Joseph Fruchey wrote: > Good for motivation. I'll get on that. But my board is owned by phpbb, > who only has access to the board, afaik.
phpbb can write files to the directory phpbb owns so it can drop files in there and run scripts from there. the exploit I saw drops a nice web based front end and installs a shell the controller can telnet too. > > On 5/4/05, -ray <[EMAIL PROTECTED]> wrote: > >>On Wed, 4 May 2005, Scott Harney wrote: >> >> >>>phpBB forums below v2.0.13 ARE being actively attacked by automated scripts. >>>I cleaned one up recently. If you're running that version, I'd be surprised >>>if you weren't yet compromised. You might not have noticed because it >>>hasn't put any additional load on your box. >>> >>>Seen it, in the real world. Was able to determine that the phpBB2 was >>>exploited on the same day as the patch release to fix the vulnerability >>>(timestamps on the original files and processes) >> >>Ditto. We had to clean up some phpBB installs a few weeks ago after they >>were exploited. I'd be very surprised if you weren't hacked already. >>You need to quit reading your email right now and go upgrade. :) >> >>ray >> >> >>_______________________________________________ >>General mailing list >>[email protected] >>http://brlug.net/mailman/listinfo/general_brlug.net >> > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net > -- Scott Harney <[EMAIL PROTECTED]> "Asking the wrong questions is the leading cause of wrong answers" gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
