Encrypted my db?!? I didn't do that..

  • Resolved atefoto

    (@atefoto)


    12 years, 2 months ago

    Hello

    We just launched a website for reviewing camera equipment and the DB got whacked for some strange reasons. Our reviews has been approved already by Canon among others, and we need it running again as we speak.

    The first ting we did was to set up updraft to back up to our Dropbox. 4×4, both files and DB. So we thought we were safe in case sht happened.. And then it all came down. Before we did anything else we backed up files and the sql just in case, then we removed everything from root so we could start the updraft restore.

    First I uploaded the wordpress, then I pushed over files from backup with overwriting. At the end I was going to restore the DB, but it was encrypted, and we didn’t set any encryption at all !

    What now? We have tried everything for hours and I don’t know what to do. The dropbox password isn’t the encryption-key, neither the user password or anything else that we have tried. I even tried the number in .updraftplus in dropbox “Apps” folder..

    We need this site up again before Saturday because it’s the releasedate that Canon, Nikon, camera store, etc is going to publish our site on their site.

    I hope my English is somewhat understandable.

    Regards,
    Aleksander T. E.

    https://wordpress.org/plugins/updraftplus/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    12 years, 2 months ago

    Hi Aleksander,

    Your English is very good!

    If you look at the code in UD for where the database encryption is done – the function UpdraftPlus_Backup::encrypt_file() which you can read at http://plugins.svn.wordpress.org/updraftplus/tags/1.8.12/backup.php – then it reads like this:

    public function encrypt_file($file) {
    global $updraftplus;
    $encryption = UpdraftPlus_Options::get_updraft_option(‘updraft_encryptionphrase’);
    if (strlen($encryption) > 0) {
    // Do encryption stuff and return path of encrypted file, using $encryption as the encryption key
    } else {
    // Do nothing – just return path of unencrypted file
    }
    }

    So, the only way that encryption can get done is if the option ‘updraft_encryptionphrase’ is set in your WP options database – and that option comes directly from the corresponding field on the UD settings page. That option is then used as the encryption key. If that option is empty, then the encryption code is by-passed.

    So, if your database is encrypted, then that field must have been non-empty. Are you sure you don’t have another copy of the database somewhere, whether in a MySQL server, or in an SQL dump? Or in MySQL transaction logs? You only need to locate the value of that one field; then you can use it to decrypt your encrypted file. There’s no “back-door” for the encryption, so you do need to find the key from somewhere.

    David

    Thread Starter atefoto

    (@atefoto)

    12 years, 2 months ago

    Hi again,

    Thank you.

    Thanks for the information. I backed up the .sql from the “crashed db” just in case I needed it, I don’t think the crash ruined all the fields. So I’ll search for updraft_encryptionphrase in sql then.

    Yeah, figures. There shouldn’t be any backdoor either, I understand that.. :-/

    I’m not any expert on SQL or PHP, but I’ll se what I’m able to pull out of this DB now.

    Regards,
    Aleksander T. E.

    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    12 years, 2 months ago

    Hi Aleksander,

    As SQL is mostly text, just a simple search for ‘updraft_encryptionphrase’ should suffice.

    David

    Thread Starter atefoto

    (@atefoto)

    12 years, 2 months ago

    Man… I could kiss you! 😀 And I’m not that kind of a guy.

    You managed to save our project. The DB was intact at that point aaand, there were some letters in the updraft_encryptionphrase. Keystroke-user-error while the field was active caused the encryption.

    This proves that it’s worth saving even the most ruined DB, and use this forum 🙂

    Thanks for the help again, I couldn’t thank you enough!

    Best regards,
    Aleksander T. E.

    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    12 years, 2 months ago

    Phew!

    You’re welcome!

    The digital equivalent of a kiss can be given at http://updraftplus.com/shop/ . 😉

    Best wishes,
    David

    Thread Starter atefoto

    (@atefoto)

    12 years, 2 months ago

    Hehe,

    I will certainly consider buying the premium since I now know this was purly a user error. 🙂

    Best regards,
    Aleksander T. E.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Encrypted my db?!? I didn't do that..’ is closed to new replies.