Used/Familiar with Exidous Shell?

Discussion in 'BlackHat Lounge' started by pr250, Jul 8, 2010.

  1. pr250

    pr250 Junior Member

    Apr 7, 2010
    Likes Received:
    Hey there,

    If this seems appropriate elsewhere feel free to move it, I couldnt see any forum where it fit in, unless I missed it?

    Lately on my websites Ive been getting code injected into my pages, losing my SE rankings, but its not limited to the one domain, its different usernames, different domains etc.

    My question is, whats the general way of getting the thing onto the server. Would it likely be a flaw in my OS or would it be a flaw in a script on my server? I found a site on my server im hosting that accepts form input to be put into the database without cleaning it, perhaps that could have caused it?

    My main concern is if it is a script weakness, how does it start effecting other users on the server?

    Is the frontend php just that or is there actual executables likely stored on the server that will still be able to be run?

    ANY help would be appreciated, want to make sure im clean, all sites are cleaned up now, but this is the 2nd time ive cleaned sites. Would my passwords likely be exposed to them? I know mysql ones would be but they arent meaningful and arent a priority right now as ALL external sql connections are currently disabled.