cyberneticos
Verified User
Hi guys,
One of our shared servers got hacked ENTIRELY. Any file that contains index, got replaced with thier hacked html code.
We use CSF, mod_security, use a different ssh port than 22, and just a bunch of other ****, and seems like they got through.
It's hard to belive they got in via root, but somehow they got root access, cuase what they did could only be done by root.
All pages showed this :
OUR BOX
HACKED BY C - H TEAM !
*hA rD_hAE rZ & C
mOs_CLR
*[ DEF ACERS
ALGE RIA ]
*WW W.SE C4EVER.CO M
(I put some spaces in there so we don't attract these folks to this thread)
Anyone dealt with this before ? Know how they "deface" a server ? Any recomendations ?
One of our shared servers got hacked ENTIRELY. Any file that contains index, got replaced with thier hacked html code.
We use CSF, mod_security, use a different ssh port than 22, and just a bunch of other ****, and seems like they got through.
It's hard to belive they got in via root, but somehow they got root access, cuase what they did could only be done by root.
All pages showed this :
OUR BOX
HACKED BY C - H TEAM !
*hA rD_hAE rZ & C
mOs_CLR
*[ DEF ACERS
ALGE RIA ]
*WW W.SE C4EVER.CO M
(I put some spaces in there so we don't attract these folks to this thread)
Anyone dealt with this before ? Know how they "deface" a server ? Any recomendations ?
Last edited: