This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.

For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

My server has been hacked

Old posts that have not been replied to for several years.
Locked
a
anonym

My server has been hacked

Post by anonym »

Hi,

I have no clue about what eggdrop is or what it can do but I have just found a couple of eggdrop directories on my server.

I have NOT installed this!

Does anyone have an idea on how it could get there?

I have been told that eggdrop can be installed through a php script or something like that, if the script has a bug. Can anyone here confirm that??

If it’s true, how can I prevent it from happening again?

With eggdrop installed on my server what will the hacker be able to do?


Any help will be useful…

Thanks.
Top
User avatar
Alchera
Revered One
Posts: 3344
Joined: Mon Aug 11, 2003 12:42 pm
Location: Ballarat Victoria, Australia
Contact:
Contact Alchera

Post by Alchera »

According to a previous post of yours you had eggdrop up and running with a slight problem which you have resolved. Please explain the "couple of eggdrop directories" statement.
Add [SOLVED] to the thread title if your issue has been.
Search | FAQ | RTM
Top
a
anonym

Post by anonym »

Alchera wrote:According to a previous post of yours you had eggdrop up and running with a slight problem which you have resolved.
I'm not sure I understand what you mean...

I have never posted on this message board before and I DON'T even know what eggdrop is or what it can do.

Alchera wrote:Please explain the "couple of eggdrop directories" statement.
All I know is that I have suddenly found 3 directories on my server called:
Test
.psy
.data

All 3 include a lot of files that have something to do with eggdrop.

Do you or anyone else have an idea on how it could get there, because I have NOT installed it?

And can you explain to me what the hacker who has installed eggdrop will be able to do with my server?



Thanks for your interrest...

By the way about the PHP script problem I belief it got something to do with SQL Injections and not eggdrop as suggested earlier, so I guess this mystery has been solved :)
Top
User avatar
awyeah
Revered One
Posts: 1580
Joined: Mon Apr 26, 2004 2:37 am
Location: Switzerland
Contact:
Contact awyeah

Post by awyeah »

Check the bash or log files to see who is fiddling and messing around.
·­awyeah·

==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
==================================
Top
User avatar
Alchera
Revered One
Posts: 3344
Joined: Mon Aug 11, 2003 12:42 pm
Location: Ballarat Victoria, Australia
Contact:
Contact Alchera

Post by Alchera »

The "psy" folder has nothing to do with eggdrop! It's your psyBNC folder and it's written in Perl anyway, not TCL.

The "data" folder also probably has nothing to do with eggdrop. Type ps x on your shell to see all running processes, you might get an idea of what is using that folder.
Add [SOLVED] to the thread title if your issue has been.
Search | FAQ | RTM
Top
User avatar
YooHoo
Owner
Posts: 939
Joined: Thu Feb 13, 2003 10:07 pm
Location: Redwood Coast

Post by YooHoo »

:o delete them? :o
geez, ur not gonna catch AIDS from an eggdrop, don't freak :wink:
Top
M
Mouse
Voice
Posts: 10
Joined: Sun Sep 26, 2004 8:07 pm

Post by Mouse »

eggdrop is IRC BOT that help the channel operators channel their channel.

psybnc is like irc proxy.
Top
m
metroid
Owner
Posts: 771
Joined: Wed Jun 16, 2004 2:46 am

Post by metroid »

Mouse, why are you bringing up such an old topic.. The guy isn't even checking this forum for an answer anyhow.
Top
Locked

Return to “Archive”