You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 209 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Securing a Read, Write, Execute Directory? [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
LadyCherry
Lieutenant
Lieutenant


Joined: Aug 12, 2003
Posts: 190


PostPosted: Wed Apr 06, 2005 4:48 am Reply with quoteBack to top

Hey All,

I am using an attachment mod for my forums so that people can upload and display their art and other things in the forums.

Yesterday I found that a script was running on the server called testme. It was running with apache. Someone had found the world writable directory and was executing a script from it!

This is a major problem. I need the attachment mod for the functionallity of my site. How can I secure a world writable directory from this happening again?

I own and run the server.

Anyone have any ideas?

Thanks for your time,
-Lady Cherry
Find all posts by LadyCherryView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939


PostPosted: Fri Apr 08, 2005 2:53 pm Reply with quoteBack to top

No one else has access to your server? Can you find that "testme" application?

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
LadyCherry
Lieutenant
Lieutenant


Joined: Aug 12, 2003
Posts: 190


PostPosted: Sun Apr 10, 2005 8:01 am Reply with quoteBack to top

Yes but I removed it right away.

Kicking myself now about it though.

If the directory is read write for the world anyone can add a file to the directory and execute it though right?

-Lady Cherry
Find all posts by LadyCherryView user's profileSend private message
Zhen-Xjell
Nuke Cops Founder
Nuke Cops Founder


Joined: Nov 14, 2002
Posts: 5939


PostPosted: Sun Apr 10, 2005 10:32 am Reply with quoteBack to top

From a local user yes. So that means someone can exploit a service on your system to write something to your FS. But at this point it doesn't appear you have much data to audit?

_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki]
Find all posts by Zhen-XjellView user's profileSend private messageSend e-mailVisit poster's website
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.242 Seconds - 346 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::