Hack the database, how?

K

KRHD2021-02-09 21:57:41

MySQL

KRHD, 2021-02-09 21:57:41

I have a website, the database is open externally, i.e. you can connect to it remotely, but only from one ip address - the address where the site is located.
It was recently hacked, how is that possible?
There was no sql injection.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

I

index0h, 2021-02-09
@index0h

the database is open externally, i.e. you can connect to it remotely

One does not follow from the other. To work from outside, it makes sense to use the ssh tunnel.

from only one ip address - the address where the site is located

If you have shared hosting, I have bad news for you...

how is that possible?

Inspect your site's code, completely. Perhaps the rights to the downloaded files are not correct, or in addition to the entry point, there is something executable in the web root.
It is quite possible in case of an error - you output the stack trace and some other data.
Perhaps the debug panel is not closed.
Perhaps your password is easily cracked.
Perhaps not specifically you were hacked, but the hoster.
But start with a search: who, in principle, has access to your database. Sometimes hacking happens from within, it's sad, but it happens.

L

Lazy @BojackHorseman MySQL, 2021-02-10
Tag

slipped their code through holes in yours. google how it's done. simple example. file upload form through which the script is uploaded.
top cases - leaky cms, crooked hands of the admin, crooked hands of the pogromist.