View Single Post
  #24  
Unread 2nd August, 2010, 02:26 PM
[email protected]$T=- -=V@STV$T=- is offline
Banned
 
Join Date: Mar 2009
Posts: 30
Default

NEW-exploit- a new one i guess ,wich only darkelarious knows i think ,beside the remote admin exploit wich have never bin fixed not even on patch 451a/b so thats the trigger for guys to make new ones, he says that his not effects patch 451 but i know him longer than today ,profesional guys like him never tell the secrets but it are nasty ones ican tell u, this is not used from inside the server of the victim but used outside another victims server is used to crash the headvictim with it and noone will even know who did it so i guess its an hack somehow with ddos or whatever ,
i only know that its an script that has to run on on a server but might as well be an web server or something




OLD/exploit-The remote admin exploit wich is a problem now for few years is still not fixed but this doesnt compair with the remote crash script/tool but adventually they should be both fixed, the fix i have for remote admin exploit is to use other ports than 80 ,8080 or 8888 and to use the command from utconsole and do "admin set uweb.webserver benable <True/False>" just disable it [False] and than they cannot see the admin pass for console wich is in the remote adminpass under server settings,ones the yhave that all is lost and they can do what ever they like to server but this solution is not an exploit fix it is an bandage arround an big wound.

Last edited by [email protected]$T=- : 2nd August, 2010 at 02:33 PM.
Reply With Quote