SSL encryption hacked

Keith (Gulf Breeze Ortho Lab) keith at gulfbreezeortholab.com
Wed Sep 21 15:28:31 EDT 2011


Hi There,

I have had a few Web sites hacked in the past, and each time (without 
exception), it was due to a vulnerability in WordPress. Just an FYI.

Sincerely,

- Boo

-----Original Message----- 
From: stephen barncard
Sent: Wednesday, September 21, 2011 11:12 AM
To: How to use LiveCode
Subject: Re: SSL encryption hacked

Some of my Dreamhost accounts have been violated by a group of Malaysian
script kiddies.  I wonder what they used.  My early investigation revealed
pieces of code that appeared in a Wordpress media upload folder. This is the
place where Wordpress puts imported photos and other media.

They had complete run of my 8 or so websites at 'shared' root.

one of the files had PHP and Javascript code that OBVIOUSLY was used to
commit these crimes.    Other stuff on there wasn't used in my attack:
Denial of Service code, etc.

It looked like a complete burglar's kit of tools.  UGH. I had to take a
shower after touching this stuff.

There's creepy stuff out there that could destroy the very foundations of
the WEB:

SSL Encryption ( in some cases ) has been
cracked<http://www.theregister.co.uk/2010/06/08/padding_oracle_attack_tool/>
.  Paypal has been
breached<http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/>
by
researchers.

Without confidence, the entire web could become inert and useless, like CB
radio.

One good thing - the kiddies will temporarily be confused by odd-looking
Livecode scripting. Probably think it's a PHP derivative.

On 21 September 2011 04:09, Claudi Cornaz <claudi.c at fiberworld.nl> wrote:

> Hi all,
>
> I came across this article and altough I don't know much about this I
> thought it might interest some of you.
> Hackers break SSL encryption used by millions of sites
>
> I don't know which version of SSL livecode server deploys, but apparently
> this might be something quite serious
> and perhaps even a unique opportunaty for livecode server by
> being/becomming save.
>
> Claudi
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



-- 



Stephen Barncard
San Francisco Ca. USA

more about sqb  <http://www.google.com/profiles/sbarncar>
_______________________________________________
use-livecode mailing list
use-livecode at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode 





More information about the use-livecode mailing list