lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: vizzy at (Vizzy)
Subject: Another false Citibank e-mail...a new phishing?

hiho Steve!

It is not disguisted, but indeed hacked server: --->

No wonder someone found it very easy to exploit (as it runs buggy mod_ssl, openssl, php, ..)
and use compromised server to collect CC data without traces.

It has two Apache versions running on 80 and 443 as was said here
already, and looks like has some backdoor ports open (but I'll
investigate more..)
SM> Nope.
SM> Just More misdiredction by the miscreants

SM> try the url   

SM> The requested URL /test.php was not found on this server.

SM> ------------------------------------------------------------------------
SM> Apache/1.3.6 Server at Port 80

SM> [stm@rp2]$ nslookup
SM> Note:  nslookup is deprecated and may be removed from future releases.
SM> Consider using the `dig' or `host' programs instead.  Run nslookup with
SM> the `-sil[ent]' option to prevent this message from appearing.
SM> Server:
SM> Address:

SM> Non-authoritative answer:
SM> Name:
SM> Address:

have phun,

Powered by blists - more mailing lists