sunshynecraftsbeads Posted July 26, 2011 Posted July 26, 2011 Hi, I think I have just been hacked. First the top of my website has disappeared. It was okay a half hour ago so this has just been done. I was working on one of my pages because the page had a error "page not found" and while I was trying to correct this, someone pulled their black magic. I do have the following security addons; Anti Hacker Login V1.0 Security Pro 2.0 Site Monitor 2.9 IP V5 Virus & Threat Scanner I am using version 2.3.1 I tried to restore a backup from my admin from a backup I did earlier today and now I am getting the following message; 1146 - Table 'sunshyn1_osc1.sessions' doesn't exist select value from sessions where sesskey = 'c864172704e211aaad5c206e9b7d617b' and expiry > '1311653613' [TEP STOP] Any help or suggestions would be greatly appreciated. Thank you kindly in advance Tracie
sunshynecraftsbeads Posted July 26, 2011 Author Posted July 26, 2011 Sorry, now I am unable to get into my website admin. I get the same error as above. Thank you Tracie
Taipo Posted July 26, 2011 Posted July 26, 2011 It is difficult to assess what the hack is unfortunately. There are other reasons why the 'top of a website' can disappear without it being an intrusion attempt, the most obvious being something you accidentally did yourself while working on the site. Other than parts of the template not functioning correctly, what other symptoms did you see that made you think that your site had been hacked? ps that error above is related to what looks like a failed attempt to restore the database rather than something that might indicate your site has been hacked. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX
sunshynecraftsbeads Posted July 26, 2011 Author Posted July 26, 2011 Hi Te, Thank you kindly for your reply. I was working on adding a page to my site when this happened and all of a sudden the heading was gone. I was not working on any of the files other than my sizechart.php. I was checking my website and notice that there was a page not found (sizechart.php) so I was working on that. Then all of a sudden I went to refresh my page and the whole top portion was gone. When I was able to get into my admin I tried doing a restore for yesterday and then I got the second message and then I could not get into my website admin either. Do you have any suggestions ? Should I unzip my backup from yesterday and upload my public_html and see if I can recover everything ? Thank you in advance for any assistance you can provide. Thank you in advance Tracie
Taipo Posted July 26, 2011 Posted July 26, 2011 The error above is a database error so uploading php files will probably not fix the error. Table 'sunshyn1_osc1.sessions' doesn't exist This literally means what it says, osCommerce cannot find the table in your database called sessions. Try restoring your database again and note any errors during the restore. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX
sunshynecraftsbeads Posted July 26, 2011 Author Posted July 26, 2011 Hi Te, I am unable to restore my database again because I can not get into my website admin. I have uploaded my Restore a MySQL Database and there was no errors when I did so. I get the following Restoring Database The database (sunshyn1_osc1) already exists! -- MySQL dump 10.11 -- -- Host: localhost Database: sunshyn1_osc1 -- ------------------------------------------------------ -- Server version 5.0.91 with a very long page of information regarding my website. I have no idea what all the information means. All I know for sure is when I try to sign in to my website.com/XXXX/login I get the same error as when I try to pull up my website. Is there something else I can try? I am not very knowledgeable about this kind of thing but will try my best to do anything that you can suggest to get me up and running again. Thank you in advance Tracie
sunshynecraftsbeads Posted July 26, 2011 Author Posted July 26, 2011 I have this message now on my website 1054 - Unknown column 'hostname' in 'field list' insert into whos_online (customer_id, full_name, session_id, ip_address, hostname, time_entry, time_last_click, last_page_url, http_referer, user_agent) values ('0', 'Guest', 'c864172704e211aaad5c206e9b7d617b', '70.68.122.29', 'S0106001cc0e861ed.vf.shawcable.net', '1311661358', '1311661358', '/', 'http://sunshynecraftsbeads.com/default/index.php', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110420 Firefox/3.6.17 ( .NET CLR 3.5.30729; .NET4.0C)') [TEP STOP]
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.