Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Luis Manson Posted January 31, 2013 Posted January 31, 2013 Just found this on cache/cat 7a8a823f8b7c.pHp ============================================================================== ========================= END =================================== ========================= /interface/blog/xmlrpc.php?sid=14eb97dd10564a7e7e42c90ca9aa66de& =================================== ==============================================================================
Luis Manson Posted January 31, 2013 Author Posted January 31, 2013 me neither, i tried to decode it, but i was not able to do it :S
AtariAge Posted February 1, 2013 Posted February 1, 2013 I just found a very similar file in my cache directory. ..Al
bfarber Posted February 1, 2013 Posted February 1, 2013 That looks like a leftover file from a previous exploit and should be removed. It is certainly not a file IP.Board utilizes.
AtariAge Posted February 1, 2013 Posted February 1, 2013 That looks like a leftover file from a previous exploit and should be removed. It is certainly not a file IP.Board utilizes. Oh, I removed it alright. With prejudice!
Dmacleo Posted February 1, 2013 Posted February 1, 2013 wold think anything using pHp (capitol H) would never be legit.
Luis Manson Posted February 1, 2013 Author Posted February 1, 2013 yesturday i had chmod 000 the file in the meanwhile
Rhett Posted February 2, 2013 Posted February 2, 2013 Here is an article you can use to help clean up your site if needed http://community.invisionpower.com/resources/guides.html/_/knowledge-base/how-to-clean-your-site-from-infection-r266
Recommended Posts
Archived
This topic is now archived and is closed to further replies.