Author Topic: plugin enigma installed by default and exploit in lib76.php (Read 2503 times)

jp79 · « **on:** February 26, 2017, 10:50:40 AM »

Hi, recently my server was hacked and used for spam sending through roundcube.... $:-\$ fortunately I discovered soon.
I'm still investigating, but the problem points to an old version of roundcube (0.8.x, 0.9.x) and the file:
roundcube/plugins/enigma/lib76.php
Any clues? I've been looking about this file and this plugin but i don't find this file in github, perhaps too old, the install was on november 2014

Thanks in advance!

alec · « **Reply #1 on:** February 26, 2017, 12:28:40 PM »

There was never such a file in Roundcube. Probably has been somehow uploaded by the hacker.

jp79 · « **Reply #2 on:** March 06, 2017, 05:45:31 AM »

Indeed, suspicios php files uploaded... all solved (I hope).
Thanks for quick response!

Author Topic: plugin enigma installed by default and exploit in lib76.php (Read 2503 times)

jp79

plugin enigma installed by default and exploit in lib76.php

alec

Re: plugin enigma installed by default and exploit in lib76.php

jp79

Re: plugin enigma installed by default and exploit in lib76.php