Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is this a malicious script?

Discussion in 'General Discussion' started by SuperBaby, Sep 21, 2006.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    I found this script called "back" in the /tmp folder. I deleted it and it came back again after a day. Is it a malicious script?

     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. NightStorm

    NightStorm Well-Known Member

    Joined:
    Jul 28, 2003
    Messages:
    286
    Likes Received:
    4
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Twitter:
    In a word, yes. It's a compromise, though not necessarily a root one. You'll need to track down the source of the file, and patch the problem, as well as go over your server's security with a fine-tooth comb and make sure that nothing else bad gets dropped into /tmp
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice