[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAEJizba2AyVoq52bh_S7WFQwBQx2cmoPMesoOKzxg5X=nMpqSA@mail.gmail.com>
Date: Mon, 19 Nov 2012 16:48:14 +0000
From: Benji <me@...ji.com>
To: Lucio Crusca <lucio@...web.org>
Cc: Full-Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: phpmyadmin compromised?
.. could you have provided any less information? why dont you look through
your code instead of emailing a screenshot to a mailing list? really?
On Mon, Nov 19, 2012 at 4:47 PM, Benji <me@...ji.com> wrote:
> .. coul
>
>
> On Mon, Nov 19, 2012 at 4:45 PM, Lucio Crusca <lucio@...web.org> wrote:
>
>> Hello *,
>>
>> I've setup my browser to remember login & password at my server phpmyadmin
>> login page. It usually fills the two fields correctly, but today it showed
>> this crap instead:
>>
>>
>> http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg
>>
>> Since I've already suffered a security breach through phpmyadmin in the
>> past, I immediately suspected another one. Please note that phpmyadmin is
>> shielded by http digest authentication since the previous accident.
>>
>> Are you aware of any security problems related to phpmyadmin (or to
>> Iceweasel 10 for that matter) that can cause such garbage on the login
>> page?
>>
>> Thanks in advance
>> Lucio.
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists