Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Re:Ok, so I got the popcorn ready.... (Score 1) 254

I doubt the attackers even went through the hustle to gain root (no need, anyone can start stuff on (unfiltered) 8080). Finding a vulnerable .php/cgi for executing commands on the Server under the uid of the Webserver sounds much easier to me. 1. Scan for vulnerable Servers 2. upload trojansite.tgz 3. unpack to some world-writable/executable directory like for e.g. /tmp/.../ 4. fire up nginx serving the trojans 5. Profit (5 ?! omg, people really have to work for their monies these days)

Work expands to fill the time available. -- Cyril Northcote Parkinson, "The Economist", 1955

Working...