[Coco] Sites restored

Torsten Dittel Torsten at Dittel.info
Fri Nov 23 19:26:44 EST 2007


a few days ago I noticed the upload dir feature. To be honest, I didn't 
like the idea that one could read the usernames there (makes it much 
easier to start an exploit because you would just have to find the 
corresponding password because you already know a valid username).

However, for curiousity (and because noone else had been in the Cafe to 
chat with, I really hate the time shift ;-)) I had a look in each single 
of the available dirs to see what people are using that feature for. I 
noticed the suspicious dirs "anncy" and "testing" containing malicious 
codes (one script containing several times the words "Balkan Crew").

I immediately posted a warning adressed to yourself into the Cafe's 
chat, expecting that you're lurking from time to time and would catch 
the message (it was even in there the next day). I warned everyone *not* 
to access those files. Bad enough it looks like you didn't read it in 
time. Looks like I should really have sent you an e-mail...


More information about the Coco mailing list