Hacking Attempt [Beginner's Corner] - XOOPS Web Application System

1

Hacking Attempt

2008/10/16 7:28
xsell
Quite a regular
Posts: 245
Since: 2008/9/2 1

Hello

My protector Cought Someone try's to upload A php file.

My question how did this Guy even tried .. i dont have any uploading Module , i disabled every option that allows uploading files .

Xoops 2.3.1
protector 3.20
system
tinyd
x_movie

.. the x_movie uploading Option disabled for every one , only for the webmaster enabled ..

so where he might found way to try uploading ..

i need to delete every file that allows upload files ..
any advise ...

2

Re: Hacking Attempt

2008/10/16 7:46
Anonymous
Posts: 0
Since:

Quote:

xsell wrote:

My protector Cought Someone try's to upload A php file.

Firstly, that's the good news.

When you say "upload a php file" do you have a clue as to which module was used (if any)?

What does Protector's "Protect Centre" say?

You need to look at your server logs for the time in question and go from there. Where was it being uploaded to (which folder)?

Also, looking at the list of modules you have, it might be that its a server security issue rather than a XOOPS module issue.

3

Re: Hacking Attempt

2008/10/16 19:08
xsell
Quite a regular
Posts: 245
Since: 2008/9/2 1

Thx ..

the Logs Not much of help . and protector just gives the file name but not where .

its Ok , i deleted every single files in my site says Upload.php or uploader.php .. i well put them back when i need them .. that safer for me

4

Re: Hacking Attempt

2008/10/16 23:03
ghia
Community Support Member
Posts: 4953
Since: 2008/7/3 1

Quote:

the Logs Not much of help . and protector just gives the file name but not where .

You have to match the dates in both. Then in the Apache log you can do further lookup and follow the trail by IP number and/or browser signature.
Quote:

i deleted every single files in my site says Upload.php or uploader.php

That's very radical, but mosttimes other ways are used to compromise the server.

The art of asking questions.

5

Re: Hacking Attempt

2008/10/17 16:56
xsell
Quite a regular
Posts: 245
Since: 2008/9/2 1

Safe better than sorry

6

Re: Hacking Attempt

2008/10/17 18:45
Anonymous
Posts: 0
Since:

Quote:

xsell wrote:

Safe better than sorry

I'm with Ghia - sounds a bit hasty to me

Protector caught the attempted upload and it may have been a one-off.

But it's your site so who are we to comment

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Hacking Attempt

Re: Hacking Attempt

Re: Hacking Attempt

Re: Hacking Attempt

Re: Hacking Attempt

Re: Hacking Attempt

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}