Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

phpMyAdmin exploited in masses

From: John Doe <johndo.jd () gmail com>
Date: Fri, 3 Jul 2009 13:49:52 +0200
Hi.

Disclosing out of boredom and for the crawlers to archive.

Keywords: phpmyadmin, web, exploit, zavod, devitalia, mwstudio, szervernet,
infotel, oodrive, iceman, romania, scriptkiddie.

An example of the phpmyadmin exploit used in masses without thinking.

IRC server: irc10.iceman.ro has address 85.214.36.2 (
h747052.serverkompetenz.net)
IRC port: 9999

A few domains that are webhosted on the same IP: freebid.de, soccertreff.de,
junge-werbung.com, pocket.marktcom.de.

Other possible IRC servers:
irc11.iceman.ro has address 87.106.2.154
irc12.iceman.ro has address 85.214.84.18
irc14.iceman.ro has address 82.165.30.30


12:51 <@who> 110 out of 130 hosts, please wait a few minutes before kline ;)
12:51 < IceMan> eh lol =))))))))))
12:51 < IceMan> 130 ?
12:52 < IceMan> ahaha
12:52 < IceMan> only the ones from root
12:52 < IceMan> :(
12:52 < IceMan> i have about 6000
12:52 <@who> anything else you want to share on the blog ?
12:53 < IceMan> you r makeing a bloog ?
12:53 < IceMan> blog*
12:53 <@who> no, i'm adding an entry.
12:53 < IceMan> =)))
12:53 < IceMan> on what blog ?
12:53 <@who> you'll know in time.
12:53 < IceMan> just dont add me
12:53 -!- Z [~kid () iceman ro] has joined #phpmyadmin
12:53 < IceMan> i dont wanna become a "STAR"


Hosts that made me stop scrolling for a second:

12:46 -!- ircb0t|558144 [~b0tz () static-241064 xdsl raiffeisen net]
12:52 -!- ircb0t|76136 [~b0tz () slice corp it]
12:50 -!- ircb0t|298636 [~b0tz () gw zavod ee]
12:50 -!- ircb0t|514818 [~b0tz () backup szervernet hu]
12:47 -!- ircb0t|803682 [~b0tz () b165 myrootshell com]
12:47 -!- ircb0t|39903 [~b0tz () nomail wietec com]
12:46 -!- ircb0t|118029 [~b0tz () hermes ac-net at]
12:47 -!- ircb0t|426978 [~b0tz () mail icable at]
12:48 -!- ircb0t|622275 [www-data () brain servercrew de]
12:48 -!- ircb0t|896247 [~b0tz () www mwstudio hu]
12:48 -!- ircb0t|259056 [~b0tz () mailserver devitalia it]
12:49 -!- ircb0t|691775 [~b0tz () thomas livenet ch]
12:50 -!- ircb0t|735988 [www-data () imukuppi org]
12:52 -!- ircb0t|981791 [~b0tz () doha virtualbuilding nl]
12:52 -!- ircb0t|376391 [~b0tz () crm oodrive com]
12:51 -!- ircb0t|305549 [~b0tz () azzinoth decknet fr]
12:50 -!- ircb0t|522103 [~b0tz () master infotel it]
12:50 -!- ircb0t|987422 [~b0tz () gentoo stofan sk]


List of all visible clients (in #root)

12:41 -!- ircb0t|348728 [~b0tz () ip-81-11-185-103 dsl scarlet be]
12:41 -!-  ircname  : Linux 2.6.22-14-server
12:41 -!- ircb0t|546679 [~b0tz () webplus-1 nederhost net]
12:41 -!-  ircname  : Linux 2.6.21-xen
12:46 -!- ircb0t|348728 [~b0tz () ip-81-11-185-103 dsl scarlet be]
12:46 -!-  ircname  : Linux 2.6.22-14-server
12:46 -!- ircb0t|546679 [~b0tz () webplus-1 nederhost net]
12:46 -!-  ircname  : Linux 2.6.21-xen
12:46 -!- ircb0t|768952 [9e8d281efd () hartlep eu]
12:46 -!-  ircname  : Linux 2.6.18
12:46 -!- ircb0t|100341 [www-data () bud125 internetdsl tpnet pl]
12:46 -!-  ircname  : Linux 2.6.18-5-686
12:46 -!- ircb0t|360066 [~b0tz () neobitd home net pl]
12:46 -!-  ircname  : Linux 2.6.23
12:46 -!- ircb0t|554117 [www-data () c-89-233-220-91 cust bredband2 com]
12:46 -!-  ircname  : Linux 2.6.17
12:46 -!- ircb0t|789508 [~b0tz@69.60.115.183]
12:46 -!-  ircname  : Linux 2.6.17-gentoo-r8
12:46 -!- ircb0t|109012 [~b0tz () moldau trilos net]
12:46 -!-  ircname  : Linux 2.6.17.7
12:46 -!- ircb0t|371797 [~
b0tz () 83-64-255-133 wiener-neudorf xdsl-line inode at]
12:46 -!-  ircname  : Linux 2.6.19-gentoo-r5
12:46 -!- ircb0t|557516 [~b0tz () r02s01 colo vollmar net]
12:46 -!-  ircname  : Linux 2.6.18-4-686
12:46 -!- ircb0t|789854 [~b0tz@86.92.26.138]
12:46 -!-  ircname  : Linux 2.6.18.1
12:46 -!- ircb0t|118029 [~b0tz () hermes ac-net at]
12:46 -!-  ircname  : Linux 2.6.18-4-vserver-686
12:46 -!- ircb0t|375254 [~b0tz@217.157.23.239]
12:46 -!-  ircname  : Linux 2.6.15-1-686-smp
12:46 -!- ircb0t|558144 [~b0tz () static-241064 xdsl raiffeisen net]
12:46 -!-  ircname  : Linux 2.6.18-5-xen-amd64
12:46 -!- ircb0t|79389 [~b0tz () madletomas netbox cz]
12:46 -!-  ircname  : Linux 2.6.14.6
12:46 -!- ircb0t|118901 [~b0tz () nat-130-146 man bydgoszcz pl]
12:46 -!-  ircname  : Linux 2.6.23-gentoo-r3
12:46 -!- ircb0t|378649 [~b0tz () mail jdj com pl]
12:46 -!-  ircname  : Linux 2.6.7-1-386
12:46 -!- ircb0t|564105 [~b0tz () srv-h64 esp mediateam fi]
12:46 -!-  ircname  : Linux 2.6.18-xenU
12:46 -!- ircb0t|794645 [~b0tz@64.56.157.143]
12:46 -!-  ircname  : Linux 2.4.21-50.EL
12:46 -!- ircb0t|134194 [~b0tz () medimpex13 medimpex tvnet hu]
12:46 -!-  ircname  : Linux 2.6.18-5-686
12:46 -!- ircb0t|394988 [~b0tz () m13s11 vlinux de]
12:46 -!-  ircname  : Linux 2.6.18
12:46 -!- ircb0t|564960 [~b0tz () turbine vnetworx net]
12:46 -!-  ircname  : Linux 2.6.18-5-686
12:46 -!- ircb0t|798421 [~b0tz@89.104.213.130]
12:46 -!-  ircname  : Linux 2.6.18-gentoo-r3
12:46 -!- ircb0t|156819 [~b0tz () dye204 internetdsl tpnet pl]
12:46 -!-  ircname  : Linux 2.6.15-51-server
12:47 -!- ircb0t|39903 [~b0tz () nomail wietec com]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|573848 [~b0tz () 229 ispy se]
12:47 -!-  ircname  : Linux 2.6.20-gentoo-r8
12:47 -!- ircb0t|803682 [~b0tz () b165 myrootshell com]
12:47 -!-  ircname  : Linux 2.6.18-xenU-vmsp
12:47 -!- ircb0t|162770 [apache@69.30.200.88]
12:47 -!-  ircname  : Linux 2.6.21-xen
12:47 -!- ircb0t|403023 [~b0tz () h081217003076 dyn cm kabsi at]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|580961 [~b0tz () cpc2-brig14-0-0-cust582 brig cable ntl com]
12:47 -!-  ircname  : Linux 2.6.17-gentoo-r8
12:47 -!- ircb0t|820387 [~b0tz@193.222.137.23]
12:47 -!-  ircname  : Linux 2.6.18-3-xen-686
12:47 -!- ircb0t|165683 [~b0tz () c83-248-93-49 bredband comhem se]
12:47 -!-  ircname  : Linux 2.6.18-4-686
12:47 -!- ircb0t|416174 [~b0tz () 67-207-130-189 slicehost net]
12:47 -!-  ircname  : Linux 2.6.18-xen
12:47 -!- ircb0t|587205 [~b0tz () 89-186-95-178 dcpool ip kpnqwest it]
12:47 -!-  ircname  : Linux 2.6.21.5-grsec-2.1.10
12:47 -!- ircb0t|822064 [~b0tz () eurogift amsterdam dataweb net]
12:47 -!-  ircname  : Linux 2.6.18-4-686
12:47 -!- ircb0t|169148 [~b0tz () BSN-77-187-53 static dsl siol net]
12:47 -!-  ircname  : Linux 2.6.18-3-686
12:47 -!- ircb0t|420571 [www-data@85.214.64.18]
12:47 -!-  ircname  : Linux 2.6.18-4-amd64
12:47 -!- ircb0t|593167 [~b0tz@83.228.37.12]
12:47 -!-  ircname  : Linux 2.6.18
12:47 -!- ircb0t|854735 [~b0tz@80.190.156.229]
12:47 -!-  ircname  : Linux 2.6.20-xen-r6
12:47 -!- ircb0t|42155 [www-data () 66-111-39-201 static sagonet net]
12:47 -!-  ircname  : Linux 2.6.18-3-686
12:47 -!- ircb0t|59751 [~b0tz () a62-251-30-68 adsl xs4all nl]
12:47 -!-  ircname  : Linux 2.6.20iptables
12:47 -!- ircb0t|857062 [~b0tz@81.3.54.143]
12:47 -!-  ircname  : Linux 2.4.18-1-686-smp
12:47 -!- ircb0t|179951 [www-data@195.56.146.54]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|424794 [~b0tz@83.246.88.97]
12:47 -!-  ircname  : Linux 2.6.21-xen
12:47 -!- ircb0t|60325 [~b0tz () 83-103-96-60 ip fastwebnet it]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|873417 [~b0tz () 81-7-92-77 static zebra lt]
12:47 -!-  ircname  : Linux 2.6.18-2-amd64
12:47 -!- ircb0t|188869 [~b0tz () server szechenyi-kap sulinet hu]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|426978 [~b0tz () mail icable at]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|612012 [~b0tz () 177 254-228-195 hosting adatpark hu]
12:47 -!-  ircname  : Linux 2.4.23
12:47 -!- ircb0t|876348 [~b0tz () business-89-132-156-81 business broadband hu]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:47 -!- ircb0t|192095 [~b0tz@195.113.99.195]
12:47 -!-  ircname  : Linux 2.6.18-5-686
12:48 -!- ircb0t|428332 [~b0tz () server um ustka pl]
12:48 -!-  ircname  : Linux 2.6.24
12:48 -!- ircb0t|621921 [~b0tz@62.214.74.163]
12:48 -!-  ircname  : Linux 2.6.18-4-686
12:48 -!- ircb0t|883442 [~b0tz () dvk98 internetdsl tpnet pl]
12:48 -!-  ircname  : Linux 2.6.17-pp3
12:48 -!- ircb0t|221125 [~b0tz () 89-186-141-237 dynamic primacom net]
12:48 -!-  ircname  : Linux 2.6.17-tie
12:48 -!- ircb0t|436737 [~b0tz () 89 140 182 76 static user ono com]
12:48 -!-  ircname  : Linux 2.6.18-4-686
12:48 -!- ircb0t|622275 [www-data () brain servercrew de]
12:48 -!-  ircname  : Linux 2.6.21.5-sc-custom
12:48 -!- ircb0t|895729 [~b0tz () gnu dh bytemark co uk]
12:48 -!-  ircname  : Linux 2.6.18-4-xen-amd64
12:48 -!- ircb0t|23033 [~b0tz () india537 server4you de]
12:48 -!-  ircname  : Linux 2.6.18-5-amd64
12:48 -!- ircb0t|451987 [~b0tz () rdlnet de]
12:48 -!-  ircname  : Linux 2.6.18-4-amd64
12:48 -!- ircb0t|62334 [~b0tz@217.66.131.5]
12:48 -!-  ircname  : Linux 2.4.20-64GB-SMP
12:48 -!- ircb0t|896247 [~b0tz () www mwstudio hu]
12:48 -!-  ircname  : Linux 2.6.18-3-686
12:48 -!- ircb0t|236167 [~b0tz () mail icable at]
12:48 -!-  ircname  : Linux 2.6.18-5-686
12:48 -!- ircb0t|462896 [~b0tz () cpe-69-204-233-96 nyc res rr com]
12:48 -!-  ircname  : Linux 2.6.18-4-686
12:48 -!- ircb0t|6245 [~b0tz () ip565f1c5a direct-adsl nl]
12:48 -!-  ircname  : Linux 2.6.15
12:48 -!- ircb0t|919530 [~b0tz () enzo opf slu cz]
12:48 -!-  ircname  : Linux 2.6.18-4-686
12:48 -!- ircb0t|241462 [~b0tz () 251 Red-217-127-103 staticIP rima-tde net]
12:48 -!-  ircname  : Linux 2.6.21
12:48 -!- ircb0t|464418 [~b0tz () 89-186-95-181 dcpool ip kpnqwest it]
12:48 -!-  ircname  : Linux 2.6.21.5-grsec-2.1.10
12:48 -!- ircb0t|627647 [2 () bvz155 internetdsl tpnet pl]
12:48 -!-  ircname  : Linux 2.6.20.1newlinux
12:48 -!- ircb0t|919666 [~b0tz () wpc0335 amenworld com]
12:48 -!-  ircname  : Linux 2.6.14-2-k7-smp
12:48 -!- ircb0t|245069 [~b0tz@83.140.30.11]
12:48 -!-  ircname  : Linux 2.6.23.1
12:48 -!- ircb0t|466823 [~b0tz@86.121.113.94]
12:48 -!-  ircname  : Linux 2.6.18-4-486
12:48 -!- ircb0t|636465 [~b0tz@194.206.242.42]
12:48 -!-  ircname  : Linux 2.6.18-5-686
12:48 -!- ircb0t|920974 [~b0tz@89.238.68.243]
12:48 -!-  ircname  : Linux 2.6.19.2
12:48 -!- ircb0t|259056 [~b0tz () mailserver devitalia it]
12:48 -!-  ircname  : Linux 2.6.18
12:48 -!- ircb0t|481214 [~b0tz () artistic defeiter nl]
12:48 -!-  ircname  : Linux 2.6.18-5-xen-amd64
12:48 -!- ircb0t|637750 [~b0tz () vserver59 antagus de]
12:48 -!-  ircname  : Linux 2.6.18-openvz-686
12:48 -!- ircb0t|943697 [~b0tz () 89-97-166-49 ip18 fastwebnet it]
12:48 -!-  ircname  : Linux 2.6.5-7.276-default
12:48 -!- ircb0t|262134 [~b0tz () alt126 com]
12:48 -!-  ircname  : Linux 2.6.21-2-686
12:48 -!- ircb0t|481565 [~b0tz () 80-219-1-88 dclient hispeed ch]
12:48 -!-  ircname  : Linux 2.6.18-5-686
12:49 -!- ircb0t|647797 [~b0tz () 111 84-48-221 nextgentel com]
12:49 -!-  ircname  : Linux 2.6.19.2
12:49 -!- ircb0t|957069 [~b0tz@83.98.163.59]
12:49 -!-  ircname  : Linux 2.6.18-4-xen-vserver-686
12:49 -!- ircb0t|262246 [~b0tz@83.65.62.50]
12:49 -!-  ircname  : Linux 2.6.15-vs2.0.1-gentoo-r5
12:49 -!- ircb0t|481703 [~b0tz@85.14.38.155]
12:49 -!-  ircname  : Linux 2.6.18-5-amd64
12:49 -!- ircb0t|691775 [~b0tz () thomas livenet ch]
12:49 -!-  ircname  : Linux 2.6.18-4-686
12:49 -!- ircb0t|959295 [~b0tz () carp-intohand-1 bath ac uk]
12:49 -!-  ircname  : Linux 2.6.18-4-686
12:49 -!- ircb0t|272591 [~b0tz@195.34.173.43]
12:49 -!-  ircname  : Linux 2.6.18-5-xen-amd64
12:49 -!- ircb0t|483662 [~b0tz@194.212.22.222]
12:49 -!-  ircname  : Linux 2.6.17-2-686
12:49 -!- ircb0t|707539 [~b0tz@194.98.152.250]
12:49 -!-  ircname  : Linux 2.6.18.smpxeon
12:49 -!- ircb0t|966270 [~b0tz () mail zstgm-ck cz]
12:49 -!-  ircname  : Linux 2.6.17-gentoo-r4
12:49 -!- ircb0t|279374 [~b0tz () easyweb dh bytemark co uk]
12:49 -!-  ircname  : Linux 2.6.18-5-686
12:50 -!- ircb0t|723427 [~b0tz () casinoclub mon pi se]
12:50 -!-  ircname  : Linux 2.6.18-4-amd64
12:50 -!- ircb0t|978793 [~b0tz@195.43.57.151]
12:50 -!-  ircname  : Linux 2.6.20-gentoo-r8
12:50 -!- ircb0t|290106 [~b0tz () blackstar tagi pl]
12:50 -!-  ircname  : Linux 2.6.21-gentoo-r4Cez
12:50 -!- ircb0t|495011 [~b0tz@194.44.218.36]
12:50 -!-  ircname  : Linux 2.6.11
12:50 -!- ircb0t|723430 [~b0tz () 30 Red-217-126-252 staticIP rima-tde net]
12:50 -!-  ircname  : Linux 2.6.17-12-generic
12:50 -!- ircb0t|979047 [www-data@195.56.235.14]
12:50 -!-  ircname  : Linux 2.6.18-5-486
12:50 -!- ircb0t|298636 [~b0tz () gw zavod ee]
12:50 -!-  ircname  : Linux 2.6.18-4-686
12:50 -!- ircb0t|514818 [~b0tz () backup szervernet hu]
12:50 -!-  ircname  : Linux 2.6.12
12:50 -!- ircb0t|735988 [www-data () imukuppi org]
12:50 -!-  ircname  : Linux 2.6.18-xenU
12:50 -!- ircb0t|987422 [~b0tz () gentoo stofan sk]
12:50 -!-  ircname  : Linux 2.6.15-gentoo-r1
12:50 -!- ircb0t|304829 [~b0tz () wwwserv-lin-16 teledata-fn de]
12:50 -!-  ircname  : Linux 2.6.22.1
12:50 -!- ircb0t|522103 [~b0tz () master infotel it]
12:50 -!-  ircname  : Linux 2.4.22
12:51 -!- ircb0t|740290 [webftp@83.168.220.73]
12:51 -!-  ircname  : Linux 2.6.17.4-cry.2-grsec
12:51 -!- ircb0t|991635 [~b0tz@80.84.244.84]
12:51 -!-  ircname  : Linux 2.6.18.8-xenU
12:51 -!- ircb0t|305549 [~b0tz () azzinoth decknet fr]
12:51 -!-  ircname  : Linux 2.6.18-5-xen-686
12:51 -!- ircb0t|526760 [~b0tz@83.98.163.59]
12:51 -!-  ircname  : Linux 2.6.18-4-xen-vserver-686
12:51 -!- ircb0t|740392 [~b0tz () host 9 140 23 62 rev coltfrance com]
12:51 -!-  ircname  : Linux 2.6.18-4-686
12:51 -!- ircb0t|996032 [~b0tz () 54038412 catv pool telekom hu]
12:51 -!-  ircname  : Linux 2.6.18-5-686
12:51 -!- ircb0t|310964 [~b0tz () dum131 internetdsl tpnet pl]
12:51 -!-  ircname  : Linux 2.6.17-2-k7
12:51 -!- ircb0t|526834 [~
b0tz () 89-16-165-104 no-reverse-dns-set bytemark co uk]
12:51 -!-  ircname  : Linux 2.6.18-5-xen-amd64
12:51 -!- ircb0t|743635 [~b0tz () casinoclub mon pi se]
12:51 -!-  ircname  : Linux 2.6.18-4-amd64
12:52 -!- ircb0t|315372 [~b0tz () casinoclub mon pi se]
12:52 -!-  ircname  : Linux 2.6.18-4-amd64
12:52 -!- ircb0t|526893 [~b0tz () apo155 internetdsl tpnet pl]
12:52 -!-  ircname  : Linux 2.6.18-5-686
12:52 -!- ircb0t|747204 [~b0tz@89.191.21.168]
12:52 -!-  ircname  : Linux 2.6.18.xs4.0.1.900.5799
12:52 -!- ircb0t|327014 [2 () aks90 internetdsl tpnet pl]
12:52 -!-  ircname  : Linux 2.6.17-pp33
12:52 -!- ircb0t|530373 [~b0tz@83.96.235.102]
12:52 -!-  ircname  : Linux 2.6.18-5-xen-686
12:52 -!- ircb0t|758109 [~b0tz () 81-233-118-147-no78 tbcn telia com]
12:52 -!-  ircname  : Linux 2.6.20.7
12:52 -!- ircb0t|342344 [~b0tz@80.92.73.24]
12:52 -!-  ircname  : Linux 2.6.18-4-686
12:52 -!- ircb0t|544633 [~b0tz@193.47.153.16]
12:52 -!-  ircname  : Linux 2.6.18-5-xen-vserver-686
12:52 -!- ircb0t|76136 [~b0tz () slice corp it]
12:52 -!-  ircname  : Linux 2.6.18-xen
12:52 -!- ircb0t|305280 [~b0tz () szerver2 klebi sulinet hu]
12:52 -!-  ircname  : Linux 2.6.18-5-486
12:52 -!-  channels : @#rut
12:52 -!- ircb0t|376391 [~b0tz () crm oodrive com]
12:52 -!-  ircname  : Linux 2.6.9-5.EL
12:52 -!- ircb0t|981791 [~b0tz () doha virtualbuilding nl]
12:52 -!-  ircname  : Linux 2.6.10
12:52 -!- ircb0t|192265 [~b0tz () catv-89-135-13-240 catv broadband hu]
12:52 -!-  ircname  : Linux 2.6.18-5-686
12:52 -!- ircb0t|642093 [~b0tz () n6uid spamband com]
12:52 -!-  ircname  : Linux 2.6.18-5-686

Have a nice day
Joe Doesntmatter

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: