Website was hacked by cyber-soldiers

☆ A M B ☆
24,524 Posts

sottwell Reply #21, 17 years, 9 months ago

Would be interesting to know if any other sites hosted on that server got defaced.

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org

1,732 Posts

xwisdom Reply #22, 17 years, 9 months ago

Quote from: Nameless at Jul 15, 2006, 10:35 AM

The message was in /modx/assets/cache/siteCache.idx.php. Well, there are also several installations of mambo, joomla and phpwcms. Then there was not fully installed phpMyAdmin . I am using shared hosting.

Hi,

Where in your siteCache.idx.php did the message occur? It would be nice if you coud show us that section of cache file.

It would appear that someone got access to your server and found your siteCache.idx.php

xWisdom
www.xwisdomhtml.com
The fear of the Lord is the beginning of wisdom:
MODx Co-Founder - Create and do more with less.

1 Posts

Kane274 Reply #23, 17 years, 9 months ago

Hey,

I also got hacked by those script-kiddies. I used the phpbb forum and cutenews. they got into both. I guess it has something to do with file rights... cause both of those scripts need a writable (777) file. there must have been a problem with that i guess. I doubt it was the webserver itself cause only ppl with phpbb, cutenews etc. had it.

hostlock.ch --> standard plan

edit:
seems like they always went for the config.php files which are usually being written to when you set up those scripts. so im pretty sure it has to do with the rights of a file. for some reason i think its useless trying to catch those freaks, just another lesson trying to teach you to make backups of your webserver