My admin password got hacked on horsehockey!
I can change it on the mysql backend, but I don't know how the passwords are encoded. Little help?
[EDIT: Searched the board and found a resolution. changed password field to varchar and updated admin password with sql statement]
Need(ed) Help Quickly! (and got it!)
Moderator: Extend-A-Story Moderators
- lordreaibn
- Posts: 313
- Joined: Fri Mar 31, 2006 3:31 pm
- Contact:
-
- Posts: 88
- Joined: Sat Aug 19, 2006 4:34 am
- Location: Evansville, IN
- Contact:
- Sir Toby
- Site Admin
- Posts: 413
- Joined: Sat Apr 26, 2003 3:42 pm
- Location: Portland, Oregon, USA
- Contact:
I am glad you found the information you needed to get everything working again. I am also curious as to what happened. If there is a security hole in Extend-A-Story, I'd like to get it fixed. Of course, it is also possible that your host simply upgraded the version of MySQL they are using and you got bit by bug # 9.
Are you running the latest version of Extend-A-Story (version 2.2.0)? I've found some SQL injection vulnerabilities in older versions of Extend-A-Story, so I strongly suggest running the latest version to keep yourself protected.
In any case, I am curious to find out more about what happened if you have more information available. If you don't want to post the details publicly, feel free to email me directly.
Are you running the latest version of Extend-A-Story (version 2.2.0)? I've found some SQL injection vulnerabilities in older versions of Extend-A-Story, so I strongly suggest running the latest version to keep yourself protected.
In any case, I am curious to find out more about what happened if you have more information available. If you don't want to post the details publicly, feel free to email me directly.