Was I hacked?
Posted by salmobytes
Was I hacked? July 14, 2023 12:00AM |
Registered: 15 years ago Posts: 73 |
I had a Boat Buildihg phorum forrum for many years, with something like 20,000 posts.
At its high point I got as many as 10 posts a day.
Traffic gradually plunged to near zero. Why is not clear. Perhaps it had something to do with similar groups on Facebook etc.
I turned it off for about a year. Now I want to bring it back.
I loaded a daatabase with a mysql dump. What I see is an empty forum, even though--when I use a terminal to log into the mysql databae select count(message_id) from phorum_messages shows 22293 messages.
But the page display for that forum shows 0
I also found, in phorum messages, the following:
I have backed up all your databases. To recover them you must pay 0.0135 Bitcoin to this address: 1FobWASbipzwqWK21D8mBLe4ysDPXjQqD1. Backup list: montana_mrblogins, montana_phorum, mrblogins. After your payment email me at rdatabase.2104@onionmail.org with your server IP (64.202.188.192) and transaction ID. Emails without transaction ID will be ignored.
Edited 1 time(s). Last edit at 07/14/2023 12:43AM by salmobytes.
At its high point I got as many as 10 posts a day.
Traffic gradually plunged to near zero. Why is not clear. Perhaps it had something to do with similar groups on Facebook etc.
I turned it off for about a year. Now I want to bring it back.
I loaded a daatabase with a mysql dump. What I see is an empty forum, even though--when I use a terminal to log into the mysql databae select count(message_id) from phorum_messages shows 22293 messages.
But the page display for that forum shows 0
I also found, in phorum messages, the following:
I have backed up all your databases. To recover them you must pay 0.0135 Bitcoin to this address: 1FobWASbipzwqWK21D8mBLe4ysDPXjQqD1. Backup list: montana_mrblogins, montana_phorum, mrblogins. After your payment email me at rdatabase.2104@onionmail.org with your server IP (64.202.188.192) and transaction ID. Emails without transaction ID will be ignored.
Edited 1 time(s). Last edit at 07/14/2023 12:43AM by salmobytes.
Re: Was I hacked? July 14, 2023 11:53AM |
Admin Registered: 18 years ago Posts: 566 |
To Start... on a local machine.
Use a backup of the backup.
Extract the backup from the dump file (??????????_xxxxxxxx_2015_11_13_21_13.sql.gz.)
Open the xxxxx.SQL file in "Textpad" or "Notepad++ , or equivalent, not Windows "Notepad".
Don't turn word wrap on.
The file should be readable for the most part
Locate the line
See photo sample. Most of it should be readable, if it is not check a few more messages.
If the dump file is readable there could be other issues.
Use a backup of the backup.
Extract the backup from the dump file (??????????_xxxxxxxx_2015_11_13_21_13.sql.gz.)
Open the xxxxx.SQL file in "Textpad" or "Notepad++ , or equivalent, not Windows "Notepad".
Don't turn word wrap on.
The file should be readable for the most part
Locate the line
Scroll downQuote
--
-- Data for Table `Your Prefix_messages`
--
The line after should be a message.Quote
INSERT INTO `Your Prefix_messages`
See photo sample. Most of it should be readable, if it is not check a few more messages.
If the dump file is readable there could be other issues.
Sorry, only registered users may post in this forum.