thomasdk81
Verified User
Hi,
My server got defaced(all index.* files where replaced with a hackers message) some time ago.
I got all the site up and running again, but there are still some index.* files left which aren't used but still deface.
I run this and I get a list of all the files that are defaced:
How do I delete the files found or better just clear the contents of the file.
Another issue I just got a notice about is that the links in PHP error messages, links to a defaced file. I don't know where these are stored and they aren't found by the cmd above.
Example:
The link is on the [function.require-once] part.
You can see and example here !!NOTICE THIS IS A DEFACED PAGE WITH POTENTIALLY BAD LINKS!! bifrost-terenas.dk/index2.php
My server got defaced(all index.* files where replaced with a hackers message) some time ago.
I got all the site up and running again, but there are still some index.* files left which aren't used but still deface.
I run this and I get a list of all the files that are defaced:
Code:
find . -name "index.*" | xargs grep 'OwNeD' -sl
How do I delete the files found or better just clear the contents of the file.
Another issue I just got a notice about is that the links in PHP error messages, links to a defaced file. I don't know where these are stored and they aren't found by the cmd above.
Example:
Code:
Warning: require_once() [function.require-once]: URL file-access is disabled in the server configuration
You can see and example here !!NOTICE THIS IS A DEFACED PAGE WITH POTENTIALLY BAD LINKS!! bifrost-terenas.dk/index2.php