MS Web Defacements

Printable View

April 15th, 2004, 01:42 PM
OverdueSpy

MS Web Defacements

It looks like the hacker with the handle of "iskorpitx" hit at least 5000 MS 2K servers last night. http://www.zone-h.org/en/defacements

Has anyone heard how this was accomplicshed? My thoughts Perhaps done via:
1. A new, unknown vulnerability
2. Built off of one of the MS critical releases
3. The product of hording compromised systems, via known vulns, to set some record?

I would like to know more specifics if anyone is privy to the info.
April 15th, 2004, 01:46 PM
SirDice

If you look closely you'll see that every url that got defaced ends in /cgi-bin. So my guess would be some vulnerable cgi-script.
April 15th, 2004, 02:12 PM
OverdueSpy

Quote:

Originally posted here by SirDice
If you look closely you'll see that every url that got defaced ends in /cgi-bin. So my guess would be some vulnerable cgi-script.

Thanks SirDice. I can't believe I overlooked that. Overlooking the obvious is often painful. Let me slap myself in the forehead to make the point!

Thanks again.

All times are GMT +1. The time now is 03:33 AM.