You can alter a site's home page (or do more) with types of injection. :( This random article has pictures of an example:
http://www.technicalinfo.net/papers/CSS.html (See: Putting It All Together) So depending on the site's places of 'input' - (search boxes, comment boxes, even the address bar can be used) it is possible to inject code and potentially do whatever you want. Depending on the situation it may or may not be a security problem of the hosting company but could be a vulnerability in a specific site's code. Especially with PHP. PHP calendars, guestbooks, blogs, etc are constant targets. If this was an injection, and if you have access to the apache logs you can see what exact ip address made the injection, and such. Look for POST in the logs. A lot of times hackers will try again and again for several days (weeks) posting random scripts until they get it. So there can be a long track record recorded in the apache logs. On Tue, Jan 26, 2010 at 04:31, Hai Yi <[email protected]> wrote: > Gandalf: Thank you for the detailed explaination, I'll read it again. > I checked my pages, only index.html was replaced, what really upset me > is that now it's 48 hours after I sent the request to the ISP, still > no response; I can understand now hacking does happend and I can fix > the problem myself, but their services disappoint me. -- Scott _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
