 |
|
|
|
|
|
|
|
|
2006-06-19, 10:37 AM
|
#2 |
|
a.k.a. Sparky
Join Date: Sep 2004
Location: West Palm Beach, FL, USA
Posts: 2,396
|
that particular exploit is uploaded through FTP. Your FTP account has been compromised.
Change your FTP password, remove the script at the bottom of the page that runs the iframe: [code=trojan stuff on your pages] <script language="JavaScript"> e = '0x00' + '22';str1 = "%99%C1%CA% blah blah blah </script> [/code] You might have your host run a check to see what other files were modified at the same time. Pattern to look for is: Login, Get File, Put File, Get File, Put File, Logout usually no failed password attempts. Sources for your password leak: People that have installed software for you in the past, anyone that has had FTP access to your machine, possibly any keylogger on your system. When you give out passwords to people to install software or fix something on your site, set a temporary password, let them do the work, reset the password when they are done. Don't use the same password everywhere. Tommy keeps a black book of his passwords for each different site and sponsor login so that any one that is compromised won't be a security problem for other sites.
__________________
SnapReplay.com a different way to share photos - iPhone & Android |
|
|
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Threaded Mode