[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Website locked

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Website locked
From: Jaan Janesmae <secrgb@xxxxxxxxx>
Date: Sun, 18 Apr 2010 18:27:28 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:received:message-id:subject:to:content-type; bh=m6xHEwpl93a01SPBbjz2BfRfGUiWe285ugEUBZd8BGY=; b=IPHXW7dh8GT+6sj+4tvGbQ2IIEWI1ZBjcucrVWuZfOwNs5dR75HANdZK1ZLTewdN6w cybI1fg11biBWTq+DzMlfc/eG0loV3JjbR1CA90yZh67jDD5Srr+UtSnXqG5vpF24Pcp 7rRO61F407WO69nvZJc+qFimYKq8DizcLsg3g=

> Form variable names are no protection if one of them works as an email
> address, your bot would just work through permutations till one of them
> delivers an email to you. At which point you know you have an
> exploitable form and could take the time to look at it manually.
>

I've actually seen a tool that checks for multiple exploits on
different cms/blogware. Works like a web crawler, collects data and
when given the command, it starts attacking and trying out all
exploits and methods known to man. Only way to protect so far is
custom codebase and server side validations.

J.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] Website locked
  - From: Neil Williams
- Re: [LUG] Website locked
  - From: Gordon Henderson
- Re: [LUG] Website locked
  - From: Neil Williams
- Re: [LUG] Website locked
  - From: Gordon Henderson
- Re: [LUG] Website locked
  - From: Simon Waters

Prev by Date: Re: [LUG] OldTopic: Patients on the NHS Database
Next by Date: Re: [LUG] OldTopic: Patients on the NHS Database
Previous by thread: Re: [LUG] Website locked
Next by thread: Re: [LUG] Website locked
Index(es):
- Date
- Thread