20071213 Get defacements, database dumps, remote shells, ownages and much more!

It works like that: you write dynamic code and allow parameters to be sent to your code. Then without any type of filtering or validation you use those raw values as parameters for your code. I’ll give you two examples so that you can get the result almost instantly: Example 1: open up your database [...]

20051202 somebody is trying to hack your site while you’re sleeping

I have been finding LOTS of hacking attempts on several sites I manage. Each time I look at the server error log I can find entries like these ones: [Tue Nov 29 00:47:32 2005] [error] [client 209.128.104.183] File does not exist: C:/Webroot/xmlrpc[Tue Nov 29 00:47:37 2005] [error] [client 209.128.104.183] File does not exist: C:/Webroot/xmlsrv[Tue Nov [...]