My site was hacked?

slayer1011 · Post by **slayer1011** » Sun Mar 01, 2009 3:11 am

very strange, I have NO content on my site, but when i tried to login to add some content my password just would NOT work for the life of me

so i started thinking, Hmm, i wonder if i can recognize my passwords MD5 hash from a known one i use on my phpBB forum

so to my surprise my Admin Login name, Password and Email address were all changed

I am running CMS Made Simple 1.5.2 are there any known exploits? .. well obviouly your not going to post that info, rather im looking for any fixes

I have recovered my admin account, and changed my password, no data lost (nothign to loose except a page saying coming soon)

thanks.

Kenny Quast

if it helps, the username of my Admin (what it was changed to) was cPLayboY (somethign liek that) i cant rememebr the case's
i dont rememebr the Email i just changed it to mine

viebig · Post by **viebig** » Sun Mar 01, 2009 5:22 am

shared server? hosting company? did you verify your system integrity? webserver logs?

1.5.2 dont have any exploit discovered as far we know.

Regards.

slayer1011 · Post by **slayer1011** » Sun Mar 01, 2009 7:38 am

yes its shared reseller hosting.

I'm not sure how to test my systems integrity?, as for the logs I highly doubt i would understand any of it.

liek i said there was no content on the site to loose so its not a big concern right now.

I will make sur ei backup my database incase somethign happens again,

I just checked my logs, they only go back a couple days, and honestly this coudl have happened a month ago, i havent really touched the site since i installed it, i have been working on another project

ohh well. live and learn for now

streever · Post by **streever** » Sun Mar 01, 2009 5:52 pm

If you use a common shared host, it's likely that setting the folders to 777 gives other users on the same machine the ability to access (hack) your site. You should report this to your host, who should be able to determine who uploaded files to your account, & then ban them. They will probably tell you to never use 777, but really, it's a very minor inconvenience if you monitor your site with any regularity.

Keep your settings as is, make sure you backup, & be prepared to clean the site up once in a great while. if it happens too often, you might want to consider a different host, because really, they shouldn't have that many customers who hack their other customer's accounts!

slayer1011 · Post by **slayer1011** » Mon Mar 02, 2009 2:14 pm

well the only file that was changed (and i just noticed it now) was the index in the uploads folder

like i said, there was no content on the site, so it doesnt bother me too much right now. It does however teach me a little (backup everything

that way i can just over wright everything after a hack, and only be 1 day behind (if daily backups)

thanks for everyones input, it's helped me see what problems i may not have noticed otherwise

streever · Post by **streever** » Tue Mar 31, 2009 7:43 pm

The other thing you can do, though it's too complicated for me to explain, is make Apache the owner of all files, & then you can set the permissions at 755... this is much more secure

CMS Made Simple Forums

My site was hacked?

My site was hacked?

Re: My site was hacked?

Re: My site was hacked?

Re: My site was hacked?

Re: My site was hacked?

Re: My site was hacked?