[Lazarus] Lazarus Forum seems to be hacked!

waldo kitty wkitty42 at windstream.net
Thu Jan 28 23:32:17 CET 2010

On 1/28/2010 12:17, patspiper wrote:
> Was the php shell C99madshell?
> It seems many sites have been recently compromised via this shell. The
> ways the shell is uploaded depends on the vulnerabilities of the forum
> software.

my point that i just tried to make in a (very) recent post is that this type of 
c4rp would not happen if the vars passed in the GET and POST were properly 
sanitized ;)

FWIW: it doesn't matter which shellcode was used as long as any shellcode can be 
pulled from a remote site via an unsanitized var...

More information about the Lazarus mailing list