Countering phpbb viewtopic and other php exploits

Hi all

Nice to be back after almost a year!

The recent phpBB viewtopic.php exploit is spreading like a wildfire.. If you have not or if your control panel is not yet ready for upgrade, do this as a fix:

log in ssh as root

chmod 700 /usr/bin/wget
chmod 700 /bin/sh
chmod 700 /usr/bin/gcc

remove all the hackerware in /tmp, /var/tmp, /dev/shm and /var/spool/vbox

check the timestamp of /sbin/init

ll /sbin/init

If it is not modified, reboot the server and your load should come down to normal levels

 

 

 

 

Top