I would like to have a look at the database and all files associated with the hack just to see what the damage was. It is unfortunate that there is no way to prosecute people for doing this type of damage. Even if you forensically acquired all of the data (most likely using law enforcement, if you could get them to show up), did everything you could to protect and preserve the data, created 2 bit-stream copies using something like dd or Ghost, ran an MD5 on the copies, authenticated the copies, analyzed the data on the copies, and found enough to prosecute, what could you do? Who ever did this is probably in a country that has no extradition treaty with the US and the chances are slim to none that the FBI will investigate a case like this. I am just wondering if Drupal has any exploits.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh King Sent: Tuesday, March 01, 2005 4:39 PM To: List for MEPIS testers Subject: Re: [Dev-mepis] forum.mepis.org drlizau wrote: > On Wednesday 02 March 2005 05:56, Josh King wrote: > > >>Any word on what exactly happened? I'm sure others would like to know as >>well. >> > > > bLackhammer | FTS ownz ur box > wot about Turkish? > > phpbb site mentions an exploit in which any user could get administrator > access > I assume then, that all the forensics were recovered? _______________________________________________ Dev-mepis mailing list [email protected] http://mepis.org/mailman/listinfo/dev-mepis_mepis.org _______________________________________________ Dev-mepis mailing list [email protected] http://mepis.org/mailman/listinfo/dev-mepis_mepis.org
