Some progress:
I found out that the SQL injection was indeed done through a vulnerability of the IPB forum software.
The hacker essentially followed these steps:
1-Identify a weakness in some open source software, in this case IPB forum 1.2.
2-Google the net for any site running it.
3-Apply the hack.
Much more work to do.
|