View previous topic :: View next topic |
Author |
Message |
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
|
Back to top |
|
|
ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
Posted: Tue Nov 26, 2002 8:03 am Post subject: |
|
|
seems like its down....i get nothing
|
|
Back to top |
|
|
max_blakk Just Arrived
Joined: 29 Oct 2002 Posts: 0 Location: South Wales UK
|
Posted: Tue Nov 26, 2002 11:50 am Post subject: |
|
|
Top bananna..!!!!
Not doing a write up on the exploit though..???
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Tue Nov 26, 2002 11:51 am Post subject: |
|
|
max_blakk wrote: |
Top bananna..!!!!
Not doing a write up on the exploit though..??? |
I might do, it's that lame though it's hardly worth it.
|
|
Back to top |
|
|
max_blakk Just Arrived
Joined: 29 Oct 2002 Posts: 0 Location: South Wales UK
|
Posted: Tue Nov 26, 2002 9:44 pm Post subject: |
|
|
Comon give us all a hint...
|
|
Back to top |
|
|
m0nk Just Arrived
Joined: 26 Nov 2002 Posts: 0
|
Posted: Tue Nov 26, 2002 11:22 pm Post subject: XMB vuln. |
|
|
ShaolinTiger~% wget http://www.site.com/forum/index_log.log
.....this is how he 0wned the forums, not the server...
...mmm tarball of Shaolin Tiger's home dir from darknet.co.uk?...maybe on a later post..........
|
|
Back to top |
|
|
decypherohm Just Arrived
Joined: 16 Nov 2002 Posts: 1 Location: World - Europe - Portugal - Lisbon
|
Posted: Tue Nov 26, 2002 11:31 pm Post subject: |
|
|
that http sintaxe works in almost all forums?!?!?!?!
|
|
Back to top |
|
|
max_blakk Just Arrived
Joined: 29 Oct 2002 Posts: 0 Location: South Wales UK
|
Posted: Wed Nov 27, 2002 1:33 pm Post subject: |
|
|
Thought it was something like that or an open php script or something from the "owned part of the site" bit..
Cheers monk new sec hole to look at..(but where you being a bit bitchy there..???)
|
|
Back to top |
|
|
ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
|
Back to top |
|
|
chris Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777201 Location: ~/security-forums
|
Posted: Wed Nov 27, 2002 7:15 pm Post subject: Re: XMB vuln. |
|
|
m0nk wrote: |
...mmm tarball of Shaolin Tiger's home dir from darknet.co.uk?...maybe on a later post.......... |
rofl
anything interesting in there except porn ?
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Wed Nov 27, 2002 7:46 pm Post subject: |
|
|
Hey collection of donkey pr0n r0x ok
ComSec LMAO nice one
|
|
Back to top |
|
|
max_blakk Just Arrived
Joined: 29 Oct 2002 Posts: 0 Location: South Wales UK
|
|
Back to top |
|
|
ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
Posted: Sat Nov 30, 2002 3:21 pm Post subject: |
|
|
LOL, max_blakk
just shows you how easy it is to take over some forums....lazy Admins should add a few lines and create a .htaccess file
Open up Notepad and put the following in :
<Files index_log.log>
order allow,deny
deny from all
</Files>
<Files cplogfile.log>
order allow,deny
deny from all
</Files>
When you go to save it, use All Files as the file type, not as a txt file. Save the file as .htaccess and upload it to your XMB main directory and you're set.
good job we mean no harm and are just pointing the fact out
others, well they could wreek havoc
nice 0ne again
p.s just noticed your post .....cheeky , think he will now
http://www.mid-citieshonda.com/forum/viewthread.php?tid=10
|
|
Back to top |
|
|
max_blakk Just Arrived
Joined: 29 Oct 2002 Posts: 0 Location: South Wales UK
|
Posted: Sat Nov 30, 2002 3:54 pm Post subject: |
|
|
Thx Comsec,
Another one is open phpmyadmin, found a few of those that would benfit from .htaccess files too...
|
|
Back to top |
|
|
|