security issue

[seachen]

recently my client forum hacked by hacker. i dont know how he do that.

may i know the code below can export the mysql info?

Code for include file from others…



<?php

include ("../../../../../../../../home/tarcian/domains/tarcian.com/public_html/config.inc.php");

echo $dbhost, $dbuser, $dbpw, $dbname

?>

i guess he enter my forum from phpmyadmin. coz he get my mysql username n password.

 

[iceuk626]

1. If he has a account on the same server as you and the server isnt using open_basedir or it isnt setup properly, then yes he can use the script.
2. If the chmod is wrong on the config file i.e 777 then he doesnt even need the script, its world viewable.
3. If there is a exploit in the forum script you are using.
4. If you have some sort of upload script on your site and it allows upload of .php extenstions.

These are just a few to be getting on with.

 

[walleed222]

does mod_security stop inclusion like that and any filter do this?

 

[andyreed]

does mod_security stop inclusion like that and any filter do this?

You can get Mod Security rules from gotroot.com to do that.

 

[walleed222]

You can get Mod Security rules from gotroot.com to do that.

thanks it is helpfull site , but does many rules increase the cpu?