Skyline_GTR

Member
Jul 31, 2003
7
0
151
it seems after I disable part of the ajax feature on the forum, the thing is gone...
and I think the code is actually a javascript. but I still couldn't find where is it.
 

Johnpg82

Member
Jul 3, 2005
9
0
151
Odd.

I was just hacked.. Something to do w/ the sql system time.

Now I couldn't login to webhost manager but now I can but..

When I try to login to any cpanel account it says..

"License system update in progress. Please try again later."
 

codegirl42

Well-Known Member
Mar 9, 2006
93
0
156
this nuts. i was hacked this morning. i woke up and the server was down and there was this script in the root named news.php that had a shell exploit in it....i believe itpulled down the server...but no defacing happened....
 

compunet2

Well-Known Member
Feb 21, 2003
309
0
166
codegirl42 said:
when i type scripts/easyapache....it does this "buildapache" thing......
Yes, its in the buildapache menu's.... either on the main or under the php options (I can't remember). If you've never ran buildapache before, you may want your sysadmin to do it, so nothing gets damaged during the process.
 

compunet2

Well-Known Member
Feb 21, 2003
309
0
166
codegirl42 said:
had someone recompile apache with phpsuexec...now id ont know what to do with it...lol
There should be nothing else to do... all php scripts should run as the user, instead of nobody now.
 

Murtaza_t

Well-Known Member
Jan 24, 2005
474
0
166
Earth
cPanel Access Level
Website Owner
codegirl42 said:
he logs in as 'nobody'....is there a way to prevent this??
PhpSuexe will definately stop nobody but that does not mean that your may not get rooted again and it is not the solution to your problem. Since you have a script with nobody that says that it was uploaded on your server using a PHP code through browser. So you should get your cPanel updated as well as insert some tight mod_security rules that will minimize the threath from browser atleast.

Also you may face 500 errors on many php sites. You may find the solution by searching the forums.