We have a dedicated web server with an application.
1) The hacker gets into the application as admin by changing the admin password.
2) He also gets to create mysql tables on the server by knowing the mysql login crediential of the application.
3) We noticed a php script on the application on temp folder which has world writeable permission (via httpd log, more info will be given on pm).
We need to identify the backdoor in the application and prevent this from happening, need to configure, optimize & secure the server.
1) The purpose of this project is also to learn about securing this app by us, so the provider needs to document/ let us know what and how was performed.
2) Need to work via any screenshare menthod. root access will not be provided.
More detail of the application will be given on PM
We need XSS and Code Injection expert.