SixPapaCharlie
Member
So I have a handful of websites for various things.
2 of them have upload features.
Seems someone uploaded something to one of my sites on the 18th.
I just caught it yesterday evening.
There were 4 new folders on my site all containing jpeg images.
All were identified as invalid jpeg. I tried opening them with scripting tools but it was all encrypted.
I have no idea what they were doing but they crippled the site and I lost all permissions to do anything through FTP. I can't read, write, change permissions.
I pulled the logs and there was a ton of data going through on the 18th
scripts being uploaded. Several references to robots and spiders but this does not seem automated. There were multiple uploaded files and folders.
I have removed the site and domain, and am still unable to do anything via FTP even to files / folders I created months ago.
The site itself is not important but I use scripts that are not a part of the actual website as a 3rd party for handling some important transactions for my business.
That seems intact but I am recreating that functionality elsewhere.
In 15 years of building websites, I have never been hacked and I don't think i have gotten a computer virus in that amount of time either.
I will post the logs if anyone is interested. I know some of you are off the charts smart at IT stuff.
If you allow a visitor to upload a file, how can you prevent them from doing harm and what is it they are able to do? I restrict file type and I change the name of the file in the upload process and I generate the folder where it will be uploaded.
What could someone have done with a fake jpeg file?
2 of them have upload features.
Seems someone uploaded something to one of my sites on the 18th.
I just caught it yesterday evening.
There were 4 new folders on my site all containing jpeg images.
All were identified as invalid jpeg. I tried opening them with scripting tools but it was all encrypted.
I have no idea what they were doing but they crippled the site and I lost all permissions to do anything through FTP. I can't read, write, change permissions.
I pulled the logs and there was a ton of data going through on the 18th
scripts being uploaded. Several references to robots and spiders but this does not seem automated. There were multiple uploaded files and folders.
I have removed the site and domain, and am still unable to do anything via FTP even to files / folders I created months ago.
The site itself is not important but I use scripts that are not a part of the actual website as a 3rd party for handling some important transactions for my business.
That seems intact but I am recreating that functionality elsewhere.
In 15 years of building websites, I have never been hacked and I don't think i have gotten a computer virus in that amount of time either.
I will post the logs if anyone is interested. I know some of you are off the charts smart at IT stuff.
If you allow a visitor to upload a file, how can you prevent them from doing harm and what is it they are able to do? I restrict file type and I change the name of the file in the upload process and I generate the folder where it will be uploaded.
What could someone have done with a fake jpeg file?