Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

I had been hacked for the first time in 4 years-Resolved

Discussion in 'General Discussion' started by altomarketing2, Jul 17, 2007.

  1. altomarketing2

    altomarketing2 Well-Known Member

    Oct 8, 2004
    Likes Received:
    Trophy Points:
    Thanks to cpanel for that quick answer !!!!

    I putting the ticket here to improve this forum and to prevent people about those bad, very bad people arround there ..:mad:

    The problem was an OSCOMMERCE installation without ../admin directory protection, so it could edit my php files online

    Dear Customer,
    It appears that the hacker got in through an oscommerce-based exploit from the IP, if you run "grep /usr/local/apache/domlogs/" you will see the actions he took, the last one editing the index.php file on this server through an exploit in oscommerce. (This is also the same IP that tried to access dark.php) - - [17/Jul/2007:03:13:58 -0300] "GET /?action=logout&act=ls&d=%2Fhome%2FMYUSERCPANEL%2Fpublic_html%2Fadmin&sort=0a HTTP/1.1" 200 45 "" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" - - [17/Jul/2007:03:13:59 -0300] "GET /admin/file_manager.php?info=index.php HTTP/1.1" 200 13 "" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

    Thanks cpanel !!!!!!

    Take care of it !!!!
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. chirpy

    chirpy Well-Known Member Verifed Vendor

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    Your post reads that you seem to be criticising cPanel. If so, then securing your server and scripts is your responsibility, not cPanel's. It looks like cPanel went out of their way to find out how you allowed hackers into your server. If you're not criticising them, then this is a good example of why you need to have a enforced AUP so that clients know that they are responsible for ensuring that any scripts that run in their accounts are their responsibility.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 chirpy, Jul 20, 2007
    Last edited: Jul 20, 2007

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice