 |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| Calendar
| Chat
| Online users Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album |
|
| | ||
|
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| Calendar
| Chat
| Online users Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album |
|
| | ||
| 0 users currently in Craziness Domain. |
| Acmlm's Board - I3 Archive - Craziness Domain - Learning internet security, the hard way! |
New poll |  |  |
| Add to favorites | Next newer thread | Next older thread |
| User | Post | ||
Zer0wned Koopa                   Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
| First: one mention on "M$" or windows security("security" just to make you bastards happy ^_-), I'm gonna kick you in the teeth (because I'm an internet tough guy =P), this was my own fault, and not window's (not completely at least).
Anyway: holy shit, close call. I've been messing around with some settings on my home FTP server (security and logon stuff), because well, I need to learn, and that's how you learn (duh.). Because of this, I'm quite paranoid. Apparently, rightly fucking so. I was waiting on some crap to load at work (estimated time of at least 5 minutes, so I had some time to lollygag), so I figured I'd give my FTP server a little look-see. Good thing I did. Found a few foreign files, uh oh. Asp files. UH OH. An .exe file UH OH. One of the ASP files has "CMD.exe" and the new uploaded .exe included OH NO. now for the kicker. I go to the foreign "SITE.ASP" file via a browser. oh look, all my files being displayed. oh look, it's browsable, too. right there... yup... all of them... JESUS CHRIST IT'S A HACKER, GET IN THE CAR < /4chan reference>. Well, bike in my case. My manager let me go home early to take care of this. (to hell with family emergencies, I have security breeches that need tending to!) Oh, and I say hacker because nothing was apparently damaged or changed, and no name was boasted. Just seemed like someone practicing their abilities, looks more like a hacker than a cracker or a script kiddy. But I'll be damned if I'm taking a gamble on that... Needless to say I bolted the fuck home. First time I ever hit 31 MPH (~50 KPH for you metric users) on my bike on flat ground. So anyway, now I'm home and booted up onto ubuntu. Once I get my internet fix and some information I'm gonna reboot offline into windows and either re-beef up security, or more likely back up certain files and reformat (because I'm not sure if there are any hidden malicious files, and I just barely started learning about doing packet sniffing and reverse engineering, so there's no way I'd be able to interperet the results as of yet, it'd be a great learning experience, but I'm not risking any personal info) In crazyness because this is funny in a way, I chose to write this in a very unprofessional manner, and I'm not exactly soliciting help/advice. (but it is of course welcome, and see first paragraph before you tell me to drop windows) |
|||
|
Xkeeper Took the board down in a blaze of glory, only to reveal how truly moronical ||bass is.  Since: 11-17-05 From: Henderson, Nevada Last post: 6296 days Last view: 6296 days |
| ||
| Drop wi--
*3000 - 1 narrowly dodges the kick to the teeth First, what kind of settings did you change? I just leave mine alone but make sure only one account (mine) has r/w access. Also, it was more than likely a script kiddy than anything. |
|||
|
Zer0wned Koopa Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
Well, I changed a lot of things, so I don't quiiite remember, but it was something along the lines of giving too many people too much permission  ... But I had sworn I'd disabled write access for any but the admin account (chance I didn't, or did it in the wrong place so it wasn't inherited).
Anyway, the reason for my screwing around with settings was I was trying to allow people that I send files somewhat regularly listing and reading permission on my FTP site. I did some changes last night before I went to sleep and forgot to do a test upload as an anonomous user to make sure that it wasn't allowed. then forgot again in the morning... As for my excuse for windows-- I don't kid myself on ease of use, even the easiest linux distros aren't the quickest thing to pick up on. That and I'm learning ASP and windows servers for work. EDITED: couple typos. (edited by Zer0wned on 08-08-06 08:43 PM) |
|||
|
Xkeeper Took the board down in a blaze of glory, only to reveal how truly moronical ||bass is. Since: 11-17-05 From: Henderson, Nevada Last post: 6296 days Last view: 6296 days |
| ||
I'm just kidding; I'd never actually recommend using Linux, as I have no need for it 
(FZ Server + Omnisecure ftw.) Besides -- why drop what works?  |
|||
|
Zer0wned Koopa Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
| you know, I should stop using the default windows FTP. I like filezilla's free client software, maybe I'll give their server version a try...
and OH SHI- I just realized you were xkeeper. I don't keep up on your frequent name changes. Hell, I don't even know who half these goddamned people are anymore. That might have something to do with that little 3 month haitus and the fact that I'm one of the more low-key members (aka not a moderator, ex moderator, annoying member who posts a lot[at least I don't think I'm annoying =/...], and any other popular type I may have left out) And wait a sec- you primarily use php and yet you're a windows user? wiggy. That reminds me, I've been half considering trying to make an ASP equivalent of acmlm's board for the sake of learning and practice (I'm pretty sure I'm up against an assload of work, but I need some kind of practice). Would someone with the board source code be willing to send it to me so I can try that? Pseudocode would also be nice if that exists anywhere. edit: I guess a PM would be the best way to arrange that? I won't want it until after I've done my reformat. edit 2: yup, I'm DEFINITELY reformatting, I checked the source code to the SITE.ASP, and it led me to believe that they had a loooot more access to my computer than I'm comfortable with (I couldn't tell at first because they had some encrypted information on there that did a check on authorized users). edit 3: Checked my logfiles, and googled a few of the programs/filenames. Definitely a script kiddie. And apparently I did have execute permission off, just not write permission, because the log seems to indicate that upon trying to execute, they were bombarded with 530 errors. Still though, I'm not taking any chances ...(edited by Zer0wned on 08-08-06 08:35 PM) (edited by Zer0wned on 08-08-06 08:45 PM) (edited by Zer0wned on 08-08-06 09:19 PM) (edited by Zer0wned on 08-08-06 10:24 PM) |
|||
FreeDOS + Giant Red Koopa Legion: freedos = fritos  Since: 11-17-05 From: Seattle Last post: 6295 days Last view: 6295 days |
| ||
| Using IIS was most of your problem. | |||
HyperHacker Star Mario Finally being paid to code in VB! If only I still enjoyed that. <_< Wii #7182 6487 4198 1828 Since: 11-18-05 From: Canada, w00t! My computer's specs, if anyone gives a damn. STOP TRUNCATING THIS >8^( Last post: 6296 days Last view: 6296 days |
| ||
Yeah, try using Apache for Windows. You can learn a bit about Linux without actually using it, just by reading the config file. 
Also, this is why I have a remote admin program installed. If for some reason I needed to shut down my computer without being near it, I can simply log in and do it from another computer. |
|||
|
Zer0wned Koopa Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
I've been getting back into linux a little, so sure why the hell not, let's give apache a shot. Might be easier to properly configure everything. But I kinda wonder if that'll affect the relationship with the SQL server... I'll find out I guess. (optimally what I'd reeeaaally like to do is have a junker computer run a windows webserver/database seperate from my own computer, and get used to using client software, and maybe switch to using linux more exclusively again) edit: before anyone says anything, I have to learn ASP and windows servers for work, so don't think me a fanboy =P. (edited by Zer0wned on 08-09-06 06:12 PM) |
|||
|
Zer0wned Koopa Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
| apparently apache doesn't work on windows server 2003, guess it's back to IIS (but being smart about it this time!) | |||
|
FreeDOS + Giant Red Koopa Legion: freedos = fritos Since: 11-17-05 From: Seattle Last post: 6295 days Last view: 6295 days |
| ||
| Apache works on Windows Server 2003. | |||
|
Zer0wned Koopa Since: 12-09-05 From: Torrance, ca Last post: 6453 days Last view: 6453 days |
| ||
| I afterwards figured out what went wrong-- apparently if you don't enter an email address you get a compiling error (which is ridiculous, that shouldn't be mandatory. and compiling error? it was the binary!), and if you try to fix it and reinstall with all the required information, it doesn't overwrite it, it instead makes a new file with the good settings and doesn't let you know about it...
Anyway I replaced my FTP with the non-IIS version, which made it a LOT easier to configure the accounts and security settings. I'll stick with IIS for now for the main reason being once again, it's what my profession will be revolving around. If I ever decide to make a non-practice site for myself to be running off of my own computer, I'll look into Apache::ASP and run it in linux. |
| Add to favorites | Next newer thread | Next older thread |
| Acmlm's Board - I3 Archive - Craziness Domain - Learning internet security, the hard way! |
| |
