 | |
Google media-partner bot used to hack my site
Search Engine Optimization Discussion about SEO/Search Engine Optimization (alt.internet.search-engines)
 |
| | Thread Tools | Display Modes |
#11
 
| |||
| |||
|
Re: Google media-partner bot used to hack my site -
01-20-2006
, 06:39 PM
|
Defacing is mostly done via a weak spot in a script AFAIK. |
I would second that. Also, most of the time it is NOT the admin interface
that gets abused but a rather obscure script that noone cared to update
for years. Your best bet would be to look for any script that writes to or
reads from the hard drive during its normal use anything that's taken
directly from CGI. This sort of script can be rather easily tricked into
executing a command. Also, check for the time of creation of newest files
that say "defaced" on your hard drive and only then analyze your log
because it will help to eliminate a lot of useless data for things that
happen long before the attack.
Good luck!
--
Cheers,
Dmitri
See Site Sig Below
-------------------------------------
--
##-----------------------------------------------##
Article posted with Web Developer's USENET Archive
http://www.1-script.com/forums
Web and RSS gateway to your favorite newsgroup -
alt.internet.search-engines - 21890 messages and counting!
##-----------------------------------------------##
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.