My website’s been hacked and I need to remove a folder named COM1

by Posted on

No not my website, but probably yours if you had anonymous FTP open.  So here’s the scenario, you have a website that somehow someone in some far away country has loaded all these french pirated movies, arabian rap songs and warez. They were crafty and placed all these files in a folder named com1, or a folder named with all spaces or perhaps a folder named ..    And now you want to delete these files but how?

Deleting folders named COM1

This is first because it’s usually the hardest. what you’ll do is type:

  1. rmdir \\.\c:\your_root_folder\com1 /s /q

That’s it! /s says remove all directories and folders under this folder /q says do this in quiet mode (don’t bother me with warnings)

Now if you get a warning that you don’t have permission to delete com1 then open windows explorer, select the top folder, right click on it and go to properties -> security -> advanced -> owner and change the owner on the folder and all subfolders to administrator. then try the command again

 

Deleting folders named  ”   ” or “..” or “.”

This is straight forward.  The command is dir /x look for the short name for these folders, it will be something like “CBCC3~1”  then from dos type

  1. rmdir CBCC3~1 /s /q

That’s it they’re deleted.  Now how did they get in? My money is on anonymous FTP or bad frontpage permissions but that’s for you to find and close.

Published by Jess

Experienced as a Web Developer and Web Server administrator since 1994, in 1999 Jess set out to start a Web Hosting Provider that would leverage the latest in cutting edge and innovative technologies and make them available to businesses in a way that was easy to understand, easy to use and affordable. Today Applied Innovations is a recognized leader in Windows Hosting and specializes in ASP.NET, E-Commerce and Advanced Web Application Hosting.

Leave a Reply