hacked again after all password is reset and files were cleaned

[serverzb]

ticket : CRV-98595-973

hacked again after all password is reset and files were cleaned

are you sure your system is secure?

we have asked client to clean up everything and still got injected

please help check logs ASAP

thanks

 

[Stephen]

'injection'? This term is nromaly used for database side attacks, and based on code not server in any way, not even FTP. It can be done without any passwords at all in fact if the SQL strings allow varchar and other means to communicate via string.

I've replied ticket with request for more info.

 

[serverzb]

my bad, maybe wrong term
their file is "defaced"

please check logs ASAP

 

[serverzb]

all infomation is on ticket, but your response to ticket always takes 3 hours..
please check it asap

 

[Stephen]

all infomation is on ticket, but your response to ticket always takes 3 hours..
please check it asap

it is already replied, but such issues as this will always take longer, as more work is needed than jsut a quick 1 min job

bah firefox did not accept my tab+enter to send reply, it is there now....

 

[Stephen]

pages were uploaded using websites upload tool and executed, details provided in ticket. Limited to only client site here, as expected. Different odd route this time, but valid one none the less, as said explained in ticket which type of file was used.