What's this file?

**lovecraft22** · 09-16-2011 06:49 AM

This one:
vbseo_sitemap/data/hits/files.php

SOmeone told me it may be a malicious file, I would just like to make sure it is not.

Also, which should be the permission setting for that folder?

Thank you.

**lovecraft22** · 09-16-2011 07:58 AM

Sorry, wrong section… I reposted it here:
What's this file?

This one can be deleted if you want.

Thank you

**Oleg Ignatiuk** · 09-16-2011 08:06 AM

Hello,

the file is not a part of vBSEO Sitemap Generator package, I would remove it asap.

Also, which should be the permission setting for that folder?

Permissions are set to 0777 for that folder by default, but there must be an .htaccess file in data/ folder that prevents direct access to any file there.

**lovecraft22** · 09-16-2011 08:08 AM

Thank you. What about the permissions for that folder? I think now is 777…

**Oleg Ignatiuk** · 09-16-2011 08:15 AM

Just edited my post above with reply to that.

**lovecraft22** · 09-16-2011 08:18 AM

Thank you.
What do you think this file was doing there?

**Oleg Ignatiuk** · 09-16-2011 09:06 AM

Hello,

this looks like a hack attempt. If you are on shared server, possibly it was added from another account (folder is writable), but since http access to that folder is disallowed, it shouldn't have worked. You can check your access logs if there were any requests to that files.php URL though.

**lovecraft22** · 09-16-2011 10:56 AM

Can you understand what that that file was supposed to do?

**Oleg Ignatiuk** · 09-16-2011 10:59 AM

It looks like a "backdoor" script allowing to view files on server and/or run arbitrary code *if there would be open access to it*.

What's this file?

LinkBack

Thread Tools

Display

What's this file?

Similar Threads

Css file

Rewrite root/subfolder/file.php to root/file.php

possible PSD of this file

CSS in file

Posting Permissions