Security Disaster

Discussion in 'Server Operation' started by v2k, Mar 25, 2008.

  1. v2k

    v2k New Member

    It was not mine. It was also removed. I assume it was uploaded via a file upload page which my site supports... perhaps moved from the tmp directory and executed? That's the part of the hack I have not been able to figure out. The var/www/html dir is only writable to root as far as I can tell... and no access via ssh/ftp was shown in the logs. If they had root access, why would they go through the trouble to make a php file to execute commands through...

    Anyways, I'm not sure how the test2 file was created.

Share This Page