Location: Asia Pacific, Cyberspace, in the Dark Dystopia
Posts: 19,118
Thanks Given: 2,351
Thanked 3,359 Times in 1,878 Posts
Revive Ad Server MySQL Injection Attack
No rest for the weary, a Revive Ad Server I am responsible for experienced a MySQL injection attack due to a vulnerability uncovered in the past few months. I was busy developing Vue.js code for the forums and thought to myself "I will get around to upgrading to Revive 4.2.0 (supposedly the not-vulnerable version) when I get further down-the road developing my Vue.js project". After all (sarcasm assured), why upgrade to mitigate a security vulnerability in a "working PHP 5.6 version of Revive" when upgrading to Revive 4.2.0 also requires an upgrade to PHP 7.0?!"
Then, of course it happens. No good deed goes unpunished, as they say; and while I was busy 12 hours a day coding in Vue.js, some "person with no life to speak of" injects very nasty adware into the DB. Here are the SQL table entries from the hacked server in the vulnerable append and prepend tables in Revive, which I never use anyway, injected with this very nasty adware.
This adware pulled down a lot of code and really damaged the ad server and also the search engine rankings because of the adware in the browser. Strangely, Google Webmaster Tools did not detect this. which is quite a shock, but there you go. Google Search really punished the site for the injected adware but on the other hand, GWTs did not detect it. Hmmm.
Here is what the "low lifes" injected:
I think I need to move off the Revive Ad Server, because this is the second time in around six years that the Revive software has been found to have an SQL injection vulnerability that also caused me a lot of time wasted and damage to our "search engine reputation and integrity".
The last time it happened was a few days before New Years many years ago when I was on vacation in Bali scuba diving with this very cool Japanese women I used to know and the entire holiday was ruined because of it.
People who do not operate on the web have little idea of how much work it is to keep the engine running smoothly, 24x7, so others can enjoy the web !! )
Thank you in advanced,
I had a Buffalo DUO crap out on me that was setup as RAID 0. I dont belive it was the drives but rather the controller in the DUO unit. I bought another external HDD enclosure and was able to fireup the two older DUO drives in it and I think I resembled the RAID... (12 Replies)
Gd evening
I am trying to run my website made in php-mysql on a HP-UX system but dont know how to install and run services of Mysql.
Kindly provide appropriate solution.
thanks in advance. (1 Reply)
Hi Friends,
This is logs of my mail log:
mail for yahoo.com.tw is using up 4001 of 6992 active queue entries : 1 Time(s)
mail for yahoo.com.tw is using up 4001 of 7018 active queue entries : 1 Time(s)
mail for yahoo.com.tw is using up 4001 of 7072 active queue entries : 1 Time(s)
... (1 Reply)
Hello,
a few days ago (June 19) a server that I manage has suffered an attack.
Analyzing the log I discovered that there were several attempts to access a web scanner called w00tw00t.at.ISC.SANS.DFind
I set the firewall to prevent further visits from this scanner.
The problem is that the... (3 Replies)
Hello
Please advise me how can I optimize my MySQL server. Or advise which way to look. Maybe someone had similar problems?
Over the past two weeks the MySQL server dropped 2 times. I began searching for ways to optimize the server.
Overall the picture like that:
There is a separate... (2 Replies)
Hi, we have some problem with mysql high cpu , would like some help with MySQL Tuning
here are the mysqltuner & tuning-primer details
mysqltuner:
# mysqltuner
>> MySQLTuner 1.1.1 - Major Hayden <major@mhtx.net>
>> Run with '--help' for additional options and output filtering
--------... (1 Reply)
Hi everyone,
I have an urgent requirement to get some table data from Linux-MYSQL server from HP-UX with oracle database.Is there any way we can get
connected through Shell script from HP-UX and issue select on mysql to get some table data?
Please help me out. (7 Replies)
heloo
today i have DDos Attack in my server
what is the better way to secure my server from DDos Attack
i use CentOS 4&5
i try every firewall and talk to softlayer - iweb i've Tried every possible solutions but I can not find a solution to the problems
Give Me The best way plzz (4 Replies)