mrpotatohead
03-28-2007, 04:45 PM
Hi guys,
I got a message through PM today with the following contained:
"Dear admin, thank you for your interest.
As you have read at www.paradox-security.de.vu I checked your homepage and found critical security holes.
Proof:
Your SQL Data of the forum
$config['Database']['dbname'] = **removed for purposes of post**;
$config['MasterServer']['servername'] = **removed for purposes of post**
$config['MasterServer']['port'] =**removed for purposes of post**
$config['MasterServer']['username'] = **removed for purposes of post**
$config['MasterServer']['password'] = **removed for purposes of post**
And a part of your document root structure:
[barcrawl] DIR 05.03.2007 19:44:19 joemcd/joemcd drwxr-xr-x Info
[bbwebsite] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[celebritybb] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[cgi-bin] DIR 01.08.2006 19:23:42 joemcd/joemcd drwxr-xr-x Info
[contact] DIR 03.01.2007 17:06:32 joemcd/joemcd drwxr-xr-x Info
[dump] DIR 03.01.2007 17:06:36 joemcd/joemcd drwxr-xr-x Info
[faq] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
[forums] DIR 18.01.2007 09:27:29 joemcd/joemcd drwxr-xr-x Info
[frozen-illusion] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
[frozenillusion] DIR 06.02.2007 22:39:18 joemcd/joemcd drwxr-xr-x Info
[jmcdesig] DIR 20.08.2006 12:47:31 joemcd/joemcd drwxr-xr-x Info
[jmcdesigns] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[newsfeed] DIR 03.01.2007 17:06:37 joemcd/joemcd drwxr-xr-x Info
[newsletter] DIR 03.01.2007 17:09:12 joemcd/joemcd drwxr-xr-x Info
[nutv] DIR 08.03.2007 17:23:58 joemcd/joemcd drwxr-xr-x Info
[portal] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[research] DIR 27.01.2007 16:12:06 joemcd/joemcd drwxr-xr-x Info
[sifr] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
This security hole is very critical as you can see, because the attacker hase complete Server access.
If you want to know more I?ll give you my paypal address to transfer the money (100 EUR), otherwise I wish you good luck, and I hope that I could help you.
greez
paradoX
Please don`t reply to this PM. For contact write an email."
What can I do to improve the security? Any idea what this security hole is?!
I'm changing all my passwords now...
- Joe
I got a message through PM today with the following contained:
"Dear admin, thank you for your interest.
As you have read at www.paradox-security.de.vu I checked your homepage and found critical security holes.
Proof:
Your SQL Data of the forum
$config['Database']['dbname'] = **removed for purposes of post**;
$config['MasterServer']['servername'] = **removed for purposes of post**
$config['MasterServer']['port'] =**removed for purposes of post**
$config['MasterServer']['username'] = **removed for purposes of post**
$config['MasterServer']['password'] = **removed for purposes of post**
And a part of your document root structure:
[barcrawl] DIR 05.03.2007 19:44:19 joemcd/joemcd drwxr-xr-x Info
[bbwebsite] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[celebritybb] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[cgi-bin] DIR 01.08.2006 19:23:42 joemcd/joemcd drwxr-xr-x Info
[contact] DIR 03.01.2007 17:06:32 joemcd/joemcd drwxr-xr-x Info
[dump] DIR 03.01.2007 17:06:36 joemcd/joemcd drwxr-xr-x Info
[faq] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
[forums] DIR 18.01.2007 09:27:29 joemcd/joemcd drwxr-xr-x Info
[frozen-illusion] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
[frozenillusion] DIR 06.02.2007 22:39:18 joemcd/joemcd drwxr-xr-x Info
[jmcdesig] DIR 20.08.2006 12:47:31 joemcd/joemcd drwxr-xr-x Info
[jmcdesigns] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[newsfeed] DIR 03.01.2007 17:06:37 joemcd/joemcd drwxr-xr-x Info
[newsletter] DIR 03.01.2007 17:09:12 joemcd/joemcd drwxr-xr-x Info
[nutv] DIR 08.03.2007 17:23:58 joemcd/joemcd drwxr-xr-x Info
[portal] DIR 03.01.2007 17:06:42 joemcd/joemcd drwxr-xr-x Info
[research] DIR 27.01.2007 16:12:06 joemcd/joemcd drwxr-xr-x Info
[sifr] DIR 03.01.2007 17:09:17 joemcd/joemcd drwxr-xr-x Info
This security hole is very critical as you can see, because the attacker hase complete Server access.
If you want to know more I?ll give you my paypal address to transfer the money (100 EUR), otherwise I wish you good luck, and I hope that I could help you.
greez
paradoX
Please don`t reply to this PM. For contact write an email."
What can I do to improve the security? Any idea what this security hole is?!
I'm changing all my passwords now...
- Joe