|
|
|
|
- Readme First! - Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 363 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
| The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
No Comments Allowed for Anonymous, please register | | | | |
Re: Hacker-site using PHP-Nuke (Score: 1) by Kliber on Monday, December 22 @ 19:04:02 CET (User Info | Send a Message) http://www.petroleobar.com | Yes and No; they can raise the alarm of a security hole being discovered and force us to patch; but at the same time they can do some harm (Messing Database, install backdoors, also you can be acused of hacking your own server provider cuz there are some binaries running in your account :P, etc.) since I installed PHPNuke (3 years ago) I've been hacked 3 times, I've been lucky too, and no harm was done but the "shame" to be defaced; but my system its more secure now, if wasnt by them, today my sistem could be 3 times more risky than it its now. (not all of us can be checking all the days for new vul. being discovered)
Well, one of the ways I see they could help, its to use they own xploits hosted in their own servers to patch those inocent vulnerable ones (and in wich administrators dont have any Idea of security)... this seems to be a work for: "Super NukeCop"!!
LOL |
| Parent | | | | |
Re: Hacker-site using PHP-Nuke (Score: 1) by kipuka on Tuesday, December 23 @ 06:04:26 CET (User Info | Send a Message) | Nah, because it takes the thrill away for them. They will continue to play pranks until they outgrow this stage of life, get sued, or go to jail.
You can use their exploit info to improve other areas. Step back and analyze how the exploits are done, then you have an idea the scenario which needs to exist to use the technique elsewhere. These guys aren't any smarter than others here. It's just they are looking at things from a totally different perspective which happens to be the same one testers of the code should be using. What better way to find vulnerabilities than actually using the software like they are doing.
One thing I think really needs to go is how everyone is using nuke_ as a default prefix for table names. Make these guys do some work.
|
| Parent | | | | | |
|