my ftp got hacked and its a account with multi domains so multi domains got hacked at once! i believe the cause of the problem was imgupscom its a image upload and i have been noticing and deleting alot of php files lately in the image folder and noticed that a lot of the google traffic i was getting was for the keyword of the script company name !so i assume that thats is the cause of the problem! This is what the hacked page looked like and left a email addy! is there anything i can do about this?? anyway to protect my sites? please help i dont know much about this! heres the screen shot here the source <html> <head><title>ßy D3str0y3R</title></head> <body bgcolor="black"> <center><img src="http://www.resim-yukle.com/img01/13/544576FucK.gif"><p> <font face="tahoma" color="lightgreen"> <p> <p><small><b>D3str0y3R WaS Here ! <p><font color="red">c0ntact: D3str0y3R-@LinuxmaiL.Org</font> <p><small><b><p><font color="lightgreen">ThanX : TamTurK - CooLLTurK - The-SerSeri - Kurt - MiLiTaN</font> </center> </body> </html> HTML: THANKS PEACE
Yea - if you were seeing php being upload thats means they were trying to exploit you and it worked Get a better script / Hire a coder that can tighten your script from hacks
HI, it was a remote file inclusion vulnerability and they uploaded a php shell on your server. We do security services for web application (http://www.hackerscenter.com/security ) for cheap prices if the pages to secure are little in number. PM me if interested
im interested how does this work? do i just need to secure the upload pages? please send me some rates! im broke rite now but need some protection
Yes probably the problem is in the uploading script and it needs to be secured so that only real images can be uploaded
so do you just edit/modify the script/source code that is in there now or do you install another script or program?
thats bcuz i removed it thats why i posted a screenshot and source im checking the files constantly till i figure it out! can any one help me? im broke may have somthing to offer but not much !
Don't worry, knowledge is free (or at least cheap). Look for "php remote file inclusion" in google and you will have a list of good tutorials.