Skip to main content

Found Script That Can Open other User home directory

Comments

13 comments

  • hrace009
    Bellow i attached some screen for cPanel team to investigate it: - Removed - This script can open your main root directory /
    0
  • Infopro
    No need to post the script or screenshots, these sorts of scripts have been around forever. You might consider this script by ConfigServer for assistance with preventing this sort of thing from being uploaded to your server: ConfigServer eXploit Scanner (cxs) There are others as well.
    0
  • hrace009
    No need to post the script or screenshots, these sorts of scripts have been around forever. You might consider this script by ConfigServer for assistance with preventing this sort of thing from being uploaded to your server: ConfigServer eXploit Scanner (cxs) There are others as well.

    Okay, thanks for your information, is there other alternative than cxs that comes for free?
    0
  • Infopro
    Yes, but I don't have any additional links to share, I swear by this one. Worth every penny.
    0
  • hrace009
    Yes, but I don't have any additional links to share, I swear by this one. Worth every penny.

    yes i know it worth, but this with my office, throw out money was easy by them, but to take it out, need time, around 1 month or a year. Well you know that was Office Administration. And meanwhile i can't wait for that long.
    0
  • Infopro
    YMMV: Linux Malware Detect - R-fx Networks
    0
  • hrace009
    YMMV: Linux Malware Detect - R-fx Networks

    Hi thanks, i have use and configure it. but seems not work for that script. since when i try to run that script, it keep open
    0
  • Infopro
    First, remove that script from your server, stop running it. Those scripts phone home. Second, change your passwords. No telling what you've already sent by running the script (read: opened it on your server). Third, find the 60 bucks to get the other script I suggested, whats your server worth to you?? And finally, if you need additional security assistance and are not sure what to do, you should hire a professional: System Administration Services | cPanel Forums
    0
  • cPanelMichael
    Hello, You may also find the following documents helpful, especially if the script you are referring to takes advantage of symbolic links: Symlink Race Condition Protection - EasyApache - cPanel Documentation How to Harden Your cPanel System's Kernel - cPanel Knowledge Base - cPanel Documentation Security - cPanel Knowledge Base - cPanel Documentation Thank you.
    0
  • hrace009
    Hello, You may also find the following documents helpful, especially if the script you are referring to takes advantage of symbolic links:
    0
  • weetabix
    Also, I would suggest you install and configure Cloudlinux for some extra security.
    0
  • hrace009
    Also, I would suggest you install and configure Cloudlinux for some extra security.

    hi thanks for your sugestion, i will think about it
    0
  • torrent4all
    Also, I would suggest you install and configure Cloudlinux for some extra security.

    Cloudlinux is good option, but security is depending on your configurations :D
    0

Please sign in to leave a comment.