All good and well but now we're ahum... f*cked! It seems impossible to regain admin access! I removed the entire Tinycontent folder from the modules directory, even re uploaded the entire site (from an earlier backup) and I still cant get in admin. I get a message that I'm loged in but the admin menu doesn't appear. When I try /admin.php I get the standard "you don't have enough rights" notification!

Ok, this is the solution to the admin lockout:

I hope that you have a backup of your database? Delete your database, create a new one and import your backup. Don't forget to change the database name/pwd in the mainfile.php if the name of your new database of password is different from the original.

If the hacker did a good job you can't change/delete the database through Phpmyadmin. At first I tried to restore a backup but that didn't work! I managed to delete the database with Directadmin...

Luc

See also:
vulnerability in SPAW editor
XOOPS Multiple Module Spaw_Control.Class.PHP Remote File Include Vulnerability
SPAW Editor PHP Arbitrary File Inclusion Vulnerability
xt_contuedo is NOT safe
Open holes and hacked
My site has been hacked! What do I do?