funsec mailing list archives
Websense: Automated Defacement Through Search Engines
From: "Fergie" <fergdawg () netzero net>
Date: Mon, 2 Apr 2007 21:04:05 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via Websense. [snip] Today's Web page defacements are most often accomplished through file inclusion attacks, where the attackers exploit a vulnerability in the Web application and then inject a remote scripting file (also known as a remote shell). This allows the attackers to take control over the server and easily deface the Web site. The question is: how do they find Web applications that are vulnerable to such attacks? The answer is: by using the search engines on the Internet to do the legwork. This is not a new technique, but lately we've seen this incorporated in malicious scripts and malware. This week, I examine some of the automated tools used for Web site defacements, where the key element in the operation is the use of a search engine. [snip] More: http://www.websense.com/securitylabs/blog/blog.php?BlogID=118 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.0 (Build 214) wj8DBQFGEW++q1pz9mNUZTMRAg0SAJ90YX7Y01ZhyCTlN61YsqEilGwZkwCfczsI 596NZpQ+Lk+8dwkEKGIYI1E= =69R9 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Automated Defacement Through Search Engines Fergie (Apr 02)