lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1353344775.2587.7.camel@mule> Date: Mon, 19 Nov 2012 12:06:15 -0500 From: "H. Kurth Bemis" <kurth@...thbemis.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: phpmyadmin compromised? This. As I recall this happened after changing the "Secret Key". I've also see this happen after a major upgrade, likely due to the same reason. Best of luck, ~k On Mon, 2012-11-19 at 17:51 +0100, Christian Sciberras wrote: > That is not a compromise. It is related to a change in encoding. > Please clear your cookies and try again. > > (I've had this exact problem in the past, but I don't remember the details) > > > Chris. > > > On Mon, Nov 19, 2012 at 5:48 PM, Benji <me@...ji.com> wrote: > > > .. could you have provided any less information? why dont you look through > > your code instead of emailing a screenshot to a mailing list? really? > > > > > > On Mon, Nov 19, 2012 at 4:47 PM, Benji <me@...ji.com> wrote: > > > >> .. coul > >> > >> > >> On Mon, Nov 19, 2012 at 4:45 PM, Lucio Crusca <lucio@...web.org> wrote: > >> > >>> Hello *, > >>> > >>> I've setup my browser to remember login & password at my server > >>> phpmyadmin > >>> login page. It usually fills the two fields correctly, but today it > >>> showed > >>> this crap instead: > >>> > >>> > >>> http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg > >>> > >>> Since I've already suffered a security breach through phpmyadmin in the > >>> past, I immediately suspected another one. Please note that phpmyadmin is > >>> shielded by http digest authentication since the previous accident. > >>> > >>> Are you aware of any security problems related to phpmyadmin (or to > >>> Iceweasel 10 for that matter) that can cause such garbage on the login > >>> page? > >>> > >>> Thanks in advance > >>> Lucio. > >>> > >>> > >>> > >>> > >>> _______________________________________________ > >>> Full-Disclosure - We believe in it. > >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>> Hosted and sponsored by Secunia - http://secunia.com/ > >>> > >> > >> > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > That is not a compromise. It is related to a change in encoding. > Please clear your cookies and try again. > > > (I've had this exact problem in the past, but I don't remember the > details) > > > > > Chris. > > > On Mon, Nov 19, 2012 at 5:48 PM, Benji <me@...ji.com> wrote: > .. could you have provided any less information? why dont you > look through your code instead of emailing a screenshot to a > mailing list? really? > > > On Mon, Nov 19, 2012 at 4:47 PM, Benji <me@...ji.com> wrote: > .. coul > > > On Mon, Nov 19, 2012 at 4:45 PM, Lucio Crusca > <lucio@...web.org> wrote: > Hello *, > > I've setup my browser to remember login & > password at my server phpmyadmin > login page. It usually fills the two fields > correctly, but today it showed > this crap instead: > > http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg > > Since I've already suffered a security breach > through phpmyadmin in the > past, I immediately suspected another one. > Please note that phpmyadmin is > shielded by http digest authentication since > the previous accident. > > Are you aware of any security problems related > to phpmyadmin (or to > Iceweasel 10 for that matter) that can cause > such garbage on the login page? > > Thanks in advance > Lucio. > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - > http://secunia.com/ > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists