Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 29, 2006, 11:23 pm
rate this thread
So-called Geeklog "exploit" posted
Thursday, June 29 2006 @ 02:40 PM EDT
In case you've been wondering about the increased amount of people trying
to access a 'plugins' directory on your Geeklog site: Someone has posted
a so-called "exploit" for Geeklog and all the script kiddies are now
rushing to try it out without really understanding what it does and most
importantly why it doesn't work on most of the Geeklog sites out there
anyway. Cont. http://www.geeklog.net/article.php/so-called-exploit
Now I know what's going on at my website. I haven't had any trouble
other than the extra spamx entries, gus entries and increased server
load. I'm well buttoned-down but don't take that as a challenge! <G> I
did find a referral in my logs that got me researching:
This is an sql injection script, right? FAILED! Anyone speak enough
Italian to take on this abuse report?
I did manage to get wvu.edu to delete an old account that was being used
by god knows who to attempt to spam comments on my geeklog.
This puts my focus back on what Karl said earlier about searching out
insecure servers. I probably don't have to tell you how many sysops
don't bother to delete inactive/expired webdirectories/accounts.
So, now that I've explained how I've spent my day, who wants to continue
calling me a spam supporter?
Trippy Triangle: http://technohippie.com
Let's Impeach The President: http://tinyurl.com/eoagh
The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html
Posted via a free Usenet account from http://www.teranews.com