Brutalside

Yesterday night was a night with a lot of activity on this site. No less than four obvious hacking attempts were made, all automated attacks from script wankers. The attack is quite simple: By entering PHP code in a form field, the attacker tries to run shell scripts on the server. If the PHP code is allowed to execute, i.e. the tags are not stripped or converted to plain text, and the server is configured to allow PHP to run shell scripts, the attacker will upload various other PHP scripts and files that can be executed at a later time. I’ve seen this a few times before, when my l337 haxx0r friend AReK_5bY tried to take advantage of a security flaw in the blog software I used at that time. Thanks to my unpatched version of Greymatter, and a badly configured server, he was actually able to brake in and run his PHP Shell script.

This time, the attacker was someone who might be calling himself or themselves Brutalside. The attacker tried three times on the previous entry and on entry #408. But this time, it was not successful, thanks to myself and my host Segment Publishing.

I could of course go further with this, but at this point I feel that I really don’t care. The attack is amateurish and could be set up by any newbie. Even I could do this. Script kiddies; please go away. Go out, get a life, enjoy the sun. Wrote the guy who works twelve hours a day and posts pictures of half nude Colombian chicks from Cali es Cali on his site every day. Oh, well…

Yet Another Cali es Cali Babe

Feedback

Do you have any thoughts you want to share? A question, maybe? Or is something in this post just plainly wrong? Then please send an e-mail to vegard at vegard dot net with your input. You can also use any of the other points of contact listed on the About page.

Caution

It looks like you're using Google's Chrome browser, which records everything you do on the internet. Personally identifiable and sensitive information about you is then sold to the highest bidder, making you a part of surveillance capitalism.

The Contra Chrome comic explains why this is bad, and why you should use another browser.