They are 3 3 2 2 . o r g
Google the first one and you get plenty of interesting info. It's been
used a number of times before...
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get
I forget who, but some already posted here a list of website inside
the attack code. The websites are changing every few days.
Wil Genovese
One man with courage makes a majority.
-Andrew Jackson
A fine is a tax for doing wrong. A tax is a fine for doing well.
On Aug 9, 2008, at 12:17 AM,
P.S. Don't ask me how the hex code was deciphered. Our network
wizard did it and he just left on vacation. :))
I bet your network wizard spent too much time on it. :)
I showed how to decode the hex a couple weeks ago. All you have to do is
paste the injected SQL in query analyzer and
One of our DB guys had the code decoded in less than 5 minutes. I
email it to him then a few minutes later he said he was looking at
what the code was doing, so I walk across the office to see. Dang if
he hadn't decoded it already and was looking at the SQL.
Wil Genovese
One man with
: Wil Genovese [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 09, 2008 9:01 AM
To: CF-Talk
Subject: Re: Inside the hex code - just 2 sites
One of our DB guys had the code decoded in less than 5 minutes. I email it
to him then a few minutes later he said he was looking at what the code was
doing
Hello,
Some 10,000 attacks later and after spending too much time deciphering the Hex
code the bots sent, the bottom line is that there are just 2 web sites that are
housing the malicious Javascript. (In our case, obviously)
They are 3 3 2 2 . o r g
1 0 0 0 m g . c n
Yes,
6 matches
Mail list logo
