CWings - Server Hacker

[codegirl42]

Anyone ever heard of him?

I happened to be cleaning my server and saw that he had hacked into it.....

http://old.zone-h.org/en/defacements/filter/filter_defacer=Cwings/

You might want to check your server and see if he's done anything....

 

[dalem]

zone-h.org has been around for a long time defacing vunrible php scripts

best to install mod_security with a good set of rules and insure your clients keep their scripts up2date

 

[dgbaker]

zone-h.org has been around for a long time defacing vunrible php scripts

Zone-H does not do the defacing, they track information related to computer crimes (i.e. defacements) Zone-H is neither responsible for the reported computer crimes nor it is directly or indirectly involved in them.

 

[codegirl42]

zone-h.org has been around for a long time defacing vunrible php scripts

best to install mod_security with a good set of rules and insure your clients keep their scripts up2date

does anyone have a good set of rules that i can borrow??!

 

[codegirl42]

I think this was the hack....not sure...

62.194.10.83 - - [08/Oct/2006:14:38:17 -0700] "GET /psychic_powers.cfm?dn=countryvillagestore.com&cid=2b95a00981&nft=1&sp=1&t=4&p=4 HTTP/1.1" 404 -


or maybe:

208.254.45.254 - - [08/Oct/2006:16:04:16 -0700] "\[email protected]\x01\x03" 501 -
208.254.45.254 - - [08/Oct/2006:16:04:23 -0700] "\[email protected]\x01\x03" 501 -
24.193.137.213 - - [08/Oct/2006:21:32:06 -0700] "\x16\x03" 501 -
24.193.137.213 - - [08/Oct/2006:21:45:37 -0700] "\x16\x03" 501 -


i wish i knew wht the heck this all meant...

 

[dalem]

http://gotroot.com/
http://www.eth0.us/mod_security