List ,
One of our PHP website hacked on 3rd july 2022. I am attaching the httpd access files contents in the above pastebin. I hide the original URL of the website due to a SLA policy.
Can anybody point out from the logs what exactly made the attacker able to bring the site down..
Has he used this php site for attacking ?
Any other logs or command line outputs needed let me know. I will share the required files. I am new to this area of forensic analysis to find out the root cause of the attack .
Kindly shed some tips to find out where the vulnerability is and how to prevent it in future.
Any more inputs/details required keep me informed, I can share those too.
Regards,
Krish
