Results 1 to 2 of 2
  1. #1
    Join Date
    Feb 2004
    Posts
    1,226

    how they find this vulns?

    hi

    some PHP scripts on my server, that uses mail() command, are being exploited
    the programmer do his homework, validating the from/to address...
    but he adds a header (last field of the mail() command) with something like:
    "From: $_POST[mail]"
    enough for spammers to use POST 'mail' as something like "Content-type... bcc: [email protected], [email protected], [email protected], ..."

    I found which script was doing this and contacted the owner... he fixed it
    but now they're exploiting another script on the server, with the same problem!

    but how did they found out?! it's on a different domain...
    maybe they got access to my server's PHP files (using "apache" user maybe)?

    thanks

  2. #2
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    usually hackers use some software for finding exploitable scripts called as exploit scanners. you also may test your server for expoitable scripts if you have access to similar software (well known software for example is nexus scanner). on theplanet for example you may use free service for this (from orbit customer panel). for doing scan, direct accesss to your server not needed. knewing your ip is enough.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •