[f.montoya]

Quote:

Originally Posted by Getch

Hey guys,

I've been contacted by a few PM's about this. Unfortuantely, I don't know much about hacking, but I'll help out as much as I can.

My utlities use Perl, and not PhP. Not sure if that changes anything. I'm not sure how they could ever be used to hack a server. There's not a whole lot of open-ended coding in there to deviate from what it is supposed to do.

My utils have no access to ftp or login info. The login info that you see in my utils is separate from the server, and only allows access to more OOTPOU screens. Even as an admin, you can't do much.

Anyway, sounds like the person is getting access from the ftp server, which, as I said, my utils have no control over. Just a thought... OOTP stores the FTP server connection info in the league file. Perhaps that is somehow been compromised and that is how this person is hacking the sites?

Anyway, i'll help in any way I can. PM is the best way to get a hold of me, since I don't watch the boards a ton.

Not to bring undue alarm regarding your utilities but of the 50 some sites I host, 4 were hacked. All four use OOTPOU. Of the others that did not get hit, only one uses OOTPOU. I want desperately to believe there is no security hole but when things like this happen the first thing I do as a webhost is look for common denominators among the affected.

That said, I did notice that the password field in the login form allows unusually long passwords. In addition, are there any verifications in the code there that will prevent perl code or even php code from being entered in that field? I haven't tried but you may want to try injecting a small "write file" piece of code and stick in there to see what happens.

Just a thought, Getch. You know I'm a big fan of your utilities and I appreciate your input here in this thread.