|
|||||||||
|
|||||||||
|
|||||||||
 |
|||||||||
| |
||
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
|
|||||||||
| |
||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
ASP Free Forums Sponsor:
|
|
|
|
#1
September 13th, 2006, 08:16 AM
|
|||
|
|||
|
Need Help With Hacking
Hi,
I have a problem. My website is being hacked using some sort of hacking kit. There are a few ASP files being uploaded to my images folder(not sure how) and then they can be opened and view all my files on my site. These files can be editted/deleted/uploaded/downloaded etc. The files are named: swart.asp cyberspy.asp r57.asp and a few more. The passwords for my site are kept secure, are long and contain numbers and letters etc and have never been given out. How are these files being uploaded without this information? Hope you can help  Many thanks Joe
|
|
#2
September 13th, 2006, 02:36 PM
|
||||
|
||||
|
PM me the link to your site and I can do some testing on it to determine what vulerabilities your site might have.
|
|
#3
September 13th, 2006, 02:37 PM
|
|||
|
|||
|
Quote:
Sounds as though they may have used brute force to break your ftp password - I know you said it was alphanumeric but even then that doesn't make it totally secure plus they may have broke the administrators account for your domain. You need to lock down your site - password protect folders, if you have complete control of the server then in IIS there is a ftp manager where you can only allow ftp access from your IP.
|
|
#4
September 14th, 2006, 05:30 AM
|
||||
|
||||
|
if you have page where you allow visitors/users to upload stuff, probably
they're using this page. you must check the uploaded files before saving them to disk!
|
|
| Viewing: ASP Free Forums > Other > ASP Free Lounge > Need Help With Hacking |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
