|
That script lets someone run commands on your
server - any commands they want.
Take careful note of the timestamps on that file.
Download it.
Delete it.
Notify your host/admin right away, letting them know the
file timestamps so that they can look in the logs to
see what happened around the time that file got created.
Pray that your host/admin had CGI running as unprivileged
user and not as your username.
If you don't have a good admin, get one now. A very good one.
Someone had to hack your site (or be given FTP access)
in order to put that script there. You'll need to figure
out how they did it. Apache and FTP logs will show FTP logins
and which existing scripts were hit around the time
that script was created. You'll need to secure that
so they don't do it again.
Probably, they also used that script
to create more security
holes you'll need to find and patch.
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids
|