CMS: possible exploit

[T0niiiiii]

This cms maybe exploit, but I'm not sure yet. It can be arcturus too. Someone delete my hotel database. Time to go back PlusEmu and revcms :D

Santoro, can u check is there any exploit? I will check my web logs etc

[ovflowd]

It's impossible existing an exploit both on Arcturus and Chocolatey.

Chocolatey was totally coded in a way secured against exploits. You can't in any way inject SQL's.

I think someone accessed your database. Arcturus it's used in many hotels, but you can ask directly on RaGEZONE forums. Since I didn't developed Arcturus, I'm not 100% sure.

Check if your database password was strength? Was using cPanel? MySQL was accessible remotely? Do a triple check on everything. Is your staff 100% trustable?

[T0niiiiii]

Mysql only localhost access and we have phpmyadmin. wanna see some web logs? https://pastebin.com/gnxPqZrf

Good thing is that I have backups :D

[ovflowd]

phpmyadmin it's accessible remotely?

[ovflowd]

Someone deleted by phpmyadmin

[T0niiiiii]

but password wasn't easy. I told my team don't make phpmyadmin or mysql access to public and I think they now understand why. Thx anyway. I think tests folder should be deleted?

[ovflowd]

Tests folder from Chocolatey? You can delete it if you want. But they doesn't bother anyone.

Anyways, Don't give PMA public access please.

Closing.

[TheOmanNorge]

Hope it does not happend again, jumped a little bit when that email showed up on my screen. :) closing ok sry

[T0niiiiii]

Yes, this is good example for everyone. Don't make mysql or phpmyadmin access to public. My team wanted that because it's easy, but not secure.

[ovflowd]

My friend. There is a saying: "Easiest doesn't walk together with securest".

[T0niiiiii]

Hahahah, that's true! :)