Hello guys, After a few days of launching my site was attempted hacking by some dude and i have made a patch to avoid that. Today, i have the same similar attempt made and I would like your help to test the following page>> http://photocactus.com/images/479ec841-file.php.jpg Just click on the link and see if you could access any command from there, For me I got it as blank page. and I hope everyone also got it blank page. cheers and thanks a lot. toby
all i see is the full URL displayed in my ffx browser when opening your a.m. link however i wold worry about HOW hackers uploaded the hacker script you still have at that URL. basically you have a serious security hole somewhere that is a potential risk you take when offering upload/storage of files ... the first step to do is to really secure your website then to search all your log files for past abuse this or similar shell scripts c99shell or comparable ) usually are used to setup phishing sites ... OLD log files - many months back - may show you if you are a host of phishing ( i was a few times until i noticed - in 2005 )
This is a PHP/Haxplorer.A virus detected by my anti-virus. Better remove it as if anyone login to that page without anti-virus protection, their systems will be affected.
I have never heard of a 'haxplorer' before but since the file is .php.jpg is was intended to be uploaded as a php file. As you know, php can communicate with some server somewhere and do something that may or may not be a bad thing. PHP also does not have to show any text on the page in order to be run, just as soon at the page opens the scripts are loaded. Delete it.
I am using Nod32 anti-virus and when I went to your link, it popup that virus. Therefore I advice you to check on your website and remove them as it can infect others.