Massive defacing of GoDaddy sites





Last week saw the largest single attack in history against
web applications. A Turkish defacer named Iskorpitx defaced over 21,000
websites only a few hours. How did he accomplish this?








All of the sites that were defaced were hosted by a single
provider, GoDaddy. In addition to cheap domain name registeration, GoDaddy also
offers hosting services. Customers receive space and bandwidth, as well as a
few pages and scripts. It appears one of these supplied scripts didn’t properly
validate its input. Experts speculate that the culprit was “gdform.asp” which
allows website visitors to email the website owner. This script would write the
mail message to a temporary file. Iskorpitx exploited vulnerability to inject
code that would redirect the where the mail message was written into an HTML
page. This HTML page contained the defaced content.






The moral of the story: Scripts that are supplied to you may
contain vulnerabilities. You should turn off or remove those that you aren’t
using. If you must use a shared script, look at the code yourself or do some
Google searches to see if there are any known issues.

Comments
(anon) | ‎10-29-2007 12:15 PM

When you pay someone to host your website, chances are your site isn’t running on a single box

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.