Topic: Help with SPIP hack

[jheysen]

Well, I just had a website I manage defaced, it's a SPIP we use on my university to deliver material to students.
The hack was done using a SPIP vulnerability, as I have googled so far (There's even a video of how to do it), but I can't manage to restore the site.
So far I removed the defacing message but now I got an empty page. I'm looking inside the DB for where the theme is set, without luck.

Anybody knows how to restore SPIP after this kind of attack?
I'll keep googling and experimenting though :p

Regards,
J.

[jheysen]

Well, finally I could solve it.
I HAD TO MANUALLY ALTER THE DATABASE.
There was an article in the DB with the redirect code, witch I deleted manually. The hackers also dropped a redirect link in the site description (meta table), that one was trickier to spot.

Glad that some SQL-fu got me working again.

Hope this helps ;p

[Samker]

As I see it's an old vulnerability (2009.): http://passingcuriosity.com/2009/security-and-spip/

Well, finally I could solve it.
I HAD TO MANUALLY ALTER THE DATABASE.

...

Bravo masters!

[jpyrat]

Hi,

Do you need someone to securise and maintain your SPIP installation ?