Jump to content

Captain Crunch

Members
  • Posts

    3
  • Joined

  • Last visited

Captain Crunch's Achievements

Newbie

Newbie (1/14)

  • First Post
  • Conversation Starter
  • Week One Done
  • One Month Later
  • One Year In

Recent Badges

0

Reputation

  1. It is difficult to tell, as I the cpanel doesn't allow me to view all of my logs since the inception of the site. My guess is that it was a custom login script that I wrote. They chmod'd a number of files which turned out to be the real nightmare in the whole ordeal. It wasn't that difficult to delete the php scripts they had uploaded. As Annie said, they were "redirect" scripts for spammers, encoded with base64, pointing to mostly russian domains. If anyone is looking for a good (and safe) decoder for base 64, I found this one to be useful: http://www.opinionatedgeek.com/dotnet/tools/Base64Decode/ Regards, The Captain
  2. Just a quick post letting you guys know what the problem was. One of my directories had been exploited and a number of .php files had been uploaded. The hacker was using my site as a "launching pad" for dodgy searches (mostly coming from US tech centres) So, if you see any logs like the ones I posted, I recommend you take the time to look into the entries (even if you don't think you have some of the directories listed). Regards, Cap'n Crunch.
  3. Hello, I was wondering if anyone can help me with the following. I have just looked at my log files for my website on a TCH webserver, and found the following: [Fri Sep 15 04:21:21 2006] [error] [client 66.249.66.232] File does not exist: /home/xxxxx/public_html/txtlist/archive/download+free+Beat+Craft.htm [Fri Sep 15 04:21:09 2006] [error] [client 66.249.66.232] File does not exist: /home/xxxxx/public_html/txtlist/archive/winme+key+patch-to-full.htm [Fri Sep 15 04:20:57 2006] [error] [client 66.249.66.232] File does not exist: /home/xxxxx/public_html/txtlist/archive/Mister+Pix+II+v2.10.zip.htm [Fri Sep 15 04:20:46 2006] [error] [client 66.249.66.232] File does not exist: /home/xxxxx/public_html/txtlist/archive/descargar+rmx+converter.htm This is just a small selection of it. When I look these up on the internet, they are usually bittorrent ads. So my questions are: 1) Is this a ossible security risk ie. Have I not done something to protect myself 2) Is there anyway I can stop this? Some of the queries are turning up in google, and although they may not be getting access to any of my data?, it still makes my company look bad. Any help would be much appreciated. Regards, CC
×
×
  • Create New...