Unfortunately such subject lines are all so common. However, lets work through this one together to show an excellent tool, and a common source.
Steve Burn over at it-mate.co.uk submitted an investigation they had been running into a number of sites hosted by a single hosting provider being compromised and leading to malware.
So, lets look at a few examples:
Firstly, just a simple proof that the exploit is still in place, lets look at :
hxxp://www.adammcgrath.ca (216.97.237.30 - Whois : OrgName: Lunar Pages)
If you simply curl, or wget, the home page of this site, you'll get
Steve Burn over at it-mate.co.uk submitted an investigation they had been running into a number of sites hosted by a single hosting provider being compromised and leading to malware.
So, lets look at a few examples:
Firstly, just a simple proof that the exploit is still in place, lets look at :
hxxp://www.adammcgrath.ca (216.97.237.30 - Whois : OrgName: Lunar Pages)
If you simply curl, or wget, the home page of this site, you'll get
Read the full article
http://isc2.sans.org/diary.html?storyid=6178
No comments:
Post a Comment