I Found This in the folder of a free user .. i forgot all about a cpanel free user signup script i had installed wayback
.. so anyway a user signed up yesterday and uploaded this script .. i cant tell if any harm has been done but it looks like the user could gain access to usernames and passwords at the least .. i decoded some of the base 64 code and says it installs a shell .. so what should i do now? im scanning the Entire VPS with Linux Malware Detect now and removing the signup script.
SCREENSHOT
View attachment 16261
SOURCE
- removed script code -
.. so anyway a user signed up yesterday and uploaded this script .. i cant tell if any harm has been done but it looks like the user could gain access to usernames and passwords at the least .. i decoded some of the base 64 code and says it installs a shell .. so what should i do now? im scanning the Entire VPS with Linux Malware Detect now and removing the signup script.
SCREENSHOT
View attachment 16261
SOURCE
- removed script code -
Attachments
-
34 KB Views: 16
Last edited by a moderator: