How i can secure against this type of script

[alvarogtc]

Sorry if its in a wrong section, today i got surprised 1 acount in my reseller acount had a script like a shell script, thats works like a mini-cpanel, give acess to up, down, delete files and more... so somebody know how i can block this type of acess, since i dont know how he have uploaded the file to the server?? its what i m find now, but i remember about see something about block shell acess and other class of hackers atemp.

I have attached the file in txt format, becuz if u rename to .php its alert antivirus against trojan virus.

[cleanxhost]

For me that file that is in .txt gives me a virus alert!

[alvarogtc]

i now dude, but for sure, up to a acount in public_html or another folder then rename to something.php like j.php and go www.ursite.com/j.php u gonna see its a shell script --- my reseller acount is brhost.info u can check, its hosted in hostgator, i m not a hacker or something, i just want a answer for this.... yo vejo q oste es de espana, yo soy brasileno...

[cleanxhost]

Quote:

Originally Posted by cleanxhost

For me that file that is in .txt gives me a virus alert!

and my computer now is not happy and really playing up...I think that she needs a reboot after trying to open that .txt file......

[alvarogtc]

go there [removed] i have uploaded the file in this host, but plz dont do nothing just for check..

[cleanxhost]

No thanx! Not after what it did to my computer 10 minutes ago!

[quietFinn]

It's a phpshell script, kind of hacker's toolbox.

It should not harm your PC if you try to download it in a text file, especially if your antivirus blocks it (my McAfee did).

[alvarogtc]

yeah its shell script, my question is how i can block acess like this since i cant found how he uploaded this to the server.... maybe if i use a .hataccess file or only the hosting can do something???

[cleanxhost]

My question is...
Do you really want a client like this who uploads this kind of stuff to your server?

[alvarogtc]

for sure, its not my customer, why he was upload this, then make a backup of all files and download it, since he have total acess to ftp and cpanel.. its a hacker.. i still try to find how he have uploaded, but cant, i am waiting hostgator suport with log acess to check.

Considering the nature of your problem, you'll need to contact security@hostgator.com to get help, not via the peer support forums.

[alvarogtc]

Quote:

Originally Posted by GatorDrewH

Considering the nature of your problem, you'll need to contact security@hostgator.com to get help, not via the peer support forums.

I know Sr, and i did, but since i dont get any reply, i though about put it in a forum, and see members opinions.....

[riostyles]

Seems interesting,
Since the time everybody searches for to give separate cpanel access, the clean part can be a base.

[alvarogtc]

Quote:

Originally Posted by riostyles

Seems interesting,
Since the time everybody searches for to give separate cpanel access, the clean part can be a base.

Poise ate agora, nao sei como ele upou no server, e nao descobri como bloquear, com hataccess nao sei se daria...


I m still find a solution to block shell acess, i think only hostgator can do it for me.

[Sergio]

If you were in a dedicated I would recommend you to use a script that works really nice in my server. It is called Upload Guardian.

You can define any type of script that you want to block for any upload. So, it always check what is uploading to the server and if it has some of the scripts defined it will delete the file and alert you of the upload.

I am really happy with this script.

But this script can not be installed in a reseller account, sorry.

By the way, can you post only the first one or two lines of that script that you got? I will like to check that against my upload guardian script if you don't mind.

Obrigado.