 |
Ian_W
User
Jan 26, 2006, 1:06 PM
Post #1 of 2
(2413 views)
Shortcut
|
|
Search exploited??
|
Can't Post
|
|
Hi,
Our search software folder was today expoloited. We had an about.php file written to the data folder, which allowed backdoor access to the site.
Is this a known issue?
We have deleted the search software for the time being.
|
|
| |
|
ross
Staff
/ Moderator
Jan 26, 2006, 2:53 PM
Post #2 of 2
(2410 views)
Shortcut
|
|
Re: [Ian_W] Search exploited??
[In reply to]
|
Can't Post
|
|
Hi Ian.
Thanks for posting!
I haven’t heard of anyone having exploited files as a result of Search Engine before but I obviously want to make sure we track down whatever is causing the problem.
Could I get a few more details from you though?
What is in the about.php file? Would you mind posting it or emailing it to me?
Also, I am curious what kind of exploit it was. Did someone run a search that let them view one of the data files? Or basically, how did it give them the access they got and what kind of access was it?
Did you server administrators run any security audits we could have a look at? That would be really helpful in tracking down what’s going on.
I look forward to hearing from you  .
-----------------------------------------------------------
Cheers,
Ross Fairbairn - Product Specialist
support@interactivetools.com
Hire me!
Save time by getting our experts to help with your project. Template changes, advanced features, full integration, whatever you need. Whether you need one hour or fifty, get it done fast with Priority Consulting.
|
|
| |
| | |
|
