I know there is a probability that this is well known by everyone already... but there is a nasty phpmyadmin bug that allows the user to exploit the php eval() function. Allows them to gain control of your box. I have had several boxes get nailed hard by this one including a vicibox install.
http://poc-hack.blogspot.com/2011/08/ph ... -3431.html
phpmyadmin vulnerability
Moderators: enjay, williamconley, Staydog, mflorell, MJCoate, mcargile, Kumba
5 posts
• Page 1 of 1
phpmyadmin vulnerability
by Acidshock » Thu Jan 05, 2012 4:55 pm
- Acidshock
- Posts: 430
- Joined: Wed Mar 03, 2010 3:19 pm
by williamconley » Thu Jan 05, 2012 6:35 pm
which is why we lock the phpmyadmin folder with a password.
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
- williamconley
- Posts: 20359
- Joined: Wed Oct 31, 2007 4:17 pm
- Location: Davenport, FL (By Disney!)
by DomeDan » Mon Jan 09, 2012 8:42 am
Server:
Redux 3.1.9
phpmyadmin: Version information: 3.3.8.1
Client:
$ php -v
PHP 5.3.3-7+squeeze3 with Suhosin-Patch (cli) (built: Jun 28 2011 13:13:26)
$ php -i | grep -i 'curl info'
cURL Information => 7.21.0
$ php 48563.txt http://x.x.x.x/phpMyAdmin
[i] Running...
[*] Contacting server to retrive session cookie and token.
[!] Fail. Host not vulnerable. Web server writable folder http://x.x.x.x/phpMyAdmin/config/ does not exsist.
[*] Exiting...
more info about the vulnerabilities http://ha.xxor.se/2011/07/phpmyadmin-3x ... -code.html
Redux 3.1.9
phpmyadmin: Version information: 3.3.8.1
Client:
$ php -v
PHP 5.3.3-7+squeeze3 with Suhosin-Patch (cli) (built: Jun 28 2011 13:13:26)
$ php -i | grep -i 'curl info'
cURL Information => 7.21.0
$ php 48563.txt http://x.x.x.x/phpMyAdmin
[i] Running...
[*] Contacting server to retrive session cookie and token.
[!] Fail. Host not vulnerable. Web server writable folder http://x.x.x.x/phpMyAdmin/config/ does not exsist.
[*] Exiting...
more info about the vulnerabilities http://ha.xxor.se/2011/07/phpmyadmin-3x ... -code.html
Vicidial Partner. Region: Sweden/Norway.
Does Vicidial installation, configuration, customization, add-ons, CRM implementation, support, upgrading, network-related, pentesting etc. Remote and onsite assistance.
Email: domedan (at) gmail.com
Does Vicidial installation, configuration, customization, add-ons, CRM implementation, support, upgrading, network-related, pentesting etc. Remote and onsite assistance.
Email: domedan (at) gmail.com
- DomeDan
- Posts: 1226
- Joined: Tue Jan 04, 2011 9:17 am
- Location: Sweden
by williamconley » Mon Jan 09, 2012 1:04 pm
1 piece of software declaring a server safe does not make it so.
also, i'm not sure how much i trust an app that misspells retrive.
i have had client systems broken into with the latest phpmyadmin installation (more than one). I suspect those would pass many tests ... but not this particular hacker. LOL
until AFTER we lock down the folder with an apache password ... then the problems seem to never come up. Don't know if the hacker goes away forever or if he bangs against the wall and fails. All I know is that none of our systems ship with unlocked phpmyadmin folder and all our existing clients who experience any issues at all have them locked immediately.
so far so good.
also, i'm not sure how much i trust an app that misspells retrive.
i have had client systems broken into with the latest phpmyadmin installation (more than one). I suspect those would pass many tests ... but not this particular hacker. LOL
until AFTER we lock down the folder with an apache password ... then the problems seem to never come up. Don't know if the hacker goes away forever or if he bangs against the wall and fails. All I know is that none of our systems ship with unlocked phpmyadmin folder and all our existing clients who experience any issues at all have them locked immediately.
so far so good.
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
- williamconley
- Posts: 20359
- Joined: Wed Oct 31, 2007 4:17 pm
- Location: Davenport, FL (By Disney!)
by DomeDan » Mon Jan 09, 2012 1:36 pm
of course its not safe, I would never expose my vicidial-server to the internet anyway.
But as long as theres other clients on my network, I'm still not completely safe.
Just trying this one out because of curiosity and thought I might as well post the result here
regarding the spelling, first thing I noticed was "exsist" which looks a bit silly.
But as long as theres other clients on my network, I'm still not completely safe.
Just trying this one out because of curiosity and thought I might as well post the result here
regarding the spelling, first thing I noticed was "exsist" which looks a bit silly.
Vicidial Partner. Region: Sweden/Norway.
Does Vicidial installation, configuration, customization, add-ons, CRM implementation, support, upgrading, network-related, pentesting etc. Remote and onsite assistance.
Email: domedan (at) gmail.com
Does Vicidial installation, configuration, customization, add-ons, CRM implementation, support, upgrading, network-related, pentesting etc. Remote and onsite assistance.
Email: domedan (at) gmail.com
- DomeDan
- Posts: 1226
- Joined: Tue Jan 04, 2011 9:17 am
- Location: Sweden
5 posts
• Page 1 of 1
Return to ViciBox Server Install and Demo
Who is online
Users browsing this forum: No registered users and 55 guests