hi
our site with CMSMS 1.3 has been hacked. we are under linux, PHP 4.4.2, MySQL 5.0
(CMS Mailer with sendmail option, Frontend users, Self Registration, Custom Content, latest versions)
only the index, site structure seems ok.
Someone have idea how i can prevent that? or how that it's appened?
Thanks all
http://synergie-home.com
CMS MS 1.3 index hacked!! help
Re: CMS MS 1.3 index hacked!! help
I'm not aware of any security vulnerability. Unfortunately, this guy didn't tell you how he did it, which is what a lot of these greyhat type hackers would do.
Do you have any other apps running on that server also, or is it only CMSMS?
Do you have any other apps running on that server also, or is it only CMSMS?
-
ivancar
Re: CMS MS 1.3 index hacked!! help
Cyberman, i'm checking, but i'm not sure to discover the intruder
i've to check only http access or either FTP?
Ted: we have a forum, PHPBB 2.20 CH modded (2.14), the forum seems untouched
if you like i'll send the log, or i'll give you any further detail
Thanks both
i've to check only http access or either FTP?
Ted: we have a forum, PHPBB 2.20 CH modded (2.14), the forum seems untouched
if you like i'll send the log, or i'll give you any further detail
Thanks both
-
cwaz13
Re: CMS MS 1.3 index hacked!! help
I had a site hacked a few months ago (not CMSMS, though), with a similar index attack. We looked at server logs, FTP access, changed passwords, a PHP forum, everything...
Turned out there was a security hole in an old calendar CGI file on the FTP server. They used this to modify the index page announcing their hack, nothing else, same as yours. Once that CGI program was patched, the security hole was fixed and the site has had no problems since. I would check your other apps and scripts and see if something might need to be patched. Good luck. :)
Turned out there was a security hole in an old calendar CGI file on the FTP server. They used this to modify the index page announcing their hack, nothing else, same as yours. Once that CGI program was patched, the security hole was fixed and the site has had no problems since. I would check your other apps and scripts and see if something might need to be patched. Good luck. :)
-
ivancar
All right
hi
I finally talked with the hacker, he was'nt changed anything in the site but the index. His attack was against the server.
As cwaz13 guessed, he have used a hole in the host system..
I asked explicitly if he did found some vulnerability in the CMS MS.
I'm happy to tell you all that he replied to have'nt found any, even saying (as Ted said) "changes are difficult, even if not impossible"
That it's enough for me, and for all the CMS MS community, though.
thanks
Ivan
I finally talked with the hacker, he was'nt changed anything in the site but the index. His attack was against the server.
As cwaz13 guessed, he have used a hole in the host system..
I asked explicitly if he did found some vulnerability in the CMS MS.
I'm happy to tell you all that he replied to have'nt found any, even saying (as Ted said) "changes are difficult, even if not impossible"
That it's enough for me, and for all the CMS MS community, though.
thanks
Ivan
Re: CMS MS 1.3 index hacked!! help
That's great news. Well, not that you got hacked, but, well, you know. 
