Advertisement

02.25.2007 at 03:24PM PST, ID: 22412447
[x]
Attachment Details

Hack Access Restricted Folders

Asked by bprof2007 in Networking Security Vulnerabilities, Apache Web Server, Miscellaneous Security

Tags: , , ,

Hi,

I have a page for testing purposes its a regular form built in php, name, email, city, state and zip code are the fields that are required by the user. After submitting the form the data input will be sent via email and printed out to the user. Every field is checked for injection.

This page is inside a folder that is Restricted through .htaccess.

What happened is that someone hacked the site not the main site, but specifically this restricted folder and left an index page saying the site security is weak and easy to hack bla bla...?

My question is how could he/they get to this restricted folder? Nothing in the form could give them access so what could led to this? And one more thing I purchased the site few months ago, and I didn't publish it yet cause I didn't finish working on it yet? So I wonder how did they find it?

Could someone help me answering my questions?Start Free Trial
[+][-]02.25.2007 at 03:46PM PST, ID: 18606564

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]02.25.2007 at 05:11PM PST, ID: 18606800

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]02.25.2007 at 05:13PM PST, ID: 18606808

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]02.25.2007 at 05:14PM PST, ID: 18606811

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]02.26.2007 at 03:09PM PST, ID: 18613442

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]02.26.2007 at 04:47PM PST, ID: 18613925

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Networking Security Vulnerabilities, Apache Web Server, Miscellaneous Security
Tags: restricted, access, hack, folder
Sign Up Now!
Solution Provided By: Nopius
Participating Experts: 2
Solution Grade: A
 
 
[+][-]02.26.2007 at 07:03PM PST, ID: 18614436

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32