Hi,
last week , hackers have hacked my site. They have used this path scheme:
http://www.schluesselnotdienstzentrale.eu/schluesseldienst-hamburg?path=...
Which then leads to this data manager:
MaDo[O]oS File Manager Version 1.0, Coded By MaDo[O]oS
Can you somehow correct , delete , etc?
Comments
Comment #2
Cameron Tod CreditAttribution: Cameron Tod as a volunteer and at Acquia commentedIt will be difficult to get direct support for your site through this issue queue, but it will be reviewed to ensure that it's not a as-yet-unidentified vulnerability.
To get your own site fixed, try one of the providers in https://www.drupal.org/drupal-services or ask in IRC (#drupal-support).
Comment #3
Frank HH-germany CreditAttribution: Frank HH-germany commentedHi Cameron,
After the attack, I have update the Core, rebuilt the server structure and prevent show errors , so that the attacker does not have again so easily .
I have open a new issue on https://www.drupal.org/node/2780245. Is this right?
How can i delete this Manager? "MaDo[O]oS File Manager Version 1.0, Coded By MaDo[O]oS"
Comment #4
Fristaila CreditAttribution: Fristaila as a volunteer commentedtry delete files of manager, grep it in terminal by words for example:
grep -rn "MaDo[O]oS"
in repository of your site
Comment #5
stefan.r CreditAttribution: stefan.r commentedComment #6
Frank HH-germany CreditAttribution: Frank HH-germany commented#4
Hi Fristalia,
is "MaDo[O]os" in the Dupalcore or in the Linuxserversystem or in the Apache?
I have this question , because I have a managed server and in case 2 and 3, the server administrator must then take care of it.
in Drupal root directory I could not find anything anyway.
Thanks
Comment #7
MustangGB CreditAttribution: MustangGB commentedSupport requests aren't critical.