Websense: Automated Defacement Through Search Engines

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via Websense.

[snip]

Today's Web page defacements are most often accomplished through file
inclusion attacks, where the attackers exploit a vulnerability in the Web
application and then inject a remote scripting file (also known as a remote
shell). This allows the attackers to take control over the server and
easily deface the Web site.

The question is: how do they find Web applications that are vulnerable to
such attacks? The answer is: by using the search engines on the Internet to
do the legwork. This is not a new technique, but lately we've seen this
incorporated in malicious scripts and malware.

This week, I examine some of the automated tools used for Web site
defacements, where the key element in the operation is the use of a search
engine.

[snip]

More:
http://www.websense.com/securitylabs/blog/blog.php?BlogID=118

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)

wj8DBQFGEW++q1pz9mNUZTMRAg0SAJ90YX7Y01ZhyCTlN61YsqEilGwZkwCfczsI
596NZpQ+Lk+8dwkEKGIYI1E=
=69R9
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.