Results 1 to 2 of 2
  1. #1
    Join Date
    Nov 2013

    Server/SQL compromised questions

    One of my friend's file directories was compromised. We believe it was via vulnerabilities in wordpress. We're still trying to discover any shell scripts etc and investigate just how it occurred.

    We're recommending the friend dump everything in the file directory and start fresh without wordpress. As the friend has a vbulletin forum, he'd like to use a fresh SQL database but restore specific tables relating to users, forums & threads. Every other table would be dumped and a fresh one used. The vBulletin file directory would be a complete fresh copy downloaded from the member area.

    If somehow the vBulletin users/forums/threads tables have had malicious code inserted into them etc, how big of a risk would the friend be at in your opinion of being further harmed? Could an SQL injection give them rouge access to the friend's file directory or would just the SQL be affected? I'm aware you can make forum admin accounts etc in the SQL and do considerable damage, but we'd take preventative steps in the FTP directory so they still couldn't access the adminCP or find it even if they had SQL access.
    Last edited by A Goat; 01-31-2014 at 12:04 PM.

  2. #2
    If you are having linux server, I would suggest you to scan your complete account for malwares using commands like maldet
    If you found any malwares, remove it. Next step would be allowing IP based access to your admin area. Also make sure that you are having the latest version of the software installed. If you install themes/plugins , make sure that you get it from trusted source.

    If your db is completed infected, It is not recommended to use it again as it depends on the codes that are injected.

Similar Threads

  1. Database Compromised By Blind SQL Injection
    By M Bacon in forum Web Hosting Lounge
    Replies: 3
    Last Post: 03-29-2011, 01:50 AM
  2. Questions about plesk and SQL Server -vs- SQL Server "Express"
    By mrzippy in forum Hosting Software and Control Panels
    Replies: 3
    Last Post: 10-24-2008, 08:08 PM
  3. New Server compromised
    By Virtuoso Host in forum Hosting Security and Technology
    Replies: 12
    Last Post: 06-27-2008, 01:01 PM
  4. server compromised?
    By lkbryant in forum Hosting Security and Technology
    Replies: 9
    Last Post: 10-21-2005, 05:01 PM
  5. MySQL & SQL Server Questions
    By gtpspeed in forum Web Hosting
    Replies: 3
    Last Post: 08-27-2000, 05:40 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts