[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Howto trace hack

Subject: RE: [cobalt-users] Howto trace hack
From: Jeroen Wunnink <jeroen@xxxxxxxxxxxxxx>
Date: Mon Mar 22 00:15:01 2004
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

We tend to see this exploit regularly.., not only in that gallery module,also in poorly programmed PHP scripts by customers..This type of hack is the one that is 99% of the (attempted) hacks on ourservers..

It ususally ends there.., due them trying to set up an irc or ftp server,which in turn is blocked by the firewall..


At 17:59 19-3-2004, you wrote:

Hi,

The kiddies are trying it again and now I managed to identify them and how
they do it :
They use the Postnuke My_eGallery module to execute the crap from their
site.




Met vriendelijke groet,

Jeroen Wunnink,
EasyHosting B.V. Systeembeheerder
systeembeheer@xxxxxxxxxxxxxx

telefoon:+31 (035) 6285455              Postbus 1332
fax: +31 (035) 6838242                  1200 BH Hilversum

http://www.easyhosting.nl
http://www.easycolo.nl

Follow-Ups:
- RE: [cobalt-users] Howto trace hack
  - From: Crocket

References:
- RE: [cobalt-users] Howto trace hack (was: Raq550: SMTP shutting down)
  - From: Thom R. Lacosta
- RE: [cobalt-users] Howto trace hack
  - From: Crocket

Prev by Date: [cobalt-users] Backup Resources
Next by Date: RE: [cobalt-users] Howto trace hack
Previous by thread: RE: [cobalt-users] Howto trace hack
Next by thread: RE: [cobalt-users] Howto trace hack

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index