Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: phpmyadmin compromised?
From: "H. Kurth Bemis" <kurth () kurthbemis com>
Date: Mon, 19 Nov 2012 12:06:15 -0500

This.

As I recall this happened after changing the "Secret Key".  I've also
see this happen after a major upgrade, likely due to the same reason.

Best of luck,
~k

On Mon, 2012-11-19 at 17:51 +0100, Christian Sciberras wrote:
That is not a compromise. It is related to a change in encoding.
Please clear your cookies and try again.

(I've had this exact problem in the past, but I don't remember the details)


Chris.


On Mon, Nov 19, 2012 at 5:48 PM, Benji <me () b3nji com> wrote:

.. could you have provided any less information? why dont you look through
your code instead of emailing a screenshot to a mailing list? really?


On Mon, Nov 19, 2012 at 4:47 PM, Benji <me () b3nji com> wrote:

.. coul


On Mon, Nov 19, 2012 at 4:45 PM, Lucio Crusca <lucio () sulweb org> wrote:

Hello *,

I've setup my browser to remember login & password at my server
phpmyadmin
login page. It usually fills the two fields correctly, but today it
showed
this crap instead:


http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg

Since I've already suffered a security breach through phpmyadmin in the
past, I immediately suspected another one. Please note that phpmyadmin is
shielded by http digest authentication since the previous accident.

Are you aware of any security problems related to phpmyadmin (or to
Iceweasel 10 for that matter) that can cause such garbage on the login
page?

Thanks in advance
Lucio.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

That is not a compromise. It is related to a change in encoding.
Please clear your cookies and try again.


(I've had this exact problem in the past, but I don't remember the
details)




Chris.


On Mon, Nov 19, 2012 at 5:48 PM, Benji <me () b3nji com> wrote:
        .. could you have provided any less information? why dont you
        look through your code instead of emailing a screenshot to a
        mailing list? really?
        
        
        On Mon, Nov 19, 2012 at 4:47 PM, Benji <me () b3nji com> wrote:
                .. coul
                
                
                On Mon, Nov 19, 2012 at 4:45 PM, Lucio Crusca
                <lucio () sulweb org> wrote:
                        Hello *,
                        
                        I've setup my browser to remember login &
                        password at my server phpmyadmin
                        login page. It usually fills the two fields
                        correctly, but today it showed
                        this crap instead:
                        
                        http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg
                        
                        Since I've already suffered a security breach
                        through phpmyadmin in the
                        past, I immediately suspected another one.
                        Please note that phpmyadmin is
                        shielded by http digest authentication since
                        the previous accident.
                        
                        Are you aware of any security problems related
                        to phpmyadmin (or to
                        Iceweasel 10 for that matter) that can cause
                        such garbage on the login page?
                        
                        Thanks in advance
                        Lucio.
                        
                        
                        
                        
                        _______________________________________________
                        Full-Disclosure - We believe in it.
                        Charter:
                        http://lists.grok.org.uk/full-disclosure-charter.html
                        Hosted and sponsored by Secunia -
                        http://secunia.com/
                
                
        
        
        
        _______________________________________________
        Full-Disclosure - We believe in it.
        Charter: http://lists.grok.org.uk/full-disclosure-charter.html
        Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]