Hacked blog database need advice!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • qxm
    Confirmed User
    • Jul 2006
    • 5970

    #1

    Hacked blog database need advice!

    Damm!, now i really need help .... it seems that someone has been snooping around my admin area or something.... cause my blog links are now redirecting to someone elses promotional program

    Bangbros ref id=sexape (my bangbros id is different)

    Take a look at my blog (qualityxmedia{dotcom}/QualityxmediaBlog/) and click on the pictures posted today.... the girl should be kitana...
    The program i'm promoting there is twistys but the links are redirecting to:

    bangbrosnetwork{dotcom}/t1/pps=sexape/

    this is happening by intervals cause some times it sends me to twistys and other times it sends me to the address above. Also if i completely turn my firewall of this happens all the time ... if i turn it on i get the correct links (ive scanned my pc with Zone alarm latest version and it has detected no infection or spyware)

    the posts redirecting are

    qualityxmedia{dotcom}/QualityxmediaBlog/category/pornstars/twistys-porn-stars/kitana-jade/
    and
    qualityxmedia{dotcom}/QualityxmediaBlog/2006/07/16/jana-cova/
    and
    celeste star

    (just noticed my permalinks look different )

    which are the latest ones... my tgp is fine (i changed the user and pass just in case)

    the blog (wordpress) is the one giving me problems

    Does anyone else get redirected when visiting this 2 posts? or is it just me?(u have to try a couple of times cause its a random redirection ... sort of like a cicle jerk)

    and, could this be related to my MySQL database or just some html code embeded in my page? or a known wordpress vulnerability?

    I dont wanna have to take down the blog and then rebuild it (i have no backup ), i'm using wordpress 2.03...... do you have any suggestion as to where i should start looking for this redirection code?

    could someone tell me how to handle this situation?.... this is the first time this has happened 2 me..

    ICQ: 266990876
  • Shap
    Confirmed User
    • May 2001
    • 8313

    #2
    I know the problem. Going to contact you now regarding it.

    Comment

    • martinsc
      Too lazy to set a custom title
      • Jun 2005
      • 27047

      #3
      sounds bad...
      Make Money

      Comment

      • Shap
        Confirmed User
        • May 2001
        • 8313

        #4
        Originally posted by martinsc
        sounds bad...
        He wasn't hacked. It's a hotlink protection that is causing it.

        Comment

        • qxm
          Confirmed User
          • Jul 2006
          • 5970

          #5
          hotlinking protection uh....
          dude you just saved me from loosing all my hair!, i checked my SQL database and code so many times i was going nuts!... thanks for the email!.

          ICQ: 266990876

          Comment

          Working...