Conversation
Notices
-
Blackhats, aren't they hackers or something. That doesn't sound very good.
Wednesday, 03-Oct-12 18:52:31 UTC from web-
@fluttershycanhardlyfly Yes, yes they are. Thank God I just installed a bandwidth monitor and noticed it really quickly after it started. This is kinda scary, but only wants me to go into network security even more.
Wednesday, 03-Oct-12 18:53:18 UTC from web-
@omni Quick Googles seem that it targets versions of PMA that are vulnerable to a config exploit. :p
Wednesday, 03-Oct-12 18:59:29 UTC from web-
Wednesday, 03-Oct-12 19:13:20 UTC from web
-
@omni PHPMyAdmin.
Wednesday, 03-Oct-12 19:13:40 UTC from web-
@ceruleanspark Oh, crap, I'm actually running that but not using it... Let's hope my version is safe...
Wednesday, 03-Oct-12 19:14:47 UTC from web-
@omni scripts/setup.php is the entry point of the exploit and config/config.inc.php is the file created and used. If both of those exist, rename them. :p
Wednesday, 03-Oct-12 19:17:18 UTC from web-
@minti At least, that seems to be the case
Wednesday, 03-Oct-12 19:17:52 UTC from web -
@minti Where would those normally be located? I had "config.inc.php" in etc/webapps/phpmyadmin and renamed it, but I couldn't find it in a "config" folder, and I couldn't find the setup.php at all. I couldn't find any folders, to be more precise.
Wednesday, 03-Oct-12 19:26:48 UTC from web-
@omni Would be in /webapps/phpmyadmin/scripts/setup.php xD The config.inc.php in the root should stay there. Your best bet would be to just rename the entire phpmyadmin folder to "mylittleponiesfartrainbows" or something stupid like that. XD
Wednesday, 03-Oct-12 19:30:56 UTC from web-
@minti I have no subfolders in the phpmyadmin directory, but I'll be renaming it anyway, just to be sure.
Wednesday, 03-Oct-12 19:32:21 UTC from web
-
-
-
-
-
-
@omni What @ceruleanspark said.
Wednesday, 03-Oct-12 19:14:29 UTC from web
-
-
-
-
