[Lazarus] Lazarus Forum seems to be hacked!
waldo kitty
wkitty42 at windstream.net
Thu Jan 28 23:32:17 CET 2010
On 1/28/2010 12:17, patspiper wrote:
> Was the php shell C99madshell?
>
> It seems many sites have been recently compromised via this shell. The
> ways the shell is uploaded depends on the vulnerabilities of the forum
> software.
my point that i just tried to make in a (very) recent post is that this type of
c4rp would not happen if the vars passed in the GET and POST were properly
sanitized ;)
FWIW: it doesn't matter which shellcode was used as long as any shellcode can be
pulled from a remote site via an unsanitized var...
More information about the Lazarus
mailing list