yeah recently, people have hacked my site, and I would want to know how.
They uploaded this php virus, but the thing was.. its pretty impossible to locate the location of the files.
Example:
http://forums.u-no.info/index.php?app=c ... ach_id=174
Is actually
http://forums.u-no.info/uploads/monthly ... 122874.jpg
How did they crack it, and what program? how do you find it out? Please help me.
I want to back trace and where the php is located.
It's IPB 3.0.x
Help. About IPB v3.0 Forum Upload [Solved]
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 18
- Location: In your eye floaters.
- Contact:
hmmm.....when it's stored in the database: I am not sure if a RFI can be done with a SQL query as target URL...
but if it is possible it points more to a severe MySQL server misconfiguration than to a flaw in the IPB platform itself, because usually the escape sequences added by MySQL make it impossible to use the "script".
but well, as I said in my 1st post: do you have access to the logs? without them it will be very hard (if not impossible) to find out what happened.
but if it is possible it points more to a severe MySQL server misconfiguration than to a flaw in the IPB platform itself, because usually the escape sequences added by MySQL make it impossible to use the "script".
but well, as I said in my 1st post: do you have access to the logs? without them it will be very hard (if not impossible) to find out what happened.