Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: phpmyadmin compromised?
From: nauty.me04 () gmail com
Date: Mon, 19 Nov 2012 16:58:32 +0000

Not a compromise.Please check the encoding. Refrsh the page again and it should work

Regards
Aditya Balapure
Sent on my BlackBerry® from Vodafone

-----Original Message-----
From: Lucio Crusca <lucio () sulweb org>
Sender: full-disclosure-bounces () lists grok org uk
Date: Mon, 19 Nov 2012 17:45:56 
To: <full-disclosure () lists grok org uk>
Subject: [Full-disclosure] phpmyadmin compromised?

Hello *,

I've setup my browser to remember login & password at my server phpmyadmin 
login page. It usually fills the two fields correctly, but today it showed 
this crap instead:

http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg

Since I've already suffered a security breach through phpmyadmin in the 
past, I immediately suspected another one. Please note that phpmyadmin is 
shielded by http digest authentication since the previous accident.

Are you aware of any security problems related to phpmyadmin (or to 
Iceweasel 10 for that matter) that can cause such garbage on the login page?

Thanks in advance
Lucio.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]