1
Discussion & Troubleshooting / Intruder in my site...
« on: July 29, 2008, 08:25:47 AM »
Yesterday someone upload a file to my site, checking the source of the php file I can cheked that is something like a shell, I notice that something goes wrong when the pictures mark the error 404 and check by ftp and the files was in the folders, so i try to re upload the image and the system tell me that the extension its no permitted, so I went to the Control Panel and check the options and I saw that the extension options was changed to only permit to upload PHP files extension!!!
How did he do that!?!?!
I can believe that someone upload a file modifiying something in the upload code like a sql injection, BUT how did he changed the option to permit to upload php files!!!
is there something to prevent such kind of exploits?!?!?!?!?!
thanks for your help!!!
How did he do that!?!?!
I can believe that someone upload a file modifiying something in the upload code like a sql injection, BUT how did he changed the option to permit to upload php files!!!
is there something to prevent such kind of exploits?!?!?!?!?!
thanks for your help!!!