List ,
https://pastebin.com/YspPiWif
One of our PHP website hacked on 3rd july 2022. I am attaching the httpd
access files contents in the above pastebin. I hide the original URL of
the website due to a SLA policy.
Can anybody point out from the logs what exactly made the attacker able to
bring the site down..
Has he used this php site for attacking ?
Any other logs or command line outputs needed let me know. I will share
the required files. I am new to this area of forensic analysis to find
out the root cause of the attack .
Kindly shed some tips to find out where the vulnerability is and how to
prevent it in future.
Any more inputs/details required keep me informed, I can share those too.
Regards,
Krish
https://pastebin.com/YspPiWif
One of our PHP website hacked on 3rd july 2022. I am attaching the httpd
access files contents in the above pastebin. I hide the original URL of
the website due to a SLA policy.
Can anybody point out from the logs what exactly made the attacker able to
bring the site down..
Has he used this php site for attacking ?
Any other logs or command line outputs needed let me know. I will share
the required files. I am new to this area of forensic analysis to find
out the root cause of the attack .
Kindly shed some tips to find out where the vulnerability is and how to
prevent it in future.
Any more inputs/details required keep me informed, I can share those too.
Regards,
Krish