Hey all, I am really confused right now, one of my HTML sites was hacked today and I don't understand how. Basicaly someone had edited the index.htm file and added 1,000's of html pages to my directories and sub directories. What are all the possibilities that could have caused this? I have never given my password out so I don't think it could be someone knowing that and the index.htm file is set to 644 along with pretty much all my other files. Any ideas guys?
Your web host might have been hacked, in which case the "hacker" could've run a system-wide attack. Also, maybe your cpanel (or any other control panel) login was compromised, through the use of a simple brute force. Maybe the server is configured to receive php requests from within HTML pages, which could cause a few more vulnerabilities!
Can you send me the URL? better to pm me though as the bug may still be present. I think somebody has done some cross site scripting, Do you have any input text fields or textarea fields on your site?