Hacks: July 2006 Archives

Somewhere over the rainbow

My rainbow tables for alphanumeric plus 32 symbols and a space are not working right with Sam Inside. I'm not sure if the problem is with SAMInside or with the files. My original file source is not available right now, so I cant download a new copy and compare hashes. I feel like my powers have been diminished, like superman with kryptonite.

By Roger on July 19, 2006 7:11 PM | | Comments (0) | TrackBacks (0)

More Invision Power Board Vulnerabilities

Six Apart's free support bulletin board for Movable Type has been offline for maintenance since this past weekend. I just saw why on Bugtraq. Looks like there is another SQL injection exploit in Invision Power Board that will grant an attacker admin access. This is a vulnerability in versions prior to 2.1.7. Hopefully they'll get patched and back online soon.

Back in May, I wrote when that forum was exploited and modified to serve up WMF exploits. At that time I let the SANS ISC know about it. So it was pretty funny in June when a Circuit City IPB forum was hacked and it made the tech news. According to MSN search there are still a lot of boards running Invision Power Board 2.1.6. A lot of them are hobby websites that likely learn the hard way about keeping up with security patches.

By Roger on July 18, 2006 10:05 PM | | Comments (0) | TrackBacks (0)
« Hacks: May 2006 | Main Index | Archives | Hacks: September 2006 »

About this Archive

This page is a archive of entries in the Hacks category from July 2006.

Hacks: May 2006 is the previous archive.

Hacks: September 2006 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Hacks: July 2006: Monthly Archives

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.2-en

Search