Game Hacker تنزيل
Linda Berens
We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative.
Our first pentests revealed a major finding and showed the value of an ethical hacker community combined with PTaaS. Today, our pentests give us full visibility into findings in real-time, allowing us to pivot to fix and retest while the pentest is still running. The result is that we have more trust in the final report and can plan to direct efforts immediately to any weak spots.
"It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it said in an alert last week. "Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed."
The disclosure comes as Kaspersky revealed that the project's website was infiltrated at some point in 2020 to redirect select Linux users who attempted to download the software to a malicious site hosting a Debian package.
FDM said its investigation uncovered a vulnerability in a script on its site that the hackers exploited to tamper with the download page and lead the site visitors to the fake domain deb.fdmpkg[.]org hosting the malicious .deb file.
"It had an exception list of IP addresses from various subnets, including those associated with Bing and Google," FDM said. "Visitors from these IP addresses were always given the correct download link."
I have a php website where everything is in the public_html\ folder, including an includes folder with config and classes. I told my developer to move it away from public folder but he said there is no risk as files are php files and even if someone types in browser the
Is that correct? Is there no way someone can download a php file and see whats inside, even if hacker logs into my server somehow to download the file or include it in a php file on his server using XSS?
To combat this make sure file_privs are disabled for the MySQL user account used by PHP. If display_errors = on in your php configuration then an attacker can obtain the path to your web root, and use sql injection or directory traversal to read source code.
In addition to server-side vulnerabilities of all varieties, leaked FTP passwords are also a significant concern. There is a class of client-side infections that harvest your saved FTP passwords from programs like CuteFTP, FileZilla, and DreamWeaver, sending the login credentials to an attacker. This is very common. I've personally seen hundreds, maybe thousands of cases where this has happened. And typically, the person who unknowingly leaked the passwords is someone who no longer needs to have them anyway.
And if you're wondering whether an attacker will actually dig through your configuration files looking for passwords, the answer is unambiguously "yes". Typically it's one of the very first things an attacker will do, within minutes of compromising a new machine.
If your web server is misconfigured, then the php might not be executed. You obviously need to have php installed and running server-side, as well as have a web server in place that supports this. If, for some reason, something goes wrong with your php installation, then it is theoretically possible to download the php file "raw." This, however, is unlikely.
If there is an LFI (local file inclusion) vulnerability in this script (or any other dynamic pages on the site), it is possible to display a file that is located on the web server. See the Wikipedia page on file inclusion vulnerabilities to see what this would look like.
Leaked FTP passwords are all very common and are one of the most common ways that source files are removed, malware installed on the developers websites is very common and recently develops gave began witnessing spear phishing attacks against them in an attempt for hackers to gain intellectual property.
One of the not so common ways and from what I'm aware of is only known by a certain amount of people, but if you develop your website on the Linux webserver where the website is being hosted onthen you may have a problem as some editing software will store backups of edited files hidden from the developers view e.g.
This would reveal the source of of the backup login.php file to prevent against this you would either have to develop your code of site and upload it to the server or make sure that there are no backup files stored in a directory that the public have access to.
For example, there may be a vulnerability that allows an attacker to view files in the web server, including raw PHP code. Or an attacker may be able to discover your FTP password, which also could be done in many ways, including man-in-the-middle attacks and social engineering. There are many possibilities. Below, I've listed some vulnerabilities that could allow it, but bottom line is, just having PHP files in the public_html folder absolutely shouldn't be a risk for itself.
A download.php file which takes a GET/POST parameter with the name of the file to download, and doesn't filter user input correctly, could make it possible to download the raw code of a file on the site, through accessing an address like this: =../index.php. See this.
Another example: if there's a vulnerability that allows an attacker to execute code on your server, such as Local/Remote File Inclusion, File Upload Vulnerabilities, and others, it might also be possible for him to run code that allows him to read your PHP source code.
As long as things are setup correctly on the server, PHP files should be registered as scripts and the web server should have them interpreted by PHP when requested and only display the results of that interpretation.
That said, any number of issues can result in files being exposed. Some of these issues can also expose data regardless of if they are in a public folder or not. It is always important to make sure your server is properly configured to only allow the requests you need allowed. This reduces the surface area available to attack and helps avoid possible bug related issues that could result in a breach.
Is it a good idea to have a config file in a public folder? As long as the server is configured not to give out the file without processing it, it probably isn't much less secure than any other spot on the system. There is the small chance of a bug in the web server being used to prevent execution by the scripting engine, but the more likely attacks are attacks that would come from some other direction like SQL, FTP or some code injection where being in a private folder would be equally exposed.
That said, the flip side of the question is why not put it somewhere else. The most secure option would be to put it someplace that only the user that the web site's PHP instance runs as can access and deny access to the file from any other mechanism (such as the FTP user or any other publicly used users.) This is rather difficult to configure and manage however, so a decision has to be made if the additional security is necessary or not.
It's a toss up on which is best. It's a lot of extra work to manage all the paths, permissions and users to maintain that level of security. On the flip side, as long as the server is kept patched and properly configured, you should only be vulnerable to zero day exploits that attack at a very low level and can be safe against pretty much all common attacks, even with the config file in the public folder.
News broke on Saturday that the website of Linux Mint, said to be the third most-popular Linux operating system distribution, had been hacked, and was tricking users all day by serving up downloads that contained a maliciously-placed "backdoor."
The hacker responsible, who goes by the name "Peace," told me in an encrypted chat on Sunday that a "few hundred" Linux Mint installs were under their control -- a significant portion of the thousand-plus downloads during the day.
The hacker shared a portion of the forum dump, which we verified contains some personally identifiable information, such as email addresses, birthdates, profile pictures, as well as scrambled passwords.
Those passwords might not stay that way for much longer. The hacker said that some passwords have already been cracked, with more on the way. (It's understood that the site used PHPass to hash the passwords, which can be cracked.)
It later emerged that the hacker had placed the "full forum dump" on a dark web marketplace, a listing we were also able to verify that exists. The listing was going for about 0.197 bitcoin at the time of writing, or about $85 per download.
About 71,000 accounts have been loaded into breach notification site HaveIBeenPwned, it announced on Sunday. Just less than half of all accounts were already in the database. (If you think you might be affected by the breach, you can search its database for your email address.)
Peace declined to give their name, age, or gender, but did say they lived in Europe and had no affiliations to hacking groups. The hacker, known to work alone, has previously offered private exploit services for known vulnerabilities services on private marketplace sites they're associated with.
Peace was "just poking around" the site in January when they found a vulnerability granting unauthorized access. (The hacker also said they had the credentials to log in to the site's admin panel as Lefebvre, but was reluctant to explain how in case it proved useful again.) On Saturday, the hacker replaced one of the 64-bit Linux distribution images (ISO) with one that was modified by adding a backdoor, and later decided to "replace all mirrors" for every downloadable version of Linux on the site with a modified version of their own.
The backdoored version isn't as difficult as you'd think. Because the code is open-source, the hacker said it took them just a few hours to repack a Linux version that contained the backdoor.
03c5feb9e7