CI hacked - C99madShell

CI hacked - C99madShell

El Forum
Guest

#10

02-03-2010, 06:19 PM

[eluser]OliverHR[/eluser]
[quote author="Yorick Peterse" date="1265248233"]

As the topic started pointed out, it's a CMS that got hacked. Since it's a CMS (with probably some sort of templating system) the logged in user will have access to those template files and thus is able to edit them.[/quote]

If the user can edit(means write) then he can put anything on server at least on server user scope path.

Anyway I think the issue is in the authentication, maybe a cookie stealing, session hijacking, a hacker could smuggle in some javascript code.

Messages In This Thread

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:02 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:18 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:46 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:50 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:51 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 01:53 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 02:10 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 04:19 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 06:12 PM

CI hacked - C99madShell - by El Forum - 02-03-2010, 06:19 PM

CI hacked - C99madShell - by El Forum - 02-04-2010, 03:25 AM

CI hacked - C99madShell - by El Forum - 02-04-2010, 04:07 AM

CI hacked - C99madShell - by El Forum - 02-05-2010, 02:21 PM

CI hacked - C99madShell - by El Forum - 02-05-2010, 03:52 PM

CI hacked - C99madShell - by El Forum - 02-11-2010, 05:48 AM

CI hacked - C99madShell - by El Forum - 02-11-2010, 11:11 PM

CI hacked - C99madShell - by El Forum - 02-11-2010, 11:21 PM

CI hacked - C99madShell - by El Forum - 05-25-2010, 09:43 AM