Search found 5 matches

by SQLBoy
Mon Apr 18, 2005 5:47 pm
Forum: 2.0.x Discussion
Topic: code suggestion
Replies: 2
Views: 341

code suggestion

I'm not the best PHP coder in the world but it seems to me that the development rules should create some limitation on either the length of the line or the number of functions you can call on a single line of code. The reason? Its confusing and you have to have noticed by now that most of the arbitr...
by SQLBoy
Sun Dec 12, 2004 2:32 pm
Forum: 2.0.x Discussion
Topic: Forum Hack Story
Replies: 32
Views: 2403

Another thing you can do to limit the execution of programs or at least make it harder for a hacker is to create a group called "netuser" and chown root:netuser any network application. Then chmod it 750 so noone else can execute them.

It would have stopped apache from executing wget.
by SQLBoy
Tue Dec 07, 2004 8:47 pm
Forum: 2.0.x Discussion
Topic: Forum Hack Story
Replies: 32
Views: 2403

Wouldn't a basic incoming firewall stop this type of back door anyway? There is a all inclusive, anyone can execute it, script out now for the script kiddies that uses this method. Because this isn't a backdoor as such, you will no doubt get nagetive responses from scanners but still have code sitti...
by SQLBoy
Tue Dec 07, 2004 1:50 am
Forum: 2.0.x Discussion
Topic: Forum Hack Story
Replies: 32
Views: 2403

No, it is another IRC server. I don't want to post the details on here because I have modified their perl script to monitor the channel for me. It still respond to most of the bot commands they have so they have not caught on that I'm actually an intruder. When I have time, I get all the IP addreses...
by SQLBoy
Mon Dec 06, 2004 2:50 am
Forum: 2.0.x Discussion
Topic: Forum Hack Story
Replies: 32
Views: 2403

Forum Hack Story

So, recenltly I was away on a weekend trip to NY and when I came back, a customer of mine had his machine hacked into through phpBB. The guy uploads a perl script which is an IRC bot script and it connects to a channel under the cracker's control. From that point, he can execute arbitrary shell comm...

Go to advanced search