Monday, April 02, 2007

Websense: Automated Defacement Through Search Engines

Preben Nylokken writes on The Websense Security Labs Threat Blog:

Today's Web page defacements are most often accomplished through file inclusion attacks, where the attackers exploit a vulnerability in the Web application and then inject a remote scripting file (also known as a remote shell). This allows the attackers to take control over the server and easily deface the Web site.

The question is: how do they find Web applications that are vulnerable to such attacks? The answer is: by using the search engines on the Internet to do the legwork. This is not a new technique, but lately we've seen this incorporated in malicious scripts and malware.

This week, I examine some of the automated tools used for Web site defacements, where the key element in the operation is the use of a search engine.

More here.

0 Comments:

Post a Comment

<< Home