zerg
Мой дом здесь!
- Регистрация
- 5 Май 2006
- Сообщения
- 266
- Реакции
- 424
- Автор темы
- #1
Для просмотра ссылки Войди или Зарегистрируйся проблемы
уязвимость в пхпмайадмине
- Автор темы zerg
- Дата начала
- Статус
metallphilin
старожил nulled
- Регистрация
- 25 Авг 2006
- Сообщения
- 680
- Реакции
- 212
metallphilin
старожил nulled
- Регистрация
- 25 Авг 2006
- Сообщения
- 680
- Реакции
- 212
укажите, пожалуйста, ссылку, не все зарегистрированы на серче.
phpMyAdmin - 2.11.10 моя версия.
ORZ
Гуру форума
- Регистрация
- 13 Июн 2007
- Сообщения
- 255
- Реакции
- 82
Мениа узе какоето дерьмо сканит 
Код:
87.106.142.65 - - [04/Aug/2010:17:02:52 +0300] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:52 +0300] "GET /scripts/setup.php HTTP/1.1" 404 295 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:52 +0300] "GET /admin/scripts/setup.php HTTP/1.1" 404 301 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:53 +0300] "GET /admin/pma/scripts/setup.php HTTP/1.1" 404 305 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:53 +0300] "GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:53 +0300] "GET /db/scripts/setup.php HTTP/1.1" 404 298 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:53 +0300] "GET /dbadmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:53 +0300] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:54 +0300] "GET /mysql/scripts/setup.php HTTP/1.1" 404 301 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:54 +0300] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:54 +0300] "GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:54 +0300] "GET /phpadmin/scripts/setup.php HTTP/1.1" 404 304 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:55 +0300] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:55 +0300] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:55 +0300] "GET /phpmyadmin1/scripts/setup.php HTTP/1.1" 404 307 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:55 +0300] "GET /phpmyadmin2/scripts/setup.php HTTP/1.1" 404 307 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:55 +0300] "GET /pma/scripts/setup.php HTTP/1.1" 404 299 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:56 +0300] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 310 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:56 +0300] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:56 +0300] "GET /web/scripts/setup.php HTTP/1.1" 404 299 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:56 +0300] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 308 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:57 +0300] "GET /websql/scripts/setup.php HTTP/1.1" 404 302 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:57 +0300] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:57 +0300] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:57 +0300] "GET /phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 308 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:58 +0300] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 308 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:58 +0300] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:58 +0300] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:58 +0300] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:58 +0300] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:59 +0300] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:59 +0300] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:59 +0300] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:02:59 +0300] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:00 +0300] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:00 +0300] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:00 +0300] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:00 +0300] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:01 +0300] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:01 +0300] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:01 +0300] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 319 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:01 +0300] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:02 +0300] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:02 +0300] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:02 +0300] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:03 +0300] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:03 +0300] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:03 +0300] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:03 +0300] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:03 +0300] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:04 +0300] "GET /phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:04 +0300] "GET /phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:04 +0300] "GET /phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:04 +0300] "GET /phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:05 +0300] "GET /phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:05 +0300] "GET /phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:05 +0300] "GET /phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:05 +0300] "GET /phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:06 +0300] "GET /phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:06 +0300] "GET /phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:06 +0300] "GET /phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:06 +0300] "GET /phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:06 +0300] "GET /phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:07 +0300] "GET /phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:07 +0300] "GET /phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:07 +0300] "GET /phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:07 +0300] "GET /phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:08 +0300] "GET /phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:08 +0300] "GET /phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:08 +0300] "GET /phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:08 +0300] "GET /phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:09 +0300] "GET /phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:09 +0300] "GET /phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:09 +0300] "GET /phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:09 +0300] "GET /phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:09 +0300] "GET /phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:10 +0300] "GET /phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 318 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:10 +0300] "GET /phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:10 +0300] "GET /phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:10 +0300] "GET /phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:11 +0300] "GET /phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 314 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:11 +0300] "GET /phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 314 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:11 +0300] "GET /phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 314 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:12 +0300] "GET /phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 314 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:12 +0300] "GET /phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 316 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:12 +0300] "GET /phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:12 +0300] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 312 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:13 +0300] "GET /sqlmanager/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:13 +0300] "GET /mysqlmanager/scripts/setup.php HTTP/1.1" 404 308 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:13 +0300] "GET /p/m/a/scripts/setup.php HTTP/1.1" 404 301 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:13 +0300] "GET /PMA2005/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:13 +0300] "GET /pma2005/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:14 +0300] "GET /phpmanager/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:14 +0300] "GET /php-myadmin/scripts/setup.php HTTP/1.1" 404 307 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:14 +0300] "GET /phpmy-admin/scripts/setup.php HTTP/1.1" 404 307 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:14 +0300] "GET /webadmin/scripts/setup.php HTTP/1.1" 404 304 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:15 +0300] "GET /sqlweb/scripts/setup.php HTTP/1.1" 404 302 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:15 +0300] "GET /websql/scripts/setup.php HTTP/1.1" 404 302 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:15 +0300] "GET /webdb/scripts/setup.php HTTP/1.1" 404 301 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:15 +0300] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 306 "-" "ZmEu"
87.106.142.65 - - [04/Aug/2010:17:03:16 +0300] "GET /mysql-admin/scripts/setup.php HTTP/1.1" 404 307 "-" "ZmEu"metallphilin
старожил nulled
- Регистрация
- 25 Авг 2006
- Сообщения
- 680
- Реакции
- 212
Мениа узе какоето дерьмо сканит
Для просмотра ссылки Войди
у меня этих файлов нет. логи тоже чистые. на сайте пхпадмина, последняя версия так 3.3.5.
Значит надо искать актуальный репозиторий центос.
Добавлено через 21 минуту
Для просмотра ссылки Войди
и
Для просмотра ссылки Войди
суть в том, что уязвимы все версии _до 2.11.10
решение обновиться до 2.11.10 или 3.0.0 и выше
DrakonHaSh
Постоялец
- Регистрация
- 29 Июн 2010
- Сообщения
- 357
- Реакции
- 122
Експлоит в пабле уже около полугода, всего-лишь допиленный вариант этого:
По-старинке юзается баг выполнением кода в __destruct() после попадания пользовательских данных в unserialize()
Вообще я был дико удивлен, получив письмо от fastvps, удивлен, что забили тревогу)) Описывать суть не буду, я думаю в нете уже не мало написали, но не смотря на то, что баг актуален до версии 2.11.10, експлоит своей актуальности не утратит еще долго(надеюсь), ну конечно не без помощи прямых рук))
Для просмотра скрытого содержимого вы должны войти или зарегистрироваться.
По-старинке юзается баг выполнением кода в __destruct() после попадания пользовательских данных в unserialize()
Вообще я был дико удивлен, получив письмо от fastvps, удивлен, что забили тревогу)) Описывать суть не буду, я думаю в нете уже не мало написали, но не смотря на то, что баг актуален до версии 2.11.10, експлоит своей актуальности не утратит еще долго(надеюсь), ну конечно не без помощи прямых рук))
- Статус