Attackes on my WAMP SERVER
Posted by: datalogy (117.198.87.---)
Date: June 19, 2017 06:17PM

Hello there,

Someone is uploading some malicious files remotely on my wamp server. Investigation on our side reveal that this encrypted file is sending bulk emails and causing mysql to hang (but not sure). Restart of WAMP is needed in order to restore it but its happening on daily basis at our night times and attacked is using random IP addresses so no way to block it. I delete such files and it runs good for couple of days and then it all starts again and again.

What could be the reason and how someone is able to upload files in different directories inside WWW folder of WAMP without any authorize access?

I wish I could upload file here but there isn't option to upload file. Any help will be highly appreciated.

Thank you



Edited 1 time(s). Last edit at 06/19/2017 06:18PM by datalogy.

Options: ReplyQuote
Re: Attackes on my WAMP SERVER
Posted by: RiggsFolly (Moderator)
Date: June 19, 2017 06:22PM

WAMPServer is primarily a Developer tool. Designed to be a standalone wamp stack.

It can be used to host sites live on the internet but this is only suggested if you have the relevant knowledge to correctly secure Apache in that environment.

Otherwise I suggest you purchase a hosting package, where they have proffessional that know their business to undertake the hardening of Apache against external attacks

---------------------------------------------------------------------------------------------
(Windows 7 Pro 32bit) (Wampserver 3.0.6 32bit)
<Apache 2.4.23/2.2.31> <PHP 7.1.2/7.0.16/5.6.28/5.5.38/5.4.45/5.3.29> <MySQL 5.7.10/5.6.17/5.5.28>
<MariaDB 10.1.21> <phpMyAdmin4.6.5.2> <MySQL Workbench 6.3.6.511>

Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin -- WAMPServer alternate Repo
-?-?-?- Backup your MySQL databases regularly Here is How dont regret it later! Yes even when developing -?-?-?-

Options: ReplyQuote
Re: Attackes on my WAMP SERVER
Posted by: datalogy (106.79.160.---)
Date: June 19, 2017 08:10PM

Hello,

Thanks. I know its a developer tool and its been used for development where clients can see their project progress live in my case. This is not being used as replacement of professional hosting. If you have any solution to above problem then feel free to share.

Thanks

Options: ReplyQuote
Re: Attackes on my WAMP SERVER
Posted by: RiggsFolly (Moderator)
Date: June 19, 2017 09:16PM

How can I/we help.

We have no idea of the specifics.
We have no idea what you have done to harden Apache.

We have no idea if you are using home written code or a CMS/Framework
We have no idea if you kept a CMS/Framework up to date.

In short a request for help saying I have been hacked is really not enough to go on.

---------------------------------------------------------------------------------------------
(Windows 7 Pro 32bit) (Wampserver 3.0.6 32bit)
<Apache 2.4.23/2.2.31> <PHP 7.1.2/7.0.16/5.6.28/5.5.38/5.4.45/5.3.29> <MySQL 5.7.10/5.6.17/5.5.28>
<MariaDB 10.1.21> <phpMyAdmin4.6.5.2> <MySQL Workbench 6.3.6.511>

Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin -- WAMPServer alternate Repo
-?-?-?- Backup your MySQL databases regularly Here is How dont regret it later! Yes even when developing -?-?-?-



Edited 1 time(s). Last edit at 06/21/2017 10:00PM by RiggsFolly.

Options: ReplyQuote
Re: Attackes on my WAMP SERVER
Posted by: datalogy (117.198.75.---)
Date: June 21, 2017 09:25PM

but you should have idea about any known loophole in wamp. right?

Options: ReplyQuote
Re: Attackes on my WAMP SERVER
Posted by: RiggsFolly (Moderator)
Date: June 21, 2017 10:22PM

The only possible loopholes are those that exist in
Apache (the version you are using)
PHP (the version your are using)

Or the code you wrote
Or the code in the CMS(version you are using) and/or the code you wrote in it.
Or the code in the Framework(version you are using) and/or the code you wrote in it.

Or the ADDON to the CMS/Framework and wether they are up to date or not.

Quite simply, the list of possibilities is too long, and in no way limited by the little information you actually provided us with.

As at the current point in time, I nor anyone associated with this site is clairvoyant.

Sorry

---------------------------------------------------------------------------------------------
(Windows 7 Pro 32bit) (Wampserver 3.0.6 32bit)
<Apache 2.4.23/2.2.31> <PHP 7.1.2/7.0.16/5.6.28/5.5.38/5.4.45/5.3.29> <MySQL 5.7.10/5.6.17/5.5.28>
<MariaDB 10.1.21> <phpMyAdmin4.6.5.2> <MySQL Workbench 6.3.6.511>

Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin -- WAMPServer alternate Repo
-?-?-?- Backup your MySQL databases regularly Here is How dont regret it later! Yes even when developing -?-?-?-

Options: ReplyQuote


Sorry, only registered users may post in this forum.