i2pg3xFBrCDzkIgN

The above is a typical password I would use. 16 random characters. So it has come as a small surprise that somehow some files got planted into my domain. I was syncing backups when I noticed that in the /cgi-bin/ which I never use, 4 files had appeared:

  • cgiecho
  • cgiemail
  • entropybanner.cgi
  • randhtml.cgi

Odd. So I changed permissions on the directory and got in touch with ASO. They’ve added nothing – and I certainly added nothing. It seems that those files are something to do with emailing but further than that I have no clue. I’ve deleted them now, changed my password, and the /cgi-bin/ directory cannot now do anything but how those files actually got there is a mystery – unless it’s someone on the same server doing funky stuff ?

6 thoughts on “i2pg3xFBrCDzkIgN

  1. Sounds an awful lot like regular pre-packaged scripts to me. Are you sure they weren’t there when you signed up this account? otherwise I’d highly suspect them from installing them at some point… Frankly doubt it’s the work of a hacker.

  2. Absolutely certain they were not there.
    I sync backups weekly and the cgi-bin has always been empty – I checked it when I signed up. The files were dated 9 July and ASO claim no part.
    I’m not particularly bothered more curious..

  3. I’m pretty sure it could be a Fanastico thing. I noticed them once on my old domain and was thoroughly confused as to how they got there, but I literally just tested it out with purple-lilacs.com and they appeared, just from installing a quick script with Fantastico. I just randomly clicked a script, think it was the phoFormthingy…so I can’t verify if it does this with any install, but the cgi-bin was definitely empty before I ran it.

Leave a Reply

Your email address will not be published. Required fields are marked *