CHMOD 777 Folders Hacked :(

Discussion in 'Security' started by adam1987, May 29, 2007.

  1. #1
    Hi,

    I have a few websites, many which require the images folder to be chmod to 777 for the user to upload images using the CMS

    Today almost every folder on my web server which is chmod 777 seemed to have new files and a new .html file saying it had been hacked bla bla....

    How do i get around this ? / Could this person delete files and actually destroy everything or is it just limited to chmod 777 folders ?

    I guess this must be common as many sites have chmod 777 folders ?
     
    adam1987, May 29, 2007 IP
  2. tandac

    tandac Active Member

    Messages:
    337
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    58
    #2
    The general rule of thumb is that any folder that the web server can write to is vulnerable. Chmod 777 directories is generally asking for trouble.

    The best way around it is to fix your script.
    Storing files in the database might be another

    A good general rule but one that won't work in your case is to move the 777 directories outside of your web root folder (www or public_html). This way files that are uploaded, cannot be exploited.
     
    tandac, May 29, 2007 IP
  3. gigapromoters

    gigapromoters Peon

    Messages:
    309
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Yes, Writable folders are exploitable, but you must be having some vulnerable script which has caused this.

    Also, if you're having a shared hosting account, then exploitable script on other accounts can even cause this.

    My advice is to contact your host, and tell him to find the security issue.
     
    gigapromoters, May 29, 2007 IP
  4. inworx

    inworx Peon

    Messages:
    4,860
    Likes Received:
    201
    Best Answers:
    0
    Trophy Points:
    0
    #4
    There are lots of shells available. You might want to check your server for all files and deleting any shell(whcih ther would be)

    Also, CHMOD to 644 unless you allow users to upload files etc(which should be CHMOD to 755)

    Dont CHMOPD 777 to any folder/file in any condition unless you're installing some script and do it temporarily.
     
    inworx, Jun 13, 2007 IP