XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module hack reviews 
  4.  / Our Site Was Hacked - We need to know how..
Register
11
davidl2
Re: Our Site Was Hacked - We need to know how..

  • 2005/9/21 13:45

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


If you mean 2.0.10 - then you may be wise to upgrade to 2.0.13.1 as soon as possible... please follow the advice in my signiture first...

ie - backup first!!
12
stefan88
Re: Our Site Was Hacked - We need to know how..

  • 2005/9/21 14:40

  • stefan88

  • Community Support Member

  • Posts: 1086

  • Since: 2004/9/20


Quote:

ThePlague wrote:
If you are speaking of the unix access logs, as in when you log into the system... This site is hosted on yahoo, and I doubt they will be willing to give up their logs for me to review.

Yahoo themselves have not been very helpful either other than saying we should make daily backups (Duh.. We already knew that one)..



For logs you may start with this FAQ:
http://help.yahoo.com/help/us/webhosting/logs/

Are you using protector module?
..
13
MadFish
Re: Our Site Was Hacked - We need to know how..

  • 2005/9/21 14:47

  • MadFish

  • Friend of XOOPS

  • Posts: 1056

  • Since: 2003/9/27


From what you've said, and if you're on 2.0.10, it is quite likely that they used the XMLRPC vulnerability (which was patched in 2.0.12a and above). There's script floating around that will basically hand you the admin password on a plate. Suggest you upgrade, install the protector module and change all your passwords. There's a nice XOOPS security guide available which we found quite helpful.
« 1 (2)

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

254 user(s) are online (161 user(s) are browsing Support Forums)

Members: 0

Guests: 254

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits