warleb Posted September 25, 2006 Posted September 25, 2006 Just noticed someone browsing my store but using a script that was added to the end of my domain name. Now I don't want to post it here but if anyone can help with regards what this can do i will PM then with the script so they can take a look. I will only send it to a registered and respected member. Hopefully some can recall this being used in the past to comprimise sites etc. In the description of the script it did say it should cause damage to the site and server????? I'm not sure if it has damaged my site. if you can help please let me know. I don't bother doing backups. I love the thrill of screwing it all up!
user99999999 Posted September 25, 2006 Posted September 25, 2006 You will see lots of those. The current ones have to due with a security problem in cpanel so if you have it check with your host and see if your server is patched. http://news.netcraft.com/archives/2006/09/..._mass_hack.html Check in your FTP if you have any strange files you didn't put there usually images dir You can google the parameters in the url and find out if it relates to any scripts you have installed. page.php?mosConfig_absolute_path=http://.............. So this 'mosConfig_absolute_path' will find you info about a mambo CMS exploit, a common one that tries any server.
Guest Posted September 25, 2006 Posted September 25, 2006 oh my :( thanks for the info, i will have to be really watch out on my cpanel now then
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.