XF 1.5 Hacked forum

Sunka

Sunka

Well-known member
my forum is hacked 15 minute ago.
Still have access to ACP. I disabled all addons.
what to do right now?
 
Sort by date Sort by votes
Sunka said:
Sorry but no. I shared that only with Xenforo Staff.
Click to expand...

That's fine. Based on the PHP Shell itself, I could probably figure out what they were trying to do - including what their objectives.

ozzy47 said:
Wise decision. :)
Click to expand...

Debatable. Computer Forensics and Incident Handling/Response is my primary day job and I enjoy it quite a bit. Always looking for more incident to do an analysis and understand an adversary even more.
 
Last edited:
Upvote 0 Downvote
BTW, just for the record - malware scans do nothing. It's still signature based, and a PHP shell would not be picked up by malware scans if the signatures are not in the malware scanner.
 
Last edited:
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

KhanTastic
  • Question Question
XF 2.2 How many .htaccess files XenForo has?
Replies
2
Views
219
KhanTastic
KhanTastic
jromaine
  • Question Question
XF 2.2 Administrator account disabled?
Replies
8
Views
305
Rhody
Rhody
PumpinIron
  • Question Question
XF 2.2 Is there a way to lock an account after X amount of failed login attempts?
Replies
13
Views
709
PumpinIron
PumpinIron
cwe
fixing broken links?
Replies
5
Views
371
Chromaniac
Chromaniac
K
Disabled accounts can still access ACP
Replies
0
Views
185
Kirby
K
Top Bottom