1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

plesk 8.6 hacked? random sites created

Discussion in 'Plesk for Linux - 8.x and Older' started by nephilimhell, Dec 2, 2008.

  1. nephilimhell

    nephilimhell Guest

    0
     
    hello,
    i've just got the plesk login to a new and fresh server with plesk 8.6 for Centos on it,
    and after the first login i discovered a random created client and website

    i've deleted and added my own client
    + i added the first hosting under that client

    just an hour later! i discover again a new web is created, this time under my created client

    the name of the web is giusucms.dgusdn.coim.es.md, no limits are entered, and all the services are checked (apache asp, ssi, php, ...) an ftp user is created and shell access to server is set to /bin/tcsh!

    how can this be accomplished?
     
  2. atomicturtle

    atomicturtle Golden Pleskian

    29
     
    Joined:
    Nov 20, 2002
    Messages:
    2,110
    Likes Received:
    7
    Location:
    Washington, DC
    That sounds to me like they have your login credentials. Did you change the admin password?
     
  3. nephilimhell

    nephilimhell Guest

    0
     
    well, i'm trying to do that,
    but when i go to Server => Administrator information and click Change password,
    i keep getting the message: Error: Unable to change the administrator's password: old password is incorrect. Please, try again.

    although i enter there the password i use to login to plesk (the username i got from my provider we requested the dedicated server is root)
     
Loading...