Who is getting security.php ???? CHECK YOUR SITES! IT can hurt SEO - GoFuckYourself.com

lakerslive · 08-15-2016, 10:07 AM

For those using hostgator, who here has security.php installed across network?

I have 3 different accounts on hostgator, and they all have security.php added on every account..some kinda backdoor.

i tested it by going to domain.com/security.php and saw a "password form.

(Note: my sites are NOT connected in any way and i'm using 3 different billing info)

NatalieK · 08-15-2016, 10:40 AM

used to be with hostgator, personally recommend adult-hosting.com

good luck with your security problems on your php

freecartoonporn · 08-16-2016, 06:26 AM

log in using ftp and copy paste the source of security.php here

lakerslive · 08-16-2016, 07:22 AM

When i open the php code, its all encrypted

AdultKing · 08-16-2016, 07:26 AM

VBulletin doesn't support emojis.

*clap* Dont *clap* use *clap* Hostgator

Relic · 08-16-2016, 07:26 AM

Quote:

Originally Posted by lakerslive

When i open the php code, its all encrypted

Post it anyway and in code tags please.

Horatio Caine · 08-16-2016, 07:33 AM

Quote:

Originally Posted by lakerslive

When i open the php code, its all encrypted

It's a shell script

deonbell · 08-16-2016, 11:14 AM

Most times code is base64 encode. You can decode if you wants if just base64. But Horatio is write, 99% It a shellcode.

Are all sites on same server? Shared hosting?
Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server
If nots maybe all you sites have same hole.

Whats your sites runnings? If wordpress make sures all is updated. If some bad php somewheres or old imagemagick could allow remote code exectuions and allows persons to upload shells.

Maybe nots your faults if on shared hosting.

Maybe other gfy guys can helps that knows mores than me (I expert in onlys blogspots). if he set permissions to 555, woulds that helps?

brassmonkey · 08-16-2016, 11:20 AM

what script are u runnin? i don't have them

freecartoonporn · 08-17-2016, 06:16 AM

It's a shell script

lakerslive · 08-22-2016, 08:11 AM

when i open in dreamweaver, it looks like <?php $rx350q7 = .....

when i googled this, i saw it on one site.. thats about it

08-15-2016, 10:07 AM	#1
lakerslive Confirmed User Industry Role: Join Date: Aug 2012 Posts: 929	Who is getting security.php ???? CHECK YOUR SITES! IT can hurt SEO For those using hostgator, who here has security.php installed across network? I have 3 different accounts on hostgator, and they all have security.php added on every account..some kinda backdoor. i tested it by going to domain.com/security.php and saw a "password form. (Note: my sites are NOT connected in any way and i'm using 3 different billing info)

08-15-2016, 10:40 AM	#2
NatalieK Natalie K Industry Role: Join Date: Apr 2010 Location: Spain Posts: 19,050	used to be with hostgator, personally recommend adult-hosting.com good luck with your security problems on your php __________________ My official site NatalieK.xxx My free porn & affiliate blog Natalie K affiliate program First time girls Skype: gspotproductions - "Converting traffic into income since 2005"

08-16-2016, 06:26 AM	#3
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	log in using ftp and copy paste the source of security.php here __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

08-16-2016, 11:14 AM	#8
deonbell Confirmed User Industry Role: Join Date: Sep 2015 Posts: 1,045	Most times code is base64 encode. You can decode if you wants if just base64. But Horatio is write, 99% It a shellcode. Are all sites on same server? Shared hosting? Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server If nots maybe all you sites have same hole. Whats your sites runnings? If wordpress make sures all is updated. If some bad php somewheres or old imagemagick could allow remote code exectuions and allows persons to upload shells. Maybe nots your faults if on shared hosting. Maybe other gfy guys can helps that knows mores than me (I expert in onlys blogspots). if he set permissions to 555, woulds that helps? __________________ Fake Naked Celebrity Sex Gallery

08-16-2016, 11:20 AM	#9
brassmonkey Pay It Forward Industry Role: Join Date: Sep 2005 Location: Yo Mama House Posts: 76,899	what script are u runnin? i don't have them __________________ TRUMP 2025 KEKAW!!! - Support The Laken Riley Act!!! END DACA - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

08-16-2016, 07:22 AM	#4
lakerslive Confirmed User Industry Role: Join Date: Aug 2012 Posts: 929	When i open the php code, its all encrypted

08-16-2016, 07:26 AM	#5
AdultKing Raise Your Weapon Industry Role: Join Date: Jun 2003 Location: Outback Australia Posts: 15,605	VBulletin doesn't support emojis. clap Dont clap use clap Hostgator

08-17-2016, 06:16 AM	#10
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	It's a shell script __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

08-22-2016, 08:11 AM	#11
lakerslive Confirmed User Industry Role: Join Date: Aug 2012 Posts: 929	when i open in dreamweaver, it looks like <?php $rx350q7 = ..... when i googled this, i saw it on one site.. thats about it