|
|
|
|
|
|
by rawb92
4431 days ago
|
|
|
I just wanted to chip in here. Our website and 2 of our client websites have been compromised like this in the last couple of weeks and they are all across different hosting providers (Zen Hosting and Unlimited Web hosting) http://pastebin.com/PkJFTeGs Here is a link to the code we found injected into the index page on our FTP and my attempt at decoding it.. interestingly enough it does relay to javaterm.com as the authors comprimsed site does as well.. We are fairly certain it wasn't achieved through our code as one of the sites is literally 6-7 pages of static html content. From what we can tell it only ever effects the index page in the root of a servers FTP. In my case all of the shells were deleted(Looking from the FTP logs there were 2-3 uploaded all with different names) |
|
|