Anatomy of a hacking

| | Comments (1)

Well Campbell found the site last night that had been compromised (running phpbb). Somehow, not sure how, it's then trawled through the file system on the server looking for files that were group writeable (all ordinary users are in the same group, so any group writeable files are writeable by everyone else on the server). Generally files shouldn't be group writeable by default, however MT in its default wisdom seems to generate all its files as *world* writeable. *sigh* It could just be the way directories get setup by default, will have to have a play with it - sorry if I break anything in the process :) Fortunately Campbell was online last night to mount the backup partition for me, and I got back my non-blog files that had been overwritten. If anything, it's a good motivation for me to clean out my home directory, as it's totally full of crap.

And on that note, I'm off to bed.


Dave2 said:

If you are running under suEXEC or CGIWrap then it's easy to force MT to write out its files without being world-writable... you just need to un-comment some masks in the mt.cfg file.

I have two sites bookmarked from when I did this:

December 24, 2004 12:10 AM


Leave a comment

Kazza's "Boring Life Of a Geek" aka BLOG

IT geek, originally from Sydney, moved to Canberra in 2007. Married to "the sweetie", aka Stu. Prolific photographer, Lego junkie and tropical fish keeper.

Kazza the Blank One home