Menu
▾
▴
wxperl-users
|
From: Jouke V. <jo...@pv...> - 2002-08-28 10:12:05
|
The wxPerl Wiki I mentioned before has more or less been set up. The current url is http://213.84.151.206/cgi-wxperl/view.pl/FrontPage , which will become http://wxperl.pvoice.org/cgi-wxperl/view.pl/FrontPage in a few days (after the dns change has been propagated throughout the world). Of course the Wiki is empty right now, but I'll be starting to put things on it, and hope a lot of you will do the same. Jouke |
|
From: John R. <jr...@ce...> - 2004-12-06 02:02:34
|
Some <ahem> charming person has attacked the wxPerl Wiki and replaced some of the pages (including the home page, unfortunately) with a bunch of annoying links. Could whoever has control of the server restore it? |
|
From: Mark W. <ma...@il...> - 2004-12-06 03:10:55
|
My project homepage was similarly hacked last week. They get in through the "search" binary, apparently. I simply removed that binary and hopefully that has solved the problem. There's a warning being sent around from the TWiki developers about how the exploit works, and they apparently have a patch available. I just decided that the search utility wasn't useful enough for me to take the chance, but that may not be true for the wxPerl community, Mark John Ralls wrote: > Some <ahem> charming person has attacked the wxPerl Wiki and replaced > some of the pages (including the home page, unfortunately) with a > bunch of annoying links. Could whoever has control of the server > restore it? > > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://productguide.itmanagersjournal.com/ > _______________________________________________ > wxperl-users mailing list > wxp...@li... > https://lists.sourceforge.net/lists/listinfo/wxperl-users > |
|
From: Jouke V. <jo...@pv...> - 2004-12-06 05:30:21
|
Mark Wilkinson wrote: > My project homepage was similarly hacked last week. They get in > through the "search" binary, apparently. I simply removed that binary > and hopefully that has solved the problem. > > There's a warning being sent around from the TWiki developers about > how the exploit works, and they apparently have a patch available. I > just decided that the search utility wasn't useful enough for me to > take the chance, but that may not be true for the wxPerl community, > This does not seem to have to do anything with hacking. It's a wiki, so the malicious visitor just edited the homepage (many times) and put something else in place. I restored a previous version (which is a very easy taks that could be done by anyone...just browse through the revisions (the '<' at the top), find a good version, edit the page, save the page...) Thanks for letting me know ... -- /Jouke Visser/ pVoice website <http://www.pvoice.org> Personal website <http://jouke.pvoice.org> Mail me <mailto:jo...@pv...> Skype me! <callto://joukevisser> |
|
From: John R. <jr...@ce...> - 2004-12-06 05:46:57
|
OK, now I see how to do it. Looks like the home page has been spammed a lot. Perhaps some security measures *are* in order. Can you prevent anonymous posters from editing pages? It might be necessary to also require some additional authorization... perhaps an off-line email request to you for auth. Regards, John Ralls On Dec 5, 2004, at 9:29 PM, Jouke Visser wrote: > > This does not seem to have to do anything with hacking. It's a wiki, > so the malicious visitor just edited the homepage (many times) and put > something else in place. I restored a previous version (which is a > very easy taks that could be done by anyone...just browse through the > revisions (the '<' at the top), find a good version, edit the page, > save the page...) > > Thanks for letting me know ... > > > -- > Jouke Visser > |
|
From: John R. <jr...@ce...> - 2004-12-13 00:42:21
|
OK, I just fixed the Home Page *again*. The home page shouldn't really=20=
need much changing; perhaps you should just lock it completely.
Then, while checking other pages changed by AGs, I tried to look at the=20=
previous version of wxList and got:
Software error:
No such revision: at=20
/usr/local/lib/perl5/site_perl/5.8.5/Kwiki/Revisions.pm line 61.
For help, please send mail to the webmaster (jo...@pv...), giving=20=
this error message and the time and date of the error.
Software error:
[Mon Dec 13 01:36:24 2004] index.cgi: No such revision: at=20
/usr/local/lib/perl5/site_perl/5.8.5/Kwiki/Revisions.pm line 61.
at /usr/local/lib/perl5/site_perl/5.8.5/Spoon.pm line 37
Spoon::__ANON__('[Mon Dec 13 01:36:24 2004] index.cgi: No such=20=
revision: at /...') called at /usr/local/lib/perl5/5.8.5/CGI/Carp.pm=20
line 314
CGI::Carp::realdie('[Mon Dec 13 01:36:24 2004] index.cgi: No=20
such revision: at /...') called at=20
/usr/local/lib/perl5/5.8.5/CGI/Carp.pm line 400
CGI::Carp::die('No such revision: ') called at=20
/usr/local/lib/perl5/site_perl/5.8.5/Kwiki/Revisions.pm line 61
=20
Kwiki::Revisions::toolbar_params('Kwiki::Revisions=3DHASH(0x83abd7c)')=20=
called at /usr/local/lib/perl5/site_perl/5.8.5/Kwiki/Revisions.pm line=20=
28
Kwiki::Revisions::revisions('Kwiki::Revisions=3DHASH(0x83abd7c)')=
=20
called at /usr/local/lib/perl5/site_perl/5.8.5/Spoon/Hub.pm line 32
Spoon::Hub::process('Kwiki::Hub=3DHASH(0x83766bc)') called at=20=
/usr/local/lib/perl5/site_perl/5.8.5/Kwiki.pm line 11
Kwiki::process('Kwiki=3DHASH(0x817c8c4)', 'config.yaml',=20
'-plugins', 'plugins') called at=20
/var/www/html/vhosts/wxperl.pvoice.org/cgi-bin/wxperl-kwiki/index.cgi=20
line 4
For help, please send mail to the webmaster (jo...@pv...), giving=20=
this error message and the time and date of the error.
That's a rather embarrassing bug!
Regards,
John Ralls
On Dec 5, 2004, at 9:29 PM, Jouke Visser wrote:
> Mark Wilkinson wrote:
> My project homepage was similarly hacked last week.=A0 They get in=20
> through the "search" binary, apparently.=A0 I simply removed that =
binary=20
> and hopefully that has solved the problem.
>
> There's a warning being sent around from the TWiki developers about=20=
> how the exploit works, and they apparently have a patch available.=A0 =
I=20
> just decided that the search utility wasn't useful enough for me to=20
> take the chance, but that may not be true for the wxPerl community,
>
>
> This does not seem to have to do anything with hacking. It's a wiki,=20=
> so the malicious visitor just edited the homepage (many times) and put=20=
> something else in place. I restored a previous version (which is a=20
> very easy taks that could be done by anyone...just browse through the=20=
> revisions (the '<' at the top), find a good version, edit the page,=20
> save the page...)
>
> Thanks for letting me know ...
>
>
> --=20
> Jouke Visser
>
>
> <image.tiff>
> pVoice website
> <image.tiff>
> Personal website
> <image.tiff>
> Mail me
> <image.tiff>
> Skype me!
> <pvoice.org.png><personal.png><mail.png><skypeme_btn_small_green.gif>=
|
|
From: herbert b. <dei...@we...> - 2004-12-06 11:34:12
|
yes our wxperl wiki on wxperl.de was also rampaged 3 weeks ago. herbert John Ralls wrote: > Some <ahem> charming person has attacked the wxPerl Wiki and replaced > some of the pages (including the home page, unfortunately) with a > bunch of annoying links. Could whoever has control of the server > restore it? > > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://productguide.itmanagersjournal.com/ > _______________________________________________ > wxperl-users mailing list > wxp...@li... > https://lists.sourceforge.net/lists/listinfo/wxperl-users > |
|
From: Simon F. <sf...@fl...> - 2004-12-06 11:59:37
|
And the Maypole wiki has been spammed several times recently. Very irritating. --simonflk herbert breunung wrote: > yes our wxperl wiki on wxperl.de was also rampaged 3 weeks ago. > > herbert > > John Ralls wrote: > >> Some <ahem> charming person has attacked the wxPerl Wiki and replaced >> some of the pages (including the home page, unfortunately) with a >> bunch of annoying links. Could whoever has control of the server >> restore it? >> >> >> >> ------------------------------------------------------- >> SF email is sponsored by - The IT Product Guide >> Read honest & candid reviews on hundreds of IT Products from real users. >> Discover which products truly live up to the hype. Start reading now. >> http://productguide.itmanagersjournal.com/ >> _______________________________________________ >> wxperl-users mailing list >> wxp...@li... >> https://lists.sourceforge.net/lists/listinfo/wxperl-users >> > > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://productguide.itmanagersjournal.com/ > _______________________________________________ > wxperl-users mailing list > wxp...@li... > https://lists.sourceforge.net/lists/listinfo/wxperl-users |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X