Print Page - plugin enigma installed by default and exploit in lib76.php

Title: plugin enigma installed by default and exploit in lib76.php
Post by: jp79 on February 26, 2017, 10:50:40 AM

Hi, recently my server was hacked and used for spam sending through roundcube.... :-\ fortunately I discovered soon.
I'm still investigating, but the problem points to an old version of roundcube (0.8.x, 0.9.x) and the file:
roundcube/plugins/enigma/lib76.php
Any clues? I've been looking about this file and this plugin but i don't find this file in github, perhaps too old, the install was on november 2014

Thanks in advance!

Title: Re: plugin enigma installed by default and exploit in lib76.php
Post by: alec on February 26, 2017, 12:28:40 PM

There was never such a file in Roundcube. Probably has been somehow uploaded by the hacker.

Title: Re: plugin enigma installed by default and exploit in lib76.php
Post by: jp79 on March 06, 2017, 05:45:31 AM

Indeed, suspicios php files uploaded... all solved (I hope).
Thanks for quick response!

Roundcube Community Forum

News and Announcements => General Discussion => Topic started by: jp79 on February 26, 2017, 10:50:40 AM