So I was running top, and noticed that one of my domains, had many perl scripts running. After doing a perl script scan, I found that they somehow upload a file and extracted it.
This is the path:
/tmp/.picl/st
Within this folder, there are the following:
eb.php
in
index.html
ini.inc
in.txt
list.txt
ms
msg.txt
send.pl
users
and a few other files.
So, after I remove this entire folder, how can I make sure that this does not happen again?
This is the path:
/tmp/.picl/st
Within this folder, there are the following:
eb.php
in
index.html
ini.inc
in.txt
list.txt
ms
msg.txt
send.pl
users
and a few other files.
So, after I remove this entire folder, how can I make sure that this does not happen again?