wget-log???

  • miffo

    (@miffo)


    20 years, 7 months ago

    I’m running a Debian server with wordpress, and when I logged in on the server to prepare for upgrading to the latest version I noticed that there were two files that I haven’t seen before: wget-log and wget-log.1, The content of the first one is:

    –19:20:53– http://pupet.ayamkampus.org/exploits/bot.txt
    => `bot.txt’
    Resolving pupet.ayamkampus.org… 202.155.70.242
    Connecting to pupet.ayamkampus.org[202.155.70.242]:80… connected.
    HTTP request sent, awaiting response… 404 Not Found
    19:20:58 ERROR 404: Not Found.

    Is there any legit reason why these files exists in my installation? Does wordpress do anything that would result in these files or have I been hacked?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter miffo

    (@miffo)

    20 years, 7 months ago

    OK, it seems like I’ve been hacked. I found two new directories that contained the files ircBot.class.php and ircConf.class.php plus a connection log file. I’ve got a standard installation, does anyone have an idea for how I could have been hacked (so I know where to start looking …)

    skippy

    (@skippy)

    20 years, 7 months ago

    Which version of WordPress were you running?

    If you’re not using the latest 1.5.2 version, please upgrade.

    You may need to coordinate with your host to confirm that all of the compromised files are removed.

    Thread Starter miffo

    (@miffo)

    20 years, 7 months ago

    I was running 1.5.1.3 and it was when I was going to upgrade I noticed it. Looking at the dates it looks like they first appeard on saturday evening (my time).

    As I’m running my own server for this blog I need to find out if something more happened …

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘wget-log???’ is closed to new replies.