Hacker, go away

Looks like the so-called hacking “attempt” on my site a few days ago was successful after all. I thought I had pulled the plug on the hacker by removing the PHP-infested comments they had posted, but it looks like the damage was done as soon as they posted the comment. By posting comments with certain PHP-commands, they were able to upload PHP Shell, a tool you can use to execute commands on a remote web server, even if you can’t have normal telnet-access. Bad.

Anyways, it’s now time for some damage control. All passwords will be changed, PHP Shell will be deleted - that’s a shock. In this process, the site might become a little unstable and throw all kinds of error messages at you.

Thanks to JW for informing me about the successful hack and bradc for issuing a fix. If you are using Greymatter, have a look and close the hole.


Feedback

This post has no feedback yet.

Do you have any thoughts you want to share? A question, maybe? Or is something in this post just plainly wrong? Then please send an e-mail to vegard at vegard dot net with your input. You can also use any of the other points of contact listed on the About page.


Caution

It looks like you're using Google's Chrome browser, which records everything you do on the internet. Personally identifiable and sensitive information about you is then sold to the highest bidder, making you a part of surveillance capitalism.

The Contra Chrome comic explains why this is bad, and why you should use another browser.