I was cleaning up my in my uploader directory on a site today and i found a script called r57shell
uploaded by some user a while ago
Im just wondering how concerned i should be. The script seems to be a hacker tool used to extract all kind info from server.
The server is running fine and the person who uploaded it dosent seem to have messed up annything. Im just worried tht he/she has extracted all my users usernames and pw, and automaticly emailed them somewere.
I dont allow shell access on any sites im running, but i have safemode turned off.
I couldnt help be a little courious so i downloaded it and tested it on a local test server i have here at home, and i noticed that you can see all useraccounts and search for all .htpassword etc etc.
Is the Perfect server guide and Ispconfig setting secure enough to prevent these kinda scripts ??