Penetration Testing mailing list archives

Hacked by aLpTurkTegin, help patching this hole

From: Mifa <mifa () stangercorp com>
Date: Tue, 20 May 2008 07:46:22 -0500

Our website was defaced by aLpTurkTegin.  We are running apache, php ect.  Does anyone know how this hacker is getting 
in and what I can do to prevent this?

Our main web directory had all but one file deleted and hackedIndex.php, a.asp(a 0 byte file) and trustscn_put_test2 
were placed into the main directory.  The fact that the webserver served hackedindex.php makes me think its a apache 
web server flaw.

Any comments, suggestions?
Thanks, -D

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Current thread:

Hacked by aLpTurkTegin, help patching this hole Mifa (May 21)
- Re: Hacked by aLpTurkTegin, help patching this hole Jay D. Dyson (May 22)
- Re: Hacked by aLpTurkTegin, help patching this hole Utmost Bastard (May 22)
- Re: Hacked by aLpTurkTegin, help patching this hole Morning Wood (May 22)
- Re: Hacked by aLpTurkTegin, help patching this hole Danux (May 22)
- Re: Hacked by aLpTurkTegin, help patching this hole yummy (May 26)