Thread: Wait, what? I did NOT make any of these recent posts! Holy fuck!
View Single Post
Old 08-19-2011, 07:22 AM  
WarChild
Let slip the dogs of war.
 
WarChild's Avatar
 
Industry Role:
Join Date: Jan 2003
Location: Bermuda
Posts: 17,263
Quote:
Originally Posted by Frosty View Post
Okay...

Let's say that someone went through all the trouble to:

1. Gain access to your server.
2. Decrypts the salted MD5 hash of your blog account.
3. Writes two posts on your "TheLastHonestMan.com" blog.
4. Writes a thread on GFY about it.
5. Then tomorrow writes a thread how someone "wiped" his databases.
6. Then basically says that someone gained access to all of your accounts and posted stuff on GFY.

Yeah, right.
Step two isn't necessary.

1. Exploits well known word press exploits in older versions to gain control of server
2. Uses GFY password reminder to send email to domain on compromised server
__________________
.
WarChild is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote