5
I have a site running XOOPS 2.73, which I was planning to update to 2.9 this weekend. It was hacked in the following manner.
In the default HTML folder a index.html file was placed stating "KbyTe WaS heRe [www.kbyte.tk]"
Are there any log files that will point me in the right direction to tracking how they hacked through Xoops? The password for the hosting company is 10 characters long and is a randomly generated password consisting of complex variables. Basically I know the hosting company's side was not hacked, which leaves only XOOPS left.
I know PHPnuke is very vulnerable to exploits, and doing some research I came across information that states they are clan that hack Nuke sites.
Here is the information I found doing a few searches on their clan.
Quote:
You are a part of the mass deface against sites with nuke
For information to visit www.kbyte.tk
To contact myself write to k3kbyte@gmail.com
Dedicated specially to coty and the members of Olimpus Klan and Icenetx Hack Team:
0o_Zyr Golden_o0
0o_Zeus_o0
0o_Adi_o0
0o_Yes_o0
0o_Rey_o0
0o_Snake_o0
0o_Dreamer_o0
0o_Neubius_o0
Gaper
Trew
Brio
Fieldy
Ralf
Cero
Are the same vulnerabilities that exist in Nuke present in xoops?
Any ideas on how I can find where they came in from?