Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Janm on March 07, 2005, 06:16:57 AM
-
Take a look it looks like they have a problem
http://ruffdogs.com
-
Wow ... Not a nice thing to happen.
-
if you look at the source it look like the are from uk
http://www.kucc.org.uk/chat/docs/hi.gif
-
Yes i viewed the page source and found the same.. the image file from a chat foulder... they might have breached there site also to cover tracks.. who knows but they are still down
-
I have informed Ruffdogs. Please allow them some time for they are in a different Time zone.
guest
-
maybe its a special project
link
http://www.socialmpn.com
-
But you have to use this
http://www.socialmpn.com/forum
http://www.ruffdogs.com/forum
Jan
-
The most likely reason the GIF source is at another site is that they have only gained edit rights to the ruffdogs website and are unable to drop the file directly there, however they have may have sufficient rights at the UK site.
Looks like another unpatched PHP website, not very promising.
Jack
-
I find this event unfortunate, but I don't beleive that ruffdogs is to blame. From an outside stand point let's look at it this way.
Say for instance he is running the website on SME and using the current stable released version which I beleive is 6.0.1.
The version of PHP in the released version is not up to date for obvious reasons so a hole may have been identified in the version of PHP in the version of SME, thus it could still be exploited. As there is no proper patching system in SME, on a production server you would be reluctant to apply any updates.
I appreciate that security fixes need to be applied to stop these sort of attacks and fix holes, so I think one of the first things on the agenda for SME may be an update system :-)
Just may take on this event.
-
LOL, I'm certainly happy to see that everybody is so concerned about the Ruffdogs site.
The site was hacked through the sanitizer script inhereted from myPHPNuke. It was Social MPN (a web application) that got hacked, not the server that it's on. The server that it's on is not an SME box but a debian box running a modified version of DTC (http://www.gplhost.com/?rub=softwares&sousrub=dtc) of which Ruffdogs has contributed a number of patches and code to.
So folks, it's the same old story with a PHP app, (if they try long enough they will find a way in) nothing more.
They got no further into the system than replacing the index.php page.
And BTW, the hacker has agreed to test our PHP based apps for us. What's the old saying, "keep your friends close and your enemies closer"? :-)
And please remember, I am not aware of any CMS that has been around for any extended period of time, that hasn't been exploited in one manner or another. This was the first for Social MPN.
Garret
-
garret, I have to say your post has encouraged me to give ruffdogs a chance with your run at the SME server.
I hope you guys succeed in your goals.
But that is no excuse for having such an ugly web site and logo :P (no offence)
-
Garret, you are right in saying that "try long enough and you will find a hole" Look at M$ software.
Great to here that the hole has been plugged. Maybe one day we will see an SME server at ruffdogs :-P
-
Maybe one day we will see an SME server at ruffdogs
There are a number of SME servers running at Ruffdogs, it's just that they are not best suited as a major hosting platform IMO :-).
Garret
-
The version of PHP in the released version is not up to date for obvious reasons so a hole may have been identified in the version of PHP in the version of SME, thus it could still be exploited.
Although PHP has not been faultless, it's PHP application faults that have been responsible for most PHP related website breakins. PHP just makes it too easy to make mistakes.
If anyone is looking for an alternative, I'd strongly recommend perl, with taint checking enabled (via the -T flag).