Results 1 to 11 of 11

Thread: Server hack

  1. #1

    Server hack

    Well, that's unusual. I leave a couple SSH sessions open on my desktop all day just to see that my servers are up. When I got home from work, one of them had a couple BROADCAST messages on the screen from Apache with some sentences... along the lines of ... "I want to talk to you about your server" and "I do not mean ANY harm to your sites. I want to talk to you but don't have a tty, you can use /tmp/messages"....

    I have no idea when this happened or how you can send broadcast messages as Apache.. I assume some security vulnerability in either Apache or PHP.

    Any tips where to look and what for? There's so many domains on this server I can't possibly look through everyone's apache logs.
    Dan Grossman - dan @
    My Blog | Affiliate Program for Web Hosts

  2. #2
    <lizard-> well you have security issues, i can execute commands via some vulnerable scripts

    Dan Grossman - dan @
    My Blog | Affiliate Program for Web Hosts

  3. #3
    lizard- on #phreaking #aix #suicide +#hackphreak #infect3d @#rofl #!phrack @+#anti-aol @#kill

    He tells me it's a vulnerability in osTicket. Time to replace that helpdesk.
    Last edited by Dan Grossman; 05-05-2005 at 06:17 PM.
    Dan Grossman - dan @
    My Blog | Affiliate Program for Web Hosts

  4. #4
    Join Date
    Jun 2003

  5. #5
    Join Date
    Jun 2004

    If you follow the link that sehe has given you, you will find the lastest update for osTicket.

    We advise that you update to these version asap.

    If any of your clients have osTicket version 1.2.7 or 1.3.0 please tell them to upgrade to v1.3.1 till v2.0 comes out, Which should be soon.

    Want a gmail account,
    E-mail me [email protected]

  6. #6
    Join Date
    Oct 2003
    Long Island, New York
    That's pretty funny, what a nice guy he was. - Business Web Hosting Solutions & Server Management Since 2003

  7. #7
    Join Date
    Dec 2004
    Ask him if he wants a job

  8. #8
    Join Date
    Mar 2005
    I have once had a nice guy like that on one of my forums. He told me how to fix it and he didnt do any harm. He said that it was a cookie error on phpbb.
    You are luckey that he didnt do any harm.
    My Blog -
    My Entertainment site -

  9. #9
    Join Date
    Jan 2005
    San Francisco/Hot Springs


    Originally posted by n3tw0rk5
    Ask him if he wants a job
    Yeah, driving to county jail heheheh
    AppliedOperations - Premium Service
    Bandwidth | Colocation | Hosting | Managed Services | Consulting

  10. #10
    Judging by the list of IRC channels he was on, he's probably not old enough to work even part time.
    Dan Grossman - dan @
    My Blog | Affiliate Program for Web Hosts

  11. #11
    I wouldn't be so quick to judge his age. Regardless of how old he may or may not be, he was mature enough to let you know about a vulnerability on your server rather than exploit it.
    Matt Wade
    Christian Web Hosting - Home of the PHP Coding Contest - Directory of PHP Web Hosts. Free Listing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts