[support] Cleaning up from the Oct. 15th hack.
Muzaffer Tolga Ozses
tolga at ozses.net
Fri Oct 31 17:55:00 UTC 2014
Drupalgeddon identifies a few PHP files in FirePHP that comes with devel.
On 31 Oct 2014 19:51, "Patrick Avella" <me at patrickavella.com> wrote:
> Thanks Dave and Muzzafer, I got a syntax error from drush when installing
> the drupgeddon module.
>
> Has anyone been able to list when common files and avenues the attack hit
> yet? While we all know we got hacked, there seems to be no clear
> description of the contents of the attack besides what's initially visible
> (drupal mega role, evilevily, etc)
>
> On Fri, Oct 31, 2014 at 1:44 PM, Metzler, David <metzlerd at evergreen.edu>
> wrote:
>
>> It’s not complete but I’ve heard of people using:
>>
>>
>>
>> https://www.drupal.org/project/drupalgeddon
>>
>>
>>
>> To help get a handle on the files cleanup. I haven’t heard anything about
>> db yet, but there are some useful links on the project page.
>>
>>
>>
>>
>>
>> Good Luck,
>>
>>
>>
>> Dave
>>
>>
>>
>>
>>
>> *From:* support-bounces at drupal.org [mailto:support-bounces at drupal.org] *On
>> Behalf Of *Patrick Avella
>> *Sent:* Friday, October 31, 2014 10:04 AM
>> *To:* support at drupal.org
>> *Subject:* [support] Cleaning up from the Oct. 15th hack.
>>
>>
>>
>> Hi, I maintain around 60 multisites that got hacked like all sites on the
>> 15th. Has anyone developed a method of cleaning out the database for
>> malicious code? The file system I can handle on my own.
>>
>> PSA chances are you were hacked on Oct 15th please visit Drupal.org to
>> learn more.
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20141031/cc26def3/attachment-0001.html
More information about the support
mailing list