Results 1 to 7 of 7

Thread: Net worm using Google to spread

  1. #1
    Senior Member
    Join Date
    Mar 2004

    Net worm using Google to spread


    Apparently, at this time, this only affects the boards not the users (according to Kapersky)


    The worm creates a specially formulated Google search request. This request will give a list of sites running vulnerable versions of phpBB. The worm then sends a request to all sites found, which contains an exploit for the vulnerability. When the server under attack processes the exploit, the worm penetrates the site and gains control. This process is then repeated.
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  2. #2
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Perl.Santy is a worm written in Perl script that attempts to spread to web servers which are vulnerable to the PHPBB Remote URLDecode Input Validation Vulnerability (BID 11672). If successful, the worm copies itself to the server and overwrites files with the following extensions:

    * .asp
    * .htm
    * .jsp
    * .php
    * .phtm
    * .shtm
    basicly if your running a vulenerable PHPBB server.. patch it..

    info found @ http://securityresponse.symantec.com...erl.santy.html

    Happy Bah Humbug
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  3. #3
    Join Date
    Dec 2004
    Isn't there a update though for it already? To help prevent it from spreading to their server?

  4. #4
    Senior Member
    Join Date
    Mar 2004


    Google squashes Santy worm

    Apparently Google was quick to act....after being prodded.

    This is another article "Google's search for security" that deals with Google's security issues.


    This pretty much sums up their situation.
    "There is a tough balance between providing information to customers and providing information that can be harmful in the hands of an attacker,"
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  5. #5
    Senior Member
    Join Date
    Jun 2002
    Has anybody noticed on their webserver a lot of hits from googlebot from this? I don't have a very friendly website for search engines but over the last couple of days i've noticed googlebot hitting the website about 5 - 10 times a day. I looked at reffering urls and it's totally empty for the google hits and there isn't anything in it. Just thought I would ask seems kind of fishy .
    Good Grief

  6. #6
    Join Date
    Apr 2004
    what actually is a google bot? nvr actualy saw it but heard a lot abot it?
    a link would be nice

  7. #7
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Beverwijk Netherlands
    Googlebot: Google's Web Crawler

    Googlebot is Google's web-crawling robot. It collects documents from the web to build a searchable index for the Google search engine. On this page, you'll find answers to the most commonly asked questions about how our web crawler works.
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts