How webpage defacement possible just using web hacking?

• Previous message: Juan Pablo: "Re: see which programs are opening ports"
• Next in thread: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Reply: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Maybe reply: Hamish Stanaway: "RE: How webpage defacement possible just using web hacking?"
• Maybe reply: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: security-basics@securityfocus.com
Date: Wed, 09 Mar 2005 00:55:50 +0000

Hello, all.

Some days ago, a site is defacemented by web hacking.
I guess that some attacker gained web server permission using web
application vuln. and changed index file.
Surely, the attacker did gain just nobody privilege(web server user) not
root privilege
and the index file permission is 644 with other user owned.(and there is no
write permission at directory)

I guess that it is impossible to change index file just nobody privilege.
But most webpage defacement is occured using web application vuln. by php
or cgi something like that.

Of course, it will be possible that vulnerable cgi is set suid. but most is
not.

Any idea?

Thanks in advance.

_________________________________________________________________
°í.. °¨.. µµ.. »ç.. ¶û.. ¸¸.. µé.. ±â.. MSN ·¯ºê
http://www.msn.co.kr/love/

• Previous message: Juan Pablo: "Re: see which programs are opening ports"
• Next in thread: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Reply: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Maybe reply: Hamish Stanaway: "RE: How webpage defacement possible just using web hacking?"
• Maybe reply: Eduardo Kienetz: "Re: How webpage defacement possible just using web hacking?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]