Has anyones website has been hacked by Eddy_BAck0o. One of my friends website was just lately hacked by them, they have created index.html file within some wn0 sub-folder. Now problem is this folder cannot be deleted, CANNOT change permission of tht folder, both from FTP client and Cpanel filemanage. any ideas guys?
What permissions and ownership do the folder and files have now? Also if you have access, run "lsattr filename" and lsattr -d directoryname Look if the "i" (IMMUTABLE) bit is set, that will prevent changes to the files and directories even if you are root. Works like this: online-42:~# mkdir mydirectory online-42:~# chattr +i mydirectory/ online-42:~# lsattr -d mydirectory/ ----i------------ mydirectory/ online-42:~# rmdir mydirectory/ rmdir: mydirectory/: Operation not permitted online-42:~# chattr -i mydirectory/ online-42:~# rmdir mydirectory/ online-42:~#
the folder & files within have 644 permission. I have FTP and Cpanel access.. I dont know whether I can run shell command through SSL. so how can i run above commands? any shell scripts? CGI scripts?
Sorry, I tend to think everyone has shell access. A cgi could be made to do it, but if this is a manged hosting sollution, maybe your hosting center could fix it for you?