Calendar
Members
Search
Help
RSS Feed 
 Urgent: Weird Statistics Problem |
  |
 Apr 19 2010, 03:00 AM
Post
#31
|
|
|
Beginner  Group: Members Posts: 6 Joined: 14-April 10 Member No.: 110,271  |
i already fixed this issue using the method that's explained before
however, since yesterday, there's no statistic appear at my openx until now. Anybody facing this issue? How can I fix it? |
 |
 
|
|
Apr 19 2010, 08:20 AM
Post
#32
|
|
|
Beginner Group: Members Posts: 6 Joined: 14-April 10 Member No.: 110,271 |
also when I trying to create the new zone, then go to Invocation Code, I can't get the code. It seems that this also the impact of this vuln?
[img]http://i44.tinypic.com/spvuaw.jpg[/img] |
|
|
|
|
Apr 19 2010, 10:16 AM
Post
#33
|
|
|
Beginner Group: Members Posts: 6 Joined: 1-October 08 Member No.: 23,463 |
Thank you very much. This solution fixed my problem.
* OpenX 2.8.2 hacked * A new manager user was created, with email admin@openx.xx * No files containing base64_decode were found * Statistics stopped working * Solution posted in this thread has allowed me to get statistics back I will be moving to Google ad manager or similar as soon as possible, as it would appear from other posts that even the current 2.8.5 version is still vulnerable to this attack and there is not a peep from OpenX about this incredible security hole. |
|
|
|
|
Apr 19 2010, 11:39 AM
Post
#34
|
|
|
Member Group: Members Posts: 19 Joined: 24-November 08 From: Austria Member No.: 24,344 |
How'd you get rid of the additional admin account? When I'm logged in and working as the administrator, I don't get a full list of accounts in Inventory > Account Management or Inventory > Admin Access. In fact, the only account listed there is my own (even though the system has several other legitimate accounts). Is it part of the hack that the accounts table in the web interface is tampered with?
At any rate, the database table ox_users has an additional user "adm" with email admin@openx.xx, and ox_accounts has an additional entry too (account ADMIN, account type Administrator Account). I deleted those rows from the two tables. |
|
|
|
|
Apr 20 2010, 06:56 AM
Post
#35
|
|
|
Beginner Group: Members Posts: 6 Joined: 14-April 10 Member No.: 110,271 |
CODE 14-04-2010, 11:21:05 adm inserted Ad Zone Association "Ad #102 -> Zone #0" (#208) View 14-04-2010, 11:21:05 adm inserted Banner "OpenX Market ads served to zones by default" (#102) in Campaign (#68) View 14-04-2010, 11:21:05 adm inserted Campaign "OpenX Market ads served to zones by default" (#68) in Advertiser (#32) View 14-04-2010, 11:21:05 adm inserted Ad Zone Association "Ad #101 -> Zone #0" (#207) View 14-04-2010, 11:21:05 adm inserted Banner "OpenX Market ads served to opted in campaigns" (#101) in Campaign (#67) View 14-04-2010, 11:21:05 adm inserted Campaign "OpenX Market ads served to opted in campaigns" (#67) in Advertiser (#32) View 14-04-2010, 11:21:05 adm inserted Client "OpenX Market Advertiser" (#32) View this's what i got on the User Log |
|
|
|
|
May 13 2010, 06:29 PM
Post
#36
|
|
|
Beginner Group: Members Posts: 2 Joined: 29-April 08 Member No.: 21,178 |
Hi,
I replace hacked admin_account_id with my '1', and can view stats now, but stats from 20th April is missed. Any ideas? |
|
|
|
|
May 18 2010, 08:13 PM
Post
#37
|
|
|
Beginner Group: Members Posts: 2 Joined: 8-May 10 Member No.: 116,631 |
rediculous, I upgraded to 2.8.5 cleaned up my install and now it's hacked again, same deal. Buh bye openX
|
|
|
|
|
Sep 3 2010, 12:34 AM
Post
#38
|
|
|
Beginner Group: Members Posts: 3 Joined: 14-July 08 Member No.: 22,218 |
I don't think I've been hacked but I have no stats - need help?
|
|
|
|
|
Oct 14 2010, 09:25 PM
Post
#39
|
|
|
Beginner Group: Members Posts: 1 Joined: 14-October 10 Member No.: 145,101 |
Anyone have any further fixes for this problem?
@VanDaMe , same problems here. Can't select anything in the invocation drop down menu....and no statistics are being recorded.... |
|
|
|
|
Nov 5 2010, 10:59 AM
Post
#40
|
|
|
Member Group: Members Posts: 16 Joined: 16-July 09 From: Germany Member No.: 29,348 |
|
|
|
|
|