****************************************** UPDATE 11.30 PM GMT We are receiving 17,000 more defaced websites in these minutes. We will account them in this news but we are not sure we will ever be able to handle such a huge amount of notifications as to mirror all of them we should possess a distributed platform such the one Google is having on Akamai. The latest notified defacements seems to belong to the ISP secureserver.com We have not examined the source code to the asp file in detail or done more than superficial research on this mass defacement, but this does not appear to be a vulnerability in IIS. This appears to be a problem with poor script coding and / or failing to properly validate user form input. I would guess that the hacker is able to inject their own code into the asp or php script being used to send mail."
Holy Shit! I was just handed something fun to look at for work. Basically, this guy found 0day in the godaddy administration pages for every godaddy account. The count is 22,000+ and rising! |