SQl Dropped

03/05/2012 10:30 Serenduk#1

So server was hacked again last night db dropped all ports are closed so must be register script doing the hacking

would it be possible if i set user ie: sa to only be able to create not drop/delete tables
and make another account so i can manually drop or delete or wont this work ?

03/05/2012 10:32 Kape7#2

If you are using user sa on your DB then is obvious that you will get hacked soon or later.

03/05/2012 10:37 Serenduk#3

no not using login sa was putting as example but all ports are closed i hear setting odbc connection local away but how do i go about this

03/05/2012 10:45 Kape7#4

Create a new user ONLY for the register page that only have permission to create data.

03/05/2012 12:00 Serenduk#5

thnxs

03/06/2012 18:14 msimon07#6

what server was is cause i did that to 3 servers lastnight and made myself GM name is IceT. I did the exploit sending SQL query thru SMC login using '; INSERT INTO TB_User (StrUserID, password, sec_primary, sec_content) VALUES ('test','4297f44b13955235245b2497399d7a93','1','1' ); -- if that was the account created in your DB then it was me then i went for your billing server and deleted TB_User and crashed your mySQL server.