Results 1 to 9 of 9
  1. #1

    Hacker files uploaded, can't figure out how they got there...

    any ideas how to trace them?

  2. #2
    Join Date
    Jan 2011

    Check ftp logs, apache logs and cpanel logs to find how it has been uploaded.
    " Your work is to discover your work and then with all your heart to give yourself to it. "

    That's the mark of a true professional !

  3. #3
    Join Date
    Aug 2008
    And update any scripts you have on the website. You might have something outdated.

  4. #4
    Join Date
    Aug 2005
    behind my screen
    do you permit file upload functionality on your website ? then the directory where those files are stored is a good place to look verry carefully also what's happend ? whas your site defaced ? or another "hack"

  5. #5
    Join Date
    Jul 2009
    Find the filenames etc and google them..

    The chances are you will find others with the same files and an explanation on how they got there.
    ( ie: a flaw in some software or a basic ftp hack.. )
    Live Chat Support Software for your Business website -

  6. #6
    thanks for the help!

  7. #7
    Join Date
    Mar 2009
    Miami, Florida
    Can you provide more information as to what type of files. Also can you advise what type of software you run (WordPress/Joomla, etc). Many off the shelf applications can be security nightmares if not secured properly.
    Keith I Myers The rantings of a lunatic
    Geek Survival Guide - Reviews and Advice for Geeks

  8. #8

    I had been have problem with this also.

    you said check ftp log, apache log and cpanel log.

    for example had beend hacked and upload exploited file.

    do you have specific command for the specific domain. to view ftp, apache, and cpanel log?

    your guide line is very useful for us.

    Best Regards,

  9. #9
    Join Date
    Jun 2011
    Hey ,

    You can find that by grepping the username against these files on the server to see last activity from the hacker user on the server

    grep <user> /var/log/messages
    grep <user> /usr/local/cpanel/logs/login_log

Similar Threads

  1. Malicious files uploaded
    By LP560 in forum Hosting Security and Technology
    Replies: 4
    Last Post: 08-25-2009, 12:31 AM
  2. Filter uploaded files
    By shasho in forum Hosting Security and Technology
    Replies: 1
    Last Post: 03-11-2008, 12:21 AM
  3. Uploaded files don't appear?
    By Mechromancer in forum Hosting Software and Control Panels
    Replies: 8
    Last Post: 01-14-2007, 06:56 PM
  4. FTP ISSUE: files uploaded "not uploaded", disconnect
    By wheimeng in forum Hosting Security and Technology
    Replies: 6
    Last Post: 10-13-2005, 06:55 PM
  5. Uploaded files are owned by root
    By durandel in forum Hosting Security and Technology
    Replies: 9
    Last Post: 05-29-2002, 08:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts