Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP Security Blog:
phpBB mass hack in preparation?
Mar 27, 2006 @ 13:14:55

In relation to this message found on a newsgroup last Monday (03.20.2006), Stefan Esser has this new post on the PHP Security Blog with his opinions on "FuntKlakow" and the situation.

During the last days a lot of blog entries, forum posts and even articles in IT magazines were made about a potential phpBB mass hack in preparation. From what is reported it seems to me that FuntKlakow is only a spambot and that the whole situation is a little bit overhyped. In the end it seems enough to enable the visual confirmation in the registration form (captcha) to keep FuntKlakow out, although the captcha is so bad that it should not be hard to break it.

Despite the comment made above, he doesn't suggest dismissing the issue just yet. It's quite possible that the "deception" of FuntKlakow being a spam bot is just that, and it could turn into a massive tool for some developer out there to flip a switch and have a huge amount of server-level access across the world.

Stefan also briefly mentions a patch that he submitted to the phpBB team concerning an issue with the signature_bbcode_uid remote code execution exploit - which wasn't used. Instead, an internal patch was applied that still didn't quite cover the issue.

tagged: security phpbb mass hack FuntKlakow patch security phpbb mass hack FuntKlakow patch

Link:

PHP Security Blog:
phpBB mass hack in preparation?
Mar 27, 2006 @ 13:14:55

In relation to this message found on a newsgroup last Monday (03.20.2006), Stefan Esser has this new post on the PHP Security Blog with his opinions on "FuntKlakow" and the situation.

During the last days a lot of blog entries, forum posts and even articles in IT magazines were made about a potential phpBB mass hack in preparation. From what is reported it seems to me that FuntKlakow is only a spambot and that the whole situation is a little bit overhyped. In the end it seems enough to enable the visual confirmation in the registration form (captcha) to keep FuntKlakow out, although the captcha is so bad that it should not be hard to break it.

Despite the comment made above, he doesn't suggest dismissing the issue just yet. It's quite possible that the "deception" of FuntKlakow being a spam bot is just that, and it could turn into a massive tool for some developer out there to flip a switch and have a huge amount of server-level access across the world.

Stefan also briefly mentions a patch that he submitted to the phpBB team concerning an issue with the signature_bbcode_uid remote code execution exploit - which wasn't used. Instead, an internal patch was applied that still didn't quite cover the issue.

tagged: security phpbb mass hack FuntKlakow patch security phpbb mass hack FuntKlakow patch

Link:

Issociate.de Newsreader:
phpBB mass-hack being prepared?
Mar 20, 2006 @ 13:51:03

In this posting included on the Issociate.de site's Newsreader, there's talk of a "massive phpBB hack" that might be taking place.

During the last few days a bot using a name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums.

Ok, what is a danger? Next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums.

It's an interesting situation and, as suggested in some of the comments on this digg post, will be interesting to see what happens. It is a little odd for that many items to come up on a search for the name that are only profiles for phpBB boards, especially given phpBB's track record...

tagged: phpbb mass hack FuntKlakow bot spam bug phpbb mass hack FuntKlakow bot spam bug

Link:

Issociate.de Newsreader:
phpBB mass-hack being prepared?
Mar 20, 2006 @ 13:51:03

In this posting included on the Issociate.de site's Newsreader, there's talk of a "massive phpBB hack" that might be taking place.

During the last few days a bot using a name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums.

Ok, what is a danger? Next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums.

It's an interesting situation and, as suggested in some of the comments on this digg post, will be interesting to see what happens. It is a little odd for that many items to come up on a search for the name that are only profiles for phpBB boards, especially given phpBB's track record...

tagged: phpbb mass hack FuntKlakow bot spam bug phpbb mass hack FuntKlakow bot spam bug

Link:


Trending Topics: