Thanks David. I did some reading already as Sheila suggested, and found one vulnerability that I sent on to my host. This stuff twists my stomach, but I guess is "learning the hard way"...
steve On Jun 17, 2008, at 3:54 PM, David Precious wrote: > steve miller wrote: >> Wow.... >> Thanks Sheila. >> This script was loaded into many directories, some of which did >> not start out writeable. Could someone have changed all my >> permissions > > and then insert this? > > I suspect the directories were writable as the user the webserver > runs as, and a vulnerability in one of your scripts was exploited > to get the file on the server. > >> What kind of hidden links should I look for, and what might they do? > > Most likely commented-out blocks of links to dodgy places, do a > view source on your pages and look for anything that shouldn't be > there. > > Also, they might have created a .htaccess file which causes non- > existent URLs to be handled by passing them to a script they've > uploaded. > > Have a read of the discussion on the URL Sheila posted, and do some > Googling yourself for rssnews.ws, that should give you a good idea > of what to look for. > > Cheers > > Dave P > > > > ____ • The WDVL Discussion List from WDVL.COM • ____ > To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] > dl.sparklist.com or > use the web interface http://e-newsletters.internet.com/ > discussionlists.html/ > Send Your Posts To: [email protected] > To change subscription settings, add a password or view the web > interface: > http://intm-dl.sparklist.com/read/?forum=wdvltalk > > ________________ http://www.wdvl.com _______________________ > > You are currently subscribed to wdvltalk as: [EMAIL PROTECTED] > To unsubscribe send a blank email to > [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > ____ • The WDVL Discussion List from WDVL.COM • ____ To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] or use the web interface http://e-newsletters.internet.com/discussionlists.html/ Send Your Posts To: [email protected] To change subscription settings, add a password or view the web interface: http://intm-dl.sparklist.com/read/?forum=wdvltalk ________________ http://www.wdvl.com _______________________ You are currently subscribed to wdvltalk as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
