually looked at your database?

It does not look hacked to me.

It does look broken though.
Urging XOOPS to be the Best It Can Be.
Richard......

3
brash
Re: one of my sites got hacked :(
  • 2005/9/8 6:36

  • brash

  • Friend of XOOPS

  • Posts: 2206

  • Since: 2003/4/10


What operating system and web server is you server running?
IT Headquarters
Innovative IT Solutions

4
marijun
Re: one of my sites got hacked :(
  • 2005/9/8 8:18

  • marijun

  • Just popping in

  • Posts: 53

  • Since: 2004/6/4 1


oh yes, i'm quite sure the tables are gone. not all of them though, just the last 10 or so (xoops_profile_category through xoops_users). it stopped at xoops_protector.

it hasn't been defaced, just deleted tables.

here's my server stats:

linux (that's honestly all i know lol)
php 4.4.0
mysql 4.0.25
apache 1.3.33
Marion Morris
Gravity Squared Media - The Science of Design
http://www.gravitysquared.com

5
khana
Re: one of my sites got hacked :(
  • 2005/9/8 9:00

  • khana

  • Just popping in

  • Posts: 15

  • Since: 2005/1/11


Hi,
i dont know whether this is Hack.
but a lot of errors of your SQL data are cached on google
/modules/pbboard/privmsg.php?mode=post&u=218
phpBB 
Critical Error 

Error doing DB query userdata row fetch

DEBUG MODE

SQL Error 
1146 Table 'centaur_xoops.xoops_session' doesn't exist

SELECT u.*, s.* FROM xoops_session s, xoops_users u WHERE s.sess_id = '
(--numbers--)' AND u.uid = 0

Line : 93
File : /-yourdir-/modules/pbboard/includes/sessions.php

Your data table had been breaking before you log-in.

6
marijun
Re: one of my sites got hacked :(
  • 2005/9/8 21:47

  • marijun

  • Just popping in

  • Posts: 53

  • Since: 2004/6/4 1


i dunno about that, it was working fine up until last night. (that error is due to the fact that the xoops_session table was one that was indeed deleted)
Marion Morris
Gravity Squared Media - The Science of Design
http://www.gravitysquared.com

7
khana
Re: one of my sites got hacked :(
  • 2005/9/9 10:23

  • khana

  • Just popping in

  • Posts: 15

  • Since: 2005/1/11


Sure, the error in my above comment was because there are already no
xoops_session table etc.
and there are still some possibilities...
but i guess, are the errors cached on Google "when"?

The above error of pbboard is actually displayed on Google like this.
(seaching by "Your directory path". -yourdir-/ is your directory)
Warning
Warning
mysql_select_db(): supplied argument is not a valid MySQL-Link resource
in 
/[b]-yourdir-[/b]/modules/protector/include/precheck.inc.php on line
14 Warning
mysql_query(): supplied argument is not a valid MySQL-Link resource ...

General error Couldn't obtain category list. DEBUG MODE SQL error ...
Couldn'
t obtain category list. DEBUG MODE SQL error 2002 Can't connect to local
MySQL server through socket '
/var/lib/MySQL/MySQL.sock' (2) SELECT c.cat_id,
c.cat_title, c.cat_order FROM xoops_pbb_categories c, xoops_pbb_forums f ...


your SQL server connection seems to have been some problem since before.
When if some connected error broke the tables, and anything did not try restoring,
your latest post might be breaking the tables more.

Please check:
the log of the protector
the setting of the protector
the connection setting of your MySQL host server
MySQL connection setting on your PHP host side
e.t.c.

Login

Who's Online

420 user(s) are online (349 user(s) are browsing Support Forums)


Members: 0


Guests: 420


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits