[thelist] Hacked by kerem125
Brian Cummiskey
brian at hondaswap.com
Fri Feb 2 09:30:33 CST 2007
Chris Dempsey wrote:
> Domain in question is www.inandaboutayrshire.com and it now redirects to
> http://killit.us/kerem.htm
>
Chris, the "shire" site is coming up 404 for me. I'm assuming you shut
off the site?
Odds are, the site had a hole in it that allowed an XSS (cross-site
scripting) event to be added, or possibly even a SQL injection attack
with something as simple as a <meta refresh /> tag inserted into the
page. thus redirecting the site.
Working in e-commerce, I deal with these things daily, as sites that
store CC numbers must meet PCI compliance.. There's always someone
trying to grab credit card numbers, fortunately, we've yet to report a
successful injection.
A great tool that can point out obvious holes is hackersafe. It's not
free though.
http://www.hackersafe.com/
More information about the thelist
mailing list