Forum Moderators: phranque
sorry pals, your still vunerable.
i didnt change the password this time, i suggest getting a new guestbook.
no hard feelings? leave me a message on this board."
I did a quick Google search for Put5 and found he is a regular guesbook hacker. Does anyone have any advice, or is this guestbook just that vulnerable? Thanks in advance.
-John
I don't know the first thing about guestbooks (I don't use 'em), but the first thing I'd do is a search for "<name_of_your_guestbook> vulnerability" and "<your php version> vulnerability", looking for information on how to secure your site. Also, close off anonymous FTP unless you need it, disable Telnet, etc. If your site is commercially-hosted, then contact your host and ask for advice and look at their FAQs if they have any.
This approach, while more time-consuming initially, is better than having to clean up after this guy every time he fancies hacking your site.
He wrote, "No hard feelings"? Yeah, right...
Jim
-Corey
OTH, bringing down a friggin guest book is a pretty stupid thing to do anyways. It might be someone with average skillz who has a grudge against you. In that case, the IP might lead to something.
If your host uses virtual hosting, the attacker might be a customer of your host too.
The shame of it is that this particular site of mine is non-profit, simply the (near) complete works of the 17th century poet Richard Crashaw. There are some professors out there that use the site to access out of print works by the poet and share with their students literature that they otherwise wouldn't be exposed to. The guestbook just provides a way for people to leave comments and ask Crashaw questions.
Anyway, I'll pursue some of the avenues mentioned here. I'm new to this forum, but I'm impressed with the community. Thanks again.
John
php advanced guestbook
You should read this security advisory carefully:
[osvdb.org...] (dated Dec 2, 2004)
Is this the guestbook script you are using?
If so, then you should take it offline immediately. According to the above link, there is a serious security hole in the script with no known fix or workaround.
At best, copy the entries you already have and create a static page with that information whilst you look for an alternative script. Also, inform your hosting company: they should not be offering the script any more in their control panel and they should warn their other clients.
thanks for finding that article. Yes, that's exactly the guestbook I've been using. I'll definitely inform my hosting company. Nice work on your part locating that information.
John
