Yet more news...
I had my system admin search for /mambots on the server to see if there were more installs of Mambo. He found two, and sure enough... both were hit.
He mentioned files with permissions of 707.
That isn't odd because the install docs in fact say....
Quote:
chmod -R 707 images
chmod -R 707 media
chmod -R 707 uploadfiles
chmod -R 707 components
chmod -R 707 language
chmod -R 707 modules
chmod -R 707 templates
chmod -R 707 administrator/backups
chmod -R 707 administrator/components
chmod 644 configuration.php
|
So, I'm wondering.... should I and others follow such instructions?
Hmm.. still not sure how they were able deface, but considering templates/ content is usually set so Mambo can delete files in there... I'm not suprised.
