Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: PHP based defacing tool usage continue to rise

PHP based defacing tool usage continue to rise

From: Mark Ryan del Moral Talabis <talabis_at_gmail.com>
Date: Mon, 30 Jan 2006 11:21:26 +0800

We have been recieving multiple occurences of remote code injection
attempts for the past few weeks. The code injected is the previously
identified "Defacing Tool 2.0 by r3v3ng4ns" which was reported in SANS
in the previous week. Honeynet data indicates that the occurences has
continued unabated since the mid part of December.

Full write-up and code:
http://www.philippinehoneynet.org/dataarchive.php?date=2006-01-20

Ryan Talabis
Philippine Honeynet Project

-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Received on Jan 30 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]