FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Unable to CHMOD - related domainstat hack





eznet
I have been attempting (without success) to remove the malicious hijack code from my files on server 2. I am experiencing the problem of not being able to CHMOD the files to 777. Whether I use my FTP client, windows explorer built in FTP or the file browser in directAdmin I am denied permission to change the files. I experienced this problem before the attack when attempting to delete directories and such that were registered with the gid Apache. Before I was able to use PHPShell to CHMOD the files I needed for deletion but now (i assume because of the variable changes) PHPShell no longer works outside of its directory.

Can someone please let me know details on how to go about changing these setting when the server says that I do not have the permission to do so. I would also be willing to read on the subject for myself but many fruitless seaches on google have lead me to ask, directly, here at FriHost. I think that this information will benefit not only me but the FriHost community as a whole, as I have seen roughly this same question asked many times before. So if someone would please tutor me (or do a tutorial write-up) on the subject of the issue it would be greatly appriciated! Just a gentle shove in the right direction would surfice.

Thanks in advance.

EzNet - Infected Smile
wumingsden
eznet wrote:
I have been attempting (without success) to remove the malicious hijack code from my files on server 2. I am experiencing the problem of not being able to CHMOD the files to 777. Whether I use my FTP client, windows explorer built in FTP or the file browser in directAdmin I am denied permission to change the files. I experienced this problem before the attack when attempting to delete directories and such that were registered with the gid Apache. Before I was able to use PHPShell to CHMOD the files I needed for deletion but now (i assume because of the variable changes) PHPShell no longer works outside of its directory.

Can someone please let me know details on how to go about changing these setting when the server says that I do not have the permission to do so. I would also be willing to read on the subject for myself but many fruitless seaches on google have lead me to ask, directly, here at FriHost. I think that this information will benefit not only me but the FriHost community as a whole, as I have seen roughly this same question asked many times before. So if someone would please tutor me (or do a tutorial write-up) on the subject of the issue it would be greatly appriciated! Just a gentle shove in the right direction would surfice.

Thanks in advance.

EzNet - Infected Smile


Only Bondings will be able to CHMOD/delete/edit the files owner by "Apache". Is it a SMF forum by any chance ?
eznet
I don't know anything of SMF. I guess it is a CMS of sorts. The affected site is running on Joomla. See I have many of my files that are linked to Apache and joomla was not the only one to do this. I think that e107 and Drupal did the same thing (GID Apache) as well.
eznet
Update:

Thanks to n0xvb I have at least been able to work around this issue until I can redo the whole site.

The details of how to work around this who GID Apache issue by n0xvb are at:

http://www.frihost.com/forums/viewtopic.php?t=14867&highlight=change+gid+apache

Be careful to anyone who goes this route though, you can really mess up your site with this tech. not to mention, the best I can tell this can not really be used as a fix, just a patch until you can get the directories deleted and the recopied. When you get done you will have less than ideal permission settings on many of you files (and it takes along time to get them sorted out directory by directory - since you arent apache and they are still under gid apache).

Good Luck.
Bondings
I "chowned" all the directories/files in your account to your username now. I hope this will help a bit. This will/should be done daily from now on for your account.

Quote:
Before I was able to use PHPShell to CHMOD the files I needed for deletion but now (i assume because of the variable changes) PHPShell no longer works outside of its directory.

I tried to disable this to prevent these kind of attacks and it seems to be working. The problem is that directories chmodded to 777 are normally writable to the whole server.
Related topics
script backup database
Top 100 Graphic Related Ranking Directory!
Sued for Spam
CHMOD Tutorial
Chatroom
Unable to log in to cpanel or via ftp
How To : Secure Your PHP Website
.hack//
MyBB and CHMOD with myAdmin
Websites hacked/defaced on Server 2
Wurm/Hacker
chmod /tmp folder - permissions 777????
Database Error: Unable to connect to the database HELP
Have you been hacked or do you like to hack?
This topic is locked: you cannot edit posts or make replies.    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.