[wp-testers] c99shell.php and uploading php files
Reaper X
reaper at reaper-x.com
Fri Nov 3 06:29:52 GMT 2006
Im interested on hearing how your site got hacked, maybe you could post
a log files of what the hacker do to your site ? If it's for me i've
been recently attacked too fortunately the attack was not success.
Because they (the hackers located from turkey telecom) think i run
Joomla, Mambo on my site and try to do some remote file inclusion
attack. Btw did you run other CMS / Forum software on your site ? i mean
other than wordpress of course. And sorry for my bad english :-)
--
Reaper-X
Rick Beckman wrote:
> Using 2.0.5, I have had my whole hosting account wiped out twice via a
> user
> being able to upload a script (commonly called c99shell.php) which is
> able
> to do a number of malicious things. From what I have seen online via a
> few
> Google searches, users are able to upload via the File Upload in the
> Wordpress admin without logging in. However, I also noticed in my logs
> that
> the user was toying around in the Wordpress theme editor, but I have
> no idea
> what he was doing. And passwords were all changed between the site
> defacings.
>
> So, I'm just writing to confirm whether or not such a thing is
> possible (i.e.,
> could WordPress be to blame?) and is there a way to forbid the
> uploading of
> php files?
>
> --
> Rick Beckman
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>
More information about the wp-testers
mailing list