Conversation

Notices

  1. Toothpaste Pony! Toothpaste Pony!

    I'm surprised such an exploit exists in PMA xD

    Wednesday, 03-Oct-12 19:23:10 UTC from web
    1. Cerulean Lulamoon-Spark Cerulean Lulamoon-Spark

      @minti Didn't they have that issue with someone literally managing to get away with committing an obfuscated backdoor to the main source tree?

      Wednesday, 03-Oct-12 19:25:18 UTC from web
      1. Toothpaste Pony! Toothpaste Pony!

        @ceruleanspark I wouldn't know, but if that's true lolol oh man.

        Wednesday, 03-Oct-12 19:26:12 UTC from web
        1. Cerulean Lulamoon-Spark Cerulean Lulamoon-Spark

          @minti Oh, they just injected it into the binaries at sourceforge: http://arstechnica.com/security/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/

          Wednesday, 03-Oct-12 19:26:56 UTC from web
          1. Omni Omni

            @ceruleanspark AND OF COURSE THAT'S THE VERSION I AM RUNNING FFFFFF

            Wednesday, 03-Oct-12 19:29:16 UTC from web
            1. Cerulean Lulamoon-Spark Cerulean Lulamoon-Spark

              @omni But did you get it from sourceforge?

              Wednesday, 03-Oct-12 19:30:45 UTC from web
              1. Omni Omni

                @ceruleanspark No, actually not. I got it from the Arch Linux repositories. Guess I'm safe then, assuming they didn't download it from that exact mirror?

                Wednesday, 03-Oct-12 19:31:38 UTC from web
                1. Cerulean Lulamoon-Spark Cerulean Lulamoon-Spark

                  @omni Yeah. The exploit was injected into the binaries by hacking that specific mirror, so you'll be fine.

                  Wednesday, 03-Oct-12 19:32:56 UTC from web
                  1. Caim Caim

                    @ceruleanspark Mind Jacked

                    Wednesday, 03-Oct-12 19:34:39 UTC from StatusNet Android
                  2. Risk-free learner Risk-free learner

                    @ceruleanspark Yay!

                    Wednesday, 03-Oct-12 19:34:45 UTC from web
                  3. Omni Omni

                    @ceruleanspark @minti @widgit Thanks so much for your help, guys. This being the first time I see myself being attacked and all, it was kinda... strange. Then again, also really, really cool. Haven't felt so awesome when using a computer in a while. Like I was literally saying "**** you guys" when I executed the "sudo rc.d stop httpd" command and all the traffic stopped. God, that was awesome. Really improved my day.

                    Wednesday, 03-Oct-12 19:35:59 UTC from web
                    1. Toothpaste Pony! Toothpaste Pony!

                      @omni Welcome to my world. I use to hack games before coming here. XD

                      Wednesday, 03-Oct-12 19:36:41 UTC from web
                    2. Cerulean Lulamoon-Spark Cerulean Lulamoon-Spark

                      @omni Being on the other side is kind of fun too. Everything I've picked up about system security, I picked up from the perspective of the attacker.

                      Wednesday, 03-Oct-12 19:41:01 UTC from web