- This topic has 22 replies, 9 voices, and was last updated 12 years, 6 months ago by
.
-
Posts
-
Fixed from the /forum site but NOT the main /index.php site.
What the hell!
We did remove it. It was fine. Now it’s back.
Perhaps we need to look into a different hosting provider.
///Leif
Can confirm it’s NOT fixed. This isn’t hard tho. 😉 Just re-launch your browser, and go to ceaudio.com/claessonedwards.com and the Java execution request still pops up.
i told you… ‘that’ (this) whole server need full reinstall. Nothing else will help! It will be always comming back, soon or later.
Also check to see what is in CRON, to see if any php scripts are there. But if the box was pwnt, it’s pretty easy to hide stuff from the web admin user/s. That being said, this was done with an exploit, and if that wasn’t patched, then… yeah. 😉
There’s probably some code running somewhere in php that’s just re-"installing" this to the public pages. The first part of the battle would be to figure out what exploit script is being used via php, and find out where it does everything by default. The php script for the root access probably has a name and credits in it.
- The forum ‘Breakaway Professional Products – [discontinued]’ is closed to new topics and replies.