FUDforum - خوراک RDF
http://fudforum.org/forum/index.php
Mass cracking of FUDForum sites
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=27994&th=5679#msg_27994
I'm watching my log for referrer URL quite closely. Recently I noticed a strange looking Google query with the exclusion keyword ihackstuff.
This produces a list of sites still running FUDForum 2.6.
I looked for further traces from the same IP and saw an attempt to exploit the avatar upload bug. The guy had created an account named 'bonjour' with a yahoo email address. The attack came from a Taiwanese IP (211.76.97.246).
I then checked other sites on that list and sure enough they all had an account 'bonjour' created some time in September. If you are still running 2.6 and have avatar uploads enabled, it's time to check your box.
Heron]]>heron2005-10-04T15:55:42-00:00Re: Mass cracking of FUDForum sites
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=27995&th=5679#msg_27995
Another security tip is to go through your avatars directory and see if you have any files with a non image extension.]]>Ilia2005-10-04T16:06:43-00:00