Date: Tue, 22 Sep 2009 09:58:19 -0300 From: Leandro Quibem Magnabosco <leandro.magnabosco@fcdl-sc.org.br> To: Aflatoon Aflatooni <aaflatooni@yahoo.com>, freebsd-questions@freebsd.org Subject: Re: FreeBSD 6.3 installation hacked Message-ID: <4AB8C9EB.2050107@fcdl-sc.org.br> In-Reply-To: <684860.58563.qm@web56202.mail.re3.yahoo.com> References: <196554.24096.qm@web56207.mail.re3.yahoo.com> <4AB8C839.3000905@fcdl-sc.org.br> <684860.58563.qm@web56202.mail.re3.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Aflatoon Aflatooni escreveu: > I found a script in /tmp directory which could have been uploaded using php or Java. > How would they execute the code in /tmp directory? > > Thanks > > You can execute files from scripts or from apache itself when they are scripts. There are several programming/scripting languages that are accessible by web and those are the ones that an intruder will have to use to exploit some scenario like yours. Take some time to read this doc: http://www.dataloss.net/papers/how.defaced.apache.org.txt It is pretty interesting as, unfortunately, it suits the same scenario you, unintentionally, created for the hackers. Cheers, -- Leandro Quibem Magnabosco.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AB8C9EB.2050107>