My database does not have a password field?

TootsieRoll · January 12, 2015, 12:19:07 AM

If there is anyone out there that has had this problem then please write me. My forum has become overrun with spam bots. Somehow I think they were able to give themselves administration privillages and wiped out all the passwords. None of the members passwords work and when I set up new accounts... All I get is a message that I have exceeded my tries to figure out the correct password. When I go into the php admin to look at members it doesn't have a password area that I can hash (whatever that means) I hope someone will come to my rescue soon... Should I turn off the forum and try to put it in maintenance mode? that is the only thing I haven't tried. I keep getting 1 or 2 new bots every 10 minutes. Thank you in advance whoever can figure out this one.

TootsieRoll · January 12, 2015, 12:50:50 AM

NO one out there that can help me... I don't want to lose my forum

margarett · January 12, 2015, 05:20:39 AM

Please, please... Do NOT bump your topic within minutes.

First of all, you should take out your forum. You were probably hacked so follow this
http://wiki.simplemachines.org/smf/I_think_I_have_been_hacked
Especially the section "Shutting down your Linux/Apache site"
Or ask your host to do it for you. You should no content with this but your forum will go down for some time.

Then, check your database via phpmyadmin, table smf_members, column "password". Are there values in all members? It should always be a 40-characters string.

Kindred · January 12, 2015, 08:05:25 AM

and then:
http://wiki.simplemachines.org/smf/I_accidentally_lost_my_admin_account!_What_can_I_do

and finally:
http://wiki.simplemachines.org/smf/Spam_-_my_forum_is_flooded_with_spam,_what_can_I_do

TootsieRoll · January 12, 2015, 12:43:42 PM

This is the code I found when I opened .htacess

<Files *>
   Order Deny,Allow
   Deny from all
   Allow from localhost
</Files>
RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml

Kindred · January 12, 2015, 01:09:27 PM

wait... does your forum even RUN with that htaccess? According to those lines, your site should not even be processing php files

TootsieRoll · January 12, 2015, 05:19:09 PM

that is the file. I can get more through FTP
I have no access and the administration password does not work
and the admin program was used and I can see that I am an admin
but only from the outside. All the forum names and email address are
exposed to any guests now. I can give anybody who wants to try to see what I am talking about
access.

margarett · January 12, 2015, 05:27:56 PM

You should take out your forum while you investigate...

TootsieRoll · January 12, 2015, 08:47:18 PM

investigate what? I am not able to log in to the site even as an administrator.
it will not accept any passwords. Which is what this thread is supposed to be about.

I looked at the FAQs before I wrote this. I am following the procedures for backup
and re-establishing a new forum but what I want to know is:
can anyone log on? or am I the only one locked out?

Kindred · January 12, 2015, 08:58:26 PM

Check that your account has the correct email address, in the database and then use the reset password function.

margarett · January 12, 2015, 08:59:54 PM

If you are the only admin, most likely your account was the only affected.
In the wiki article Kindred pointed you there is a trick to regain access to your account.

TootsieRoll · January 15, 2015, 05:45:56 PM

No one can get in. I have used all the passwords for all the admins. I have changed the password like some programs have suggested. I can not get in temporarily and I can not get in period. So I cannot fix what is wrong. If anybody has any fool proof method of changing the database admin password then I am all ears. It seems like there isn't even a catergory for admin anymore but it doesn't matter no one can log in however, it seems like there are more than one bots that have administrator access so they can't be stopped. I have a new forum as a test forum all ready to go but the database is too large for my server. Besides I do not know how to set the test forum up so I am locked out and all my members are locked out and who knows what is going on inside my forum. None of the backups seem to work either. Can somebody please help me I'm desperate.

margarett · January 15, 2015, 06:08:27 PM

Please PM me your cPanel login details.

TootsieRoll · January 15, 2015, 06:59:00 PM

I sent the information you requested but do not have a record of it in my outbox. I hope you got it.
if you didn't please leave that message here so I can send it to you again.

thanks,
tootsie

TootsieRoll · January 15, 2015, 07:22:22 PM

I think I sent you an email instead of a PM
again, I hope you got what you needed. Please let me know if you did (PM me)
if you didn't I can send again. I looked in my PMs and the messages don't seem to be there
so I am not sure you are getting my PMs
thank you for doing this for me.

margarett · January 15, 2015, 08:00:02 PM

I could not find evidences of any hack.

Your problem were 2 wrong settings in "settings" tables: cookie time was set to -1 and "failed login threshold" set to 0 (which caused the "Sorry, you are out of login chances")
There are only 2 admins in the forum (ids 1 and 2). I was able to restore the password for the account you were trying to use and it worked fine (after I fix those 2 settings)

Your attachments folder was also moved, I restored it and attachments are now working fine.

What you have is a spamfest... As soon as the forum went up, the user "Neemanaeply" immediatelly created a spam post. And he had dozens of those... I deleted this account and its posts. But there are lots of others.
I also noticed that you have 149 members waiting activation. This is *NOT* how to deal with spammers...
This --> http://wiki.simplemachines.org/smf/Spam_-_my_forum_is_flooded_with_spam,_what_can_I_do is. Check it, put some good Q&A in place and you'll see it improving

Your captcha is quite cute, though

I wonder why it's ineffective?

And I updated it to 2.0.9 (patch, 3 clicks

)

Good luck

TootsieRoll · January 15, 2015, 10:08:38 PM

Thank you for getting my forum up and running... in my haste I thought I was deleting all members who had joined in the last 10 days...but I actually deleted all of about 17 members instead of the 400 that have registered. Is there a way to get those members back because I am sure their profile has an avatar and many posts attached. Is there a way I can load an old members into my phpadmin database? or am I just out of luck?

margarett · January 16, 2015, 02:52:43 AM

No, there isn't. You should restore a database backup of before that operation. If you don't have one, ask your host, maybe they have one

Antechinus · January 16, 2015, 05:36:04 AM

Ah. This is a rather different question to what was asked in the other thread.

Short version: if you have a backup it's possible to split out some data and import only that, but it's not necessarily simple, depending on exactly what you want to do.

Importing the whole thing is much simpler. Either way, you still need a backup of the db.

TootsieRoll · January 16, 2015, 10:40:16 PM

How do you restore a backup bigger than 50m?
what if the database is not a good copy...will it then destroy the working copy?
very nervous about restoring a database... I have never had to do it.

News:

My database does not have a password field?