On 1/27/2010 16:10, Matt Shaffer wrote:
Keep in mind: 1. An outdated index.php could be a possible culprit, if it had any security vulnerabilities with it (although I highly doubt this) 2. Any mods installed may have vulnerabilities 3. If the person updating the forum to 1.1.11 ignored warning messages about files not being writable, etc, there may still be an outdated file with a vulnerability from 1.1.10 4. SMF doesn't necessarily have to be the culprit. Exploits in other software may have given the intruder file/ftp access, allowing him to change any files anywhere.
and just to add to this and expand on my comment that i made earlier about frames with extremely high Z axis numbers... those that have been seen, caught and analyzed were done with postings in the forums where they happened... none of the content was actually messed with... the high Z axis number just ensured that that content was over the top of all other and made it appear that everything was done...
-- _______________________________________________ Lazarus mailing list Lazarus@lists.lazarus.freepascal.org http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
