Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MySQL "hack" results in troubles... #1

Open
rudybroersma opened this issue Dec 9, 2012 · 1 comment
Open

MySQL "hack" results in troubles... #1

rudybroersma opened this issue Dec 9, 2012 · 1 comment
Assignees
@rudybroersma

Comments

@rudybroersma
Copy link
Owner

Currently the script "manually" updates the mysql authentication tables using a UPDATE mysql.user query. This is an easy way to set the proper password for the mysql users, but it also brings trouble to the Plesk interface. The link "DB WebAdmin" in the Plesk panel no longer functions and it is not possible to update user passwords using the MySQL interface.

The customer can however delete the user and recreate it. Then all issues are resolved.

Possible solution is to look for mysql login details and try the combinations. This however requires remote mysql access to the source server (which DA has disabled by default) and it also might cause MySQL to block our user/IP..

So for now, no solution..
@ghost ghost assigned rudybroersma Dec 9, 2012
@rudybroersma
Copy link
Owner Author

Possible solution is to search for files containing "config", and include those in something that runs get_defined_vars(). But this is tricky if we're concerned about security because we dont know what code we are executing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rudybroersma rudybroersma

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rudybroersma