Re: http://www.dragonflybsd.org/ is hacked??
On Mon, October 19, 2009 7:52 am, Saifi Khan wrote: > On Mon, 19 Oct 2009, Simon 'corecode' Schubert wrote: >> It was a defacement through an exploit in ikiwiki, because the markup >> had not >> been changed. We're looking into it. It was an ordinary wiki edit. Someone manually registered about 12 hours ago and added the text. I deleted the account. It's nothing dramatic - just a spectacularly inefficient spammer.
Re: http://www.dragonflybsd.org/ is hacked??
Saifi Khan wrote: In most cases the wiki software does not need to run as root. It is not running as root. You mention the possibility of an exploit, the stuff documented at http://ikiwiki.info/security/ talks about a 'pending git backend audit'. Seems polachok raced me with restoring the site, so I had the impression that the html had been changed, but not the mkdn. Seems that was not the case, so no exploit. cheers simon -- <3 the future +++ RENT this banner advert +++ ASCII Ribbon /"\ rock the past +++ space for low CHF NOW!1 +++ Campaign \ / Party Enjoy Relax | http://dragonflybsd.org Against HTML \ Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \
Re: http://www.dragonflybsd.org/ is hacked??
On Mon, 19 Oct 2009, Simon 'corecode' Schubert wrote: > Saifi Khan wrote: > > On Mon, 19 Oct 2009, lhmwzy wrote: > > > > > http://www.dragonflybsd.org/ > > > > > > DragonFly BSD > > Thanks for the notice! > > > No i don't think so ! > > > > if i understand correctly (iiuc) then it's a wiki and somebody > > may have spammed the front page. > > > > In the IRC log, it appears that corecode|polachok observed this > > and fixed the front page. > > It was a defacement through an exploit in ikiwiki, because the markup had not > been changed. We're looking into it. > > cheers > simon > Hi Simon: In most cases the wiki software does not need to run as root. You mention the possibility of an exploit, the stuff documented at http://ikiwiki.info/security/ talks about a 'pending git backend audit'. thanks Saifi.
Re: http://www.dragonflybsd.org/ is hacked??
Saifi Khan wrote: On Mon, 19 Oct 2009, lhmwzy wrote: http://www.dragonflybsd.org/ DragonFly BSD Thanks for the notice! No i don't think so ! if i understand correctly (iiuc) then it's a wiki and somebody may have spammed the front page. In the IRC log, it appears that corecode|polachok observed this and fixed the front page. It was a defacement through an exploit in ikiwiki, because the markup had not been changed. We're looking into it. cheers simon -- <3 the future +++ RENT this banner advert +++ ASCII Ribbon /"\ rock the past +++ space for low CHF NOW!1 +++ Campaign \ / Party Enjoy Relax | http://dragonflybsd.org Against HTML \ Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \
Re: http://www.dragonflybsd.org/ is hacked??
On Mon, 19 Oct 2009, lhmwzy wrote: > http://www.dragonflybsd.org/ > > DragonFly BSD > No i don't think so ! if i understand correctly (iiuc) then it's a wiki and somebody may have spammed the front page. In the IRC log, it appears that corecode|polachok observed this and fixed the front page. thanks Saifi.