Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

[hackcheck] sql has a uid 0 account

Discussion in 'General Discussion' started by krl0s, Nov 5, 2011.

  1. krl0s

    krl0s Registered

    Joined:
    Nov 5, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hello good day everyone.
    days ago I get this message to my email, I know that this message be? someone who knows and can help me see the cause of this message?

    are very grateful for the help.

    IMPORTANT: Do not ignore this email.
    This message is to inform you that the account sql has user id 0 (root privs).
    This could mean that your system was compromised (OwN3D). To be safe you should
    verify that your system has not been compromised.
     
    #1 krl0s, Nov 5, 2011
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did you add a user sql with UID 0 for it?

    Code:
    grep sql /etc/passwd /etc/group
    If you did do that, then that is why you are receiving the message.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelTristan, Nov 6, 2011
  3. krl0s

    krl0s Registered

    Joined:
    Nov 5, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hello, ah not added any user or anything, not as I started this just to get these messages Comense? I can do something about it?

    I think I'm being hacked.
     
    #3 krl0s, Nov 6, 2011
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    If you believe you are hacked, I would suggest getting ahold of your datacenter or service provider immediately for assistance. Otherwise, you might want to hire a system administrator who specializes in server compromise. We have a catalog for such administrative services at the following location:

    Dev & Sys Admin Services « Application Catalog

    I would not remove anything at this point but gather data on the sql user and what files and folders it owns as well as whether it has any running processes. If you remove the actual user or anything associated, it becomes harder to track down how the server was compromised.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelTristan, Nov 8, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - [hackcheck] account
  1. BluePlanet

    New Thread Run a MySQL query on database on different cPanel account

    BluePlanet, Oct 19, 2018 at 9:35 AM, in forum: Database Discussion
    Replies:
    0
    Views:
    15
    BluePlanet
    Oct 19, 2018 at 9:35 AM
  2. Skelptr

    Phone broke, but had 2FA on it, how do I access my account now?

    Skelptr, Oct 17, 2018 at 6:23 PM, in forum: Security
    Replies:
    2
    Views:
    38
    Skelptr
    Oct 17, 2018 at 6:46 PM
  3. PaulPlantzos

    Problem with email accounts after migration

    PaulPlantzos, Oct 15, 2018 at 1:59 PM, in forum: Migrate to cPanel
    Replies:
    1
    Views:
    256
    cPanelLauren
    Oct 17, 2018 at 11:06 AM
  4. Kurogane

    Rearrange an Account to second drive?

    Kurogane, Oct 15, 2018 at 12:07 PM, in forum: Data Protection
    Replies:
    1
    Views:
    41
    cPanelLauren
    Oct 17, 2018 at 10:47 AM
  5. Jan-Paul Kleijn

    PHP not working on account without domain name

    Jan-Paul Kleijn, Oct 15, 2018 at 6:43 AM, in forum: General Discussion
    Replies:
    1
    Views:
    48
    cPanelLauren
    Oct 17, 2018 at 10:30 AM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice