[MediaWiki-l] Restoring MediaWiki after the Drupal exploit?

Daniel Friesen daniel at nadir-seen-fire.com
Mon Nov 3 00:50:21 UTC 2014


Or your Drupal install uses a user that has permissions to the MW
install's database.

~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://danielfriesen.name/]

On 2014-11-02 4:43 PM, Tom wrote:
> Just to be clear. Your MW and Drupal share the same DB with a different prefix?
>
> Tom
>
>> On Nov 2, 2014, at 6:31 PM, Alex Monk <krenair at gmail.com> wrote:
>>
>> Just be careful about the 'MediaWiki:' restricted namespace pages. Those
>> can have things like JavaScript which MediaWiki often deliberately does not
>> escape.
>>
>>> On 2 November 2014 23:20, Bartosz Dziewoński <matma.rex at gmail.com> wrote:
>>>
>>> On Sun, 02 Nov 2014 23:53:28 +0100, Boris Steipe <boris.steipe at utoronto.ca>
>>> wrote:
>>>
>>> If I understand the Drupal advisory correctly, backdoors could have been
>>>> installed in the database. I don't know nearly enough about this, but I
>>>> suspect this could mean that a backdoor could reappear on the new machine
>>>> if I were to dump my current Wiki tables from the old machine and reinstall
>>>> them on the new machine. Is this correct? And if so, what would the best
>>>> strategy be for recovery? I hope this can be done more efficiently than
>>>> copy/pasting Wikitext.
>>> If you want to be extra paranoid, and you only care about the contents of
>>> pages (and possibly their earlier versions) and none of all the boring
>>> extra data, then you can export and import the contents of wiki pages. This
>>> should always be safe, as MediaWiki assumes that all page text is hostile
>>> user input and always parses and escapes everything that needs it.
>>>
>>> https://www.mediawiki.org/wiki/Manual:Importing_XML_dumps
>>>
>>> --
>>> Bartosz Dziewoński
>>>
>>>
>>> _______________________________________________
>>> MediaWiki-l mailing list
>>> To unsubscribe, go to:
>>> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>> _______________________________________________
>> MediaWiki-l mailing list
>> To unsubscribe, go to:
>> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
> _______________________________________________
> MediaWiki-l mailing list
> To unsubscribe, go to:
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l




More information about the MediaWiki-l mailing list