The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

sh -r --cpanel-conf ?? + Help, injected files!

Discussion in 'Security' started by jeroman8, Jan 19, 2009.

  1. jeroman8

    jeroman8 Well-Known Member

    Mar 14, 2003
    Likes Received:
    Trophy Points:
    Anyone know what this is for command:

    sh -r --cpanel-conf

    Listed under CPU usage.

    I'm looking for the source of a hack.
    2 serverns today was exploited - all users with folders 777 and files 666
    was injected with a code.

    Any good ideas on how to find the source - how they did it (?) ?

    I thought it would take som CPU power so I checked there and both
    servers has that command - no other servers.
    But I did reinstall clamd, if that could be it.


Share This Page