they've either fixed the one on the forums already or my blocking of ohloh.net
has possibly prevented it... there has been a recent rash of mess getting into
numerous places... one that has been rather unnerving has been where an iframe
(IIRC) was put in place with a Z axis of the highest nume
For the record, the lazarus site's SMF installation is out of date (by 1
version), I'd recommend patching it up. I love SMF's upgrade process... so
simple.
On Tue, Jan 26, 2010 at 10:15 PM, waldo kitty wrote:
>
> they've either fixed the one on the forums already or my blocking of
> ohloh.net has
27.01.2010 11:50, Matt Shaffer пишет:
For the record, the lazarus site's SMF installation is out of date (by 1
version), I'd recommend patching it up. I love SMF's upgrade process...
so simple.
Not when you have some mods which conflicts with the new version install.
Best regards,
Paul Ishenin
It seems to be fine again now.
However, at the very bottom of th indexpage I find:
Loading...
Does this really belong there?
Bart
--
___
Lazarus mailing list
Lazarus@lists.lazarus.freepascal.org
http://lists.lazarus.freepascal.org/mailman/listinfo/la
Matt Shaffer wrote:
For the record, the lazarus site's SMF installation is out of date (by 1
version), I'd recommend patching it up. I love SMF's upgrade process...
so simple.
The "infection" is removed. We're currently investigating where it came
from.
The smf forum was uptodate (1.1.11). Un
On Wed, Jan 27, 2010 at 10:37 AM, Marc Weustink wrote:
>
> The "infection" is removed. We're currently investigating where it came
> from.
> The smf forum was uptodate (1.1.11). Unfortunately when restoring things,
> a previous index.php was used, which reports the older version. (which is
> the o
Matt Shaffer wrote:
On Wed, Jan 27, 2010 at 10:37 AM, Marc Weustink
mailto:marc.weust...@cuperus.nl>> wrote:
The "infection" is removed. We're currently investigating where it
came from.
The smf forum was uptodate (1.1.11). Unfortunately when restoring
things, a previous index.
Well, there doesn't have to be shell/ftp for the person to have access to
files ;) As long as they're able to upload their own file manager through an
exploit...
Anyway, I can't think of any other possibilities. But, wouldn't it be
possible to change the permissions of SMF's files when an update i
On 1/27/2010 16:10, Matt Shaffer wrote:
Keep in mind:
1. An outdated index.php could be a possible culprit, if it had any
security vulnerabilities with it (although I highly doubt this)
2. Any mods installed may have vulnerabilities
3. If the person updating the forum to 1.1.11 ignored warning m
Matt Shaffer schrieb:
> Well, there doesn't have to be shell/ftp for the person to have access
> to files ;)
To ssh, you've to hack a vpn first ;)
--
___
Lazarus mailing list
Lazarus@lists.lazarus.freepascal.org
http://lists.lazarus.freepascal.org/mail
Right, but what I meant was if someone manages to upload their own PHP file
to the lazarus server, they can easily have uploaded a PHP file manager
which has the capability of deleting files, etc, without ever needing
ssh/ftp (this assumes the attack was done through a vulnerable piece of
software,
Matt Shaffer wrote:
Right, but what I meant was if someone manages to upload their own PHP
file to the lazarus server, they can easily have uploaded a PHP file
manager which has the capability of deleting files, etc, without ever
needing ssh/ftp (this assumes the attack was done through a vulnera
Was the php shell C99madshell?
It seems many sites have been recently compromised via this shell. The
ways the shell is uploaded depends on the vulnerabilities of the forum
software.
Marc Weustink wrote:
Matt Shaffer wrote:
Right, but what I meant was if someone manages to upload their own
patspiper wrote:
Was the php shell C99madshell?
Nope: ws.php -> #Web Shell by oRb
Marc
--
___
Lazarus mailing list
Lazarus@lists.lazarus.freepascal.org
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
On 1/28/2010 02:42, Florian Klaempfl wrote:
Matt Shaffer schrieb:
Well, there doesn't have to be shell/ftp for the person to have access
to files ;)
To ssh, you've to hack a vpn first ;)
why? MitM setups aren't that hard... i know of at least one chat proxy package
that does this so as to a
On 1/28/2010 02:55, Matt Shaffer wrote:
Right, but what I meant was if someone manages to upload their own PHP
file to the lazarus server, they can easily have uploaded a PHP file
manager which has the capability of deleting files, etc, without ever
needing ssh/ftp (this assumes the attack was do
On 1/28/2010 12:17, patspiper wrote:
Was the php shell C99madshell?
It seems many sites have been recently compromised via this shell. The
ways the shell is uploaded depends on the vulnerabilities of the forum
software.
my point that i just tried to make in a (very) recent post is that this ty
waldo kitty wrote:
my point that i just tried to make in a (very) recent post is that
this type of c4rp would not happen if the vars passed in the GET and
POST were properly sanitized ;)
FWIW: it doesn't matter which shellcode was used as long as any
shellcode can be pulled from a remote site
18 matches
Mail list logo
