-
February 22nd, 2008, 02:40 AM
#1
Member
Waktu IRC bot was installed on our server
Hi,
One of our clients servers was hacked overnight (it appears through a vulnerability in the Sphider script we used) and a "Hacked By kangkung Indonesian Hacker" placed on the front page + a copy in "/Sphider/" along with a couple of IRC bot scripts.
I found two references to on Google as "Waktu Bot" by searching for strings from the source but nothing else.
It was only up for about 12 hours thankfully and nothing else in the site seems to have been touched, but we've pulled the site down anyway for now while we do a more thorough check.
Has anyone else had dealings with this script or been defaced by this Skiddie?
Addendum : Found in another directory which was only protected by .htpasswd that they'd uploaded an "eggdrop" script - not something I'd heard of until now. More bots - fun, fun...
Cheers,
Niggles
Last edited by niggles; February 22nd, 2008 at 03:09 AM.
Reason: Changing title...
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By elfguy in forum General Computer Discussions
Replies: 17
Last Post: July 7th, 2005, 01:34 AM
-
By MicroBurn in forum Other Tutorials Forum
Replies: 1
Last Post: March 2nd, 2005, 04:31 PM
-
By gore in forum Operating Systems
Replies: 2
Last Post: February 25th, 2005, 08:12 AM
-
By Lansing_Banda in forum Network Security Discussions
Replies: 2
Last Post: October 5th, 2003, 02:14 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|