The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

All posts are erased (((Help)))

Discussion in 'General Discussion' started by DWHS.net, Oct 18, 2002.

  1. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    ((((Help))))

    Hello,

    I went in to our forum and replied to a customers question and when I entered it it said &your are not allowed to view this forum&

    So I logged out and loged in as the main administrator and still no posts, so I wen t to the members list and it had negative symblos next to how many posts they have to the exact just backwards with no visable posts on the board.

    when we went to see the mysql databases it won't let us log in, it says:


    This feature is not available while logged in with root override.


    Please help we have spent a long time building a helpfull support forum for our customers.

    Thank you,

    Charles

    Here is the url to the board:

    http://dwhs.net/hostingforum/index.php

    I also can't log in as the administrator is says password incorrect but it's not.
     
  2. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    We where hacked not to sound rude but I think you should dump xml we only used it for a month and allready hacked.

    I hope the rest of cpanel has better security.

    Thanks
     
  3. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    XML is optional when you run buildapache.. what exactly happened? what is the exploit? do you have a url with more info?
     
  4. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    I already deleted it the guy broke in with admin password username which nobody had but me and deleted all the files and denied permission for anyone to use. the hacker then changed the admin email to sucker@yourhack.com that how we knew.

    It amazed me after only a couple months a hacker can break it so easily.

    I really wish I could delete It from cpanel I don't like offering a substandard program to our customers even for fun.

    I also did some research and people get there xmb forums hacked all the time.

    I didn't think twice about security it seems well made and is included with cpanel.

    For some reason when I try to log onto phpadmin it won't let it says you can't log in with root overide being used.

    Thank you for the interest I'm trying not to be jerk about this but months of lost work can make you bummed out.

    Thanks again,

    Charles
     
  5. JustinK

    JustinK Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    251
    Likes Received:
    0
    Trophy Points:
    16
    From the sounds of it, I think they meant XMB (the forum), not XML. Could be wrong though. :p
     
  6. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    I think there are patches for the version of xmb that is offered through cpanel. Version 1.8 is out, not sure if its out publicly yet. If you don't want to offer it, modify your cpanel theme.. its really that simple.
     
  7. JustinK

    JustinK Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    251
    Likes Received:
    0
    Trophy Points:
    16
    Were you logging into phpmyadmin using the root password or the password for the cpanel account the database was created under? phpmyadmin requires the same username & password for the account you're logging into.

    I'm not too fond of having XMB in the control panel either, especially now that they're offering hosting packages themselves right on their front page.
     
  8. Curious Too

    Curious Too Well-Known Member

    Joined:
    Aug 31, 2001
    Messages:
    427
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    [quote:4311f3acd7][i:4311f3acd7]Originally posted by DWHS.net[/i:4311f3acd7]

    I already deleted it the guy broke in with admin password username which nobody had but me and deleted all the files and denied permission for anyone to use. the hacker then changed the admin email to sucker@yourhack.com that how we knew.

    It amazed me after only a couple months a hacker can break it so easily.

    I really wish I could delete It from cpanel I don't like offering a substandard program to our customers even for fun.

    I also did some research and people get there xmb forums hacked all the time.

    I didn't think twice about security it seems well made and is included with cpanel.

    For some reason when I try to log onto phpadmin it won't let it says you can't log in with root overide being used.

    Thank you for the interest I'm trying not to be jerk about this but months of lost work can make you bummed out.

    Thanks again,

    Charles[/quote:4311f3acd7]

    Did you remove the install.php file after installing XMB? If not, anyone can re-install your board and erase your previous messages and settings.
     
Loading...

Share This Page