-
MS Web Defacements
It looks like the hacker with the handle of "iskorpitx" hit at least 5000 MS 2K servers last night. http://www.zone-h.org/en/defacements
Has anyone heard how this was accomplicshed? My thoughts Perhaps done via:
1. A new, unknown vulnerability
2. Built off of one of the MS critical releases
3. The product of hording compromised systems, via known vulns, to set some record?
I would like to know more specifics if anyone is privy to the info.
-
If you look closely you'll see that every url that got defaced ends in /cgi-bin. So my guess would be some vulnerable cgi-script.
-
Quote:
Originally posted here by SirDice
If you look closely you'll see that every url that got defaced ends in /cgi-bin. So my guess would be some vulnerable cgi-script.
Thanks SirDice. I can't believe I overlooked that. Overlooking the obvious is often painful. Let me slap myself in the forehead to make the point!
Thanks again.