dcsimg
www.webdeveloper.com
Results 1 to 3 of 3

Thread: Website hacked

Hybrid View

  1. #1
    Join Date
    Sep 2006
    Posts
    655

    Question Website hacked

    Hi

    One of my friend's website has been hacked. He runs his website on a linux server.

    The hacker has managed to overwrite his index.html file only, leaving other files intact. His password consist of 25 characters with alphanumeric and symbols so its not possible to crack his password hypothetically. Even though it was, the hacker would have deleted all his files or could have done more damage to his account.

    So, I was wondering if anyone of you have any idea on:

    1) How did the hacker replace the index file without knowing the password?

    2) What measures can my friend take so that this does not happen in future?


    Many thanks in advance.


    Screenshot:
    http://img405.imageshack.us/img405/1...sitehacked.jpg

  2. #2
    Join Date
    Aug 2010
    Posts
    58
    if he uses a .htaccess file the hacker could have replaced the directoryindex by that

  3. #3
    Join Date
    Oct 2007
    Location
    Western Massachusetts, USA
    Posts
    387
    Chances are, the "hacker" used a known exploit in your web server or other technology version, injecting his own code to do whatever he wanted. It could have been a compromise to the OS, Apache (if that is what you are using), or any other executable running on the OS with an active network connection. I would recommend checking for updates and if you can, scan for any unknown connections to the server and close them, as it might be remove access via the "hacker".

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles