Easily recycle thousands of compromised boxes using these easy steps
- Search for commonly used defacer messages
- Pick a defaced site
- Find out how they got in
- Patch the entrance (optional)
- Repeat
Because of forgotten web applications lying around web directories not updated those steps can be very effective. Some defacements can go undetected for many years. If someone can create or edit files in web directories specially a php script, a shell's a whiff away.
For example this guy does not even know his host got pwned in March 2006. I think he's very busy with his new kid.
Outdated or not, the insecure web application (phpGraphy) which was used to gain entry has a below average security track record.
- 0.9.13a - Fixed a security bug related to vulnerability in PHP itself
- 0.9.12 - Fixed security bug introduced in 0.9.9
- 0.9.12 - Fixed security bugs introduced in 0.9.12-rc1
- 0.9.11-rc1 - Fixed security bug related to internal security levels
- 0.9.9a - Fixed little security bug with random pic function
- 0.9.5 - Some html "security" holes fixed
- 0.9.4 - Bugfixed security level system
