[LINK] Phishing Servers - Apache and Linux

Rick Welykochy rick at praxis.com.au
Tue Sep 11 15:24:25 AEST 2007 

Craig Sanders wrote:
> On Tue, Sep 11, 2007 at 01:13:57PM +1000, Rick Welykochy wrote:
>> I have received quite a number of phishing/pharming attempts
>> lately, so I decided to follow up on the actual servers being
>> used in the phisher's URL.
>>
>> Out of about 15 samples, all URLs pointed to servers running Linux
>> and Apache.
> 
> my guess is that they're all running some crappy insecure PHP
> application which has been exploited.  PHP (still!) has several
> exploitable bugs, and many people who code PHP don't really know what
> they're doing.

PHP is an absolute joke. There is yet *another* announcement on the
deb-sec list about just one PHP app, phpmyadmin, out yesterday.
Oh what a combination, MySQL + PHP.

   CVE-2007-1325  DoS and crash
   CVE-2007-1395  XSS (cross-site scripting)
   CVE-2007-2245  XSS and arbitrary HTML/script injection
   CVE-2006-6942  more XSS
   CVE-2006-6944  access control bypass

I have just reproduced the announcement numbers. You'd be either bored
to tears with the actual text or shake your head in disbelief. And if
you consider that many many PHP applications suffer from the same
or similar problems, it is no wonder that Linux boxes are being owned
by the crims. Sadly, PHP is casting a pall over Linux's reputation.


> i tend to avoid php+mysql apps because they tend to be written by the
> clueless. if they knew better, they'd choose a better language and a
> better database.

The PHP quagmire is a self-fulfilling nightmare. The clueless use it,
the clueless allow their servers to be exploited, and the clueless
inadvertently aid criminal activity on the 'Net.


cheers
rickw



-- 
_________________________________
Rick Welykochy || Praxis Services

The idea that Bill Gates has appeared like a knight in shining armour to lead all
customers out of a mire of technological chaos neatly ignores the fact that it was
he who, by peddling second-rate technology, led them into it in the first place.
      -- Douglas Adams on Windows '95.

More information about the Link mailing list