can someone pls tell me how bad the found malcode in one of my webserver is ?
I found it in public_html/outlet.
here is the code pastebin
i deleted the directory and try now to search my logs.
thanks for your answer
tango2000
It isn't evident how bad it is. However, the real bad part is that they were able to inject code into your server.
Since you don't know how did they do it, it doesn't matter that you deleted the folder that contained the script. The vulnerability is still there and they will hack you again eventually.
Related
The last time I asked a question here, it was fixed very quickly. How can I fix this error? http://wiegexd165.165.axc.nl
Has it ever worked or is this your first time testing this site? If it's never worked and it's a new site, check your Apache config for paths. Are they correct? Maybe try absolute paths. Do you have the directory set to Deny from all?
If the site worked but is failing now, what could have changed recently that could have caused it to fail?
So straight to the point- Im trying to clean my host entirely (databases too) and after I delete the last 2 files wp-content and wp-includes (700MB of files) they get restored instantly. This may be a simple question but for me it s very odd and I don`t get it. Besides file-manager i used Filezilla too and the same thing happens(my hosting company as it su#%$ failed to give me a reply after 48h).
I have recorded a short video of my problem to help you better understand my issue.
https://www.youtube.com/watch?v=wqL35R0-vvw&feature=youtu.be
Hope you`ll be able to help me. Thank You !
I`m working on this website for an NGO after it was hacked and for now I want to wipe every single file from the server and rebuild it but those files which have inside infected pages(php scripts) wont get deleted
Chances are very good some of those files are owned by the webserver, especially if you were compromised via a WordPress vulnerability. As they're owned by the webserver and not your user, you're unable to delete them.
If you have root/sudo access, you can use that on the command-line to remove them. If you don't, you'll need your host to help.
Currently i'm using latest version of cakephp,When i try to install it it shows the error as temp folder is not re writable.
OK it is fine we can give ch-mod rewrite permission to that particular folder. But there is a reason behind everything.
I tried to find why should we give to it , and what is the reason behind that but i can't get the answer clearly , so i'm expecting it from you , can anyone help me to understand, thanks in advance...
You’re asking why a tmp folder needs write access? Well, if you look in the folder, there are sub-folders for caching, logging, session, and tests if you run them.
CakePHP needs write access so it can write cache file, write any errors logs, write sessions to disk if you’ve configured CakePHP to save session data in your tmp folder.
I’m not sure how to explain this any clearer than, CakePHP needs write access to the tmp folder to, erm, write files.
Documentation says:
Make sure that this folder exists and that it is writable, otherwise the performance of your application will be severely impacted. In debug mode, CakePHP will warn you if it is not the case.
See: http://book.cakephp.org/2.0/en/getting-started/cakephp-folder-structure.html
I am experiencing a very strange behaviour of redgate that prevents me from commiting the changes I made to the database (I'm using git). I can click "Get Latest" and get no errors, everything works, but when I try to commit I get an error without any description (please see the screenshot).
I'm asking for help cause I have no idea what maybe wrong. Thanks in advance!
One other suggestion is to create a copy of the GIT config file, (call it GIT2.xml) and add the -verbose switch to see if it then creates some useful output. You'll need to unlink and re-link with the new config file for it to be picked up.
Please make sure that your system's PATH is pointing to the right Git.exe. You may want to check your path for C:\Program Files (x86)\Git\cmd and change that to C:\Program Files (x86)\Git\bin.
I still have no idea what was causing the problem. I ended up committing the changes using Tortoise GIT.
Anyway, no one has spotted that Redgate is performing a git checkout trying to switch a branch into a file?! And surpressing the error with -q. This looks like a bug in redgate.
Maybe the developers misunderstood git's checkout and treated it as subversion's checkout, but this commands are completely different and they should have known it.
Thanks for all the answers.
Here is the post that put some light on my issue:
http://www.red-gate.com/messageboard/viewtopic.php?t=15157
I have used log4C and it is great. However, I would like to get Pantheios working as well and was wondering if it supports a rolling file appender? I mean if I have something logging to file in Production I need it to be a rolling file?
Also, stupid question but let's say I have DEBUG, INFO and ERROR type logs when using Pantheios, how do you limit to only seeing INFO (for example) using some "sort of config file" like with log4C?
Thanks for the help, any advise would be greatly appreciated ;-)
Lynton
I started evaluating Pantheios since yesterday. Therefore my reply may not be perfect.
1) For rolling file, you can customize the back-end to roll the file by yourself (pantheios_be_file_setFilePath), or use log4c as your logging transport in the back-end. :-)
2) Customize the front-end and make pantheios_fe_isSeverityLogged() function return true only for INFO. You can make it configurable by picking up the settings from .ini file.