Welcome, Guest
Username Password: Remember me

Hack recovery -- suspicious code in database
(1 viewing) (1) Guest
  • Page:
  • 1

TOPIC: Hack recovery -- suspicious code in database

Hack recovery -- suspicious code in database 9 years ago #19715

  • jgold723
  • OFFLINE
  • Fresh Boarder
  • Posts: 12
  • Karma: 0
I've been recovering from a recent hack. I have deleted all files and reinstalled Joomla and all extensions, including Mobile Joomla with their latest version. As part of this, I searching the database for anything the hackers may have left behind and I've found some suspicious in the mj_amdd table:


('www.voxtel.ru/UAProf/Voxtel_BD40.xml', 'bot', '{"type":"mobile","markup":"xhtml","screenWidth":120,"screenHeight":140,"imageFormats":["png","jpg","gif","wbmp"]}')


Can you tell me what this table is used for and whether the code above is normal or not. And if not, how do I get rid of it?

Re: Hack recovery -- suspicious code in database 9 years ago #19718

Hi.

Have you tried the clean install i mean from creating a new database from scratch for your Joomla site?

Please send us more details like screenshots of that table to our email This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Best,

Mobile Joomla! Support

Re: Hack recovery -- suspicious code in database 9 years ago #19720

  • dryabov
  • OFFLINE
  • Administrator
  • Denis Ryabov, Lead Developer
  • Posts: 4863
  • Karma: 105
AMDD contains data from latest open version of WURFL database (to support feature phones and other old devices that are very rare nowadays), and there are 7 entries in the database relates to VOXTEL phones that used UAProf URL for User-Agent header as well. So, it is not related to hack.

Re: Hack recovery -- suspicious code in database 8 years, 7 months ago #20074

  • protomik
  • OFFLINE
  • Fresh Boarder
  • Posts: 1
  • Karma: 0
AMDD contains data from latest open version of WURFL database (to support recovering data from phones and other old devices that are very rare nowadays), and there are 7 entries in the database relates to VOXTEL phones that used UAProf URL for User-Agent header as well. So, it is not related to hack.


How to restore data from previous backup?
Last Edit: 8 years, 7 months ago by protomik.

Re: Hack recovery -- suspicious code in database 8 years, 7 months ago #20080

Hello protomik,

Please tell us more information about how do you want to restore your data? Is it a mysql database ? Can you provide an example or a screenshot?

Best,

John Mark C.
Mobile Joomla! Support
  • Page:
  • 1
Time to create page: 0.12 seconds

By continuing to use this site you consent to the use of cookies on your device as described in our cookie policy unless you have disabled them. This site will not function correctly without cookies.

I accept cookies from this site.