[mythtv-users] pcHDTV.com defaced AGAIN

Dan Littlejohn littlejohn86 at gmail.com
Tue Dec 21 22:33:06 UTC 2004


Saw this, maybe it can help the pcHDTV guys.

http://it.slashdot.org/article.pl?sid=04/12/21/2135235&tid=220&tid=217&tid=169

Dan Littlejohn


On Tue, 21 Dec 2004 11:19:14 -0600, Dan Littlejohn
<littlejohn86 at gmail.com> wrote:
> My card company does offer that.  Nice tip, thanks.
> 
> Dan Littlejohn
> 
> On Tue, 21 Dec 2004 11:34:02 -0500, Christopher Flynn
> <flynnguy at gmail.com> wrote:
> > See if you CC has those one time use generators. You set a limit (what
> > the price of the item is) and they give you a one time use number,
> > exparation date etc... Nice for when you don't trust the site.
> >
> > On Tue, 21 Dec 2004 09:57:41 -0600, Dan Littlejohn
> > <littlejohn86 at gmail.com> wrote:
> > > Nice, I just purchased a card from them yesterday and now my credit
> > > card number may be out on the net.
> > >
> > > Dan Littlejohn
> > >
> > >
> > > On Tue, 21 Dec 2004 10:44:00 -0500, Anthony Vito <anthony.vito at gmail.com> wrote:
> > > > > Can someone reach out to Jack/folks and tell them to fix their WWW site again?
> > > > >
> > > > > Wow - someone doesn't like them.
> > > > >
> > > >
> > > > Script kiddies don't discriminate. They'll just hack whatever known
> > > > exploits are available for whatever server. The problem with
> > > > pchdtv.com is this ... https://pchdtv.com/ ... they are running the
> > > > SSL port open on version 1.33.3 of apache... I bet they don't have all
> > > > the SSL patches up to date, because they aren't really using SSL all
> > > > that much.... Or the fact they are running PHP 4.2.2. That has some
> > > > known exploits as well.....
> > > >
> > > > They also have their server horribly unsecured... it's running all
> > > > these open ports...
> > > >
> > > > ## nmap -sS pchdtv.com
> > > >
> > > > Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-12-21 10:31 EST
> > > > Interesting ports on powell.slcinet.net (128.121.217.18):
> > > > (The 1635 ports scanned but not shown below are in state: closed)
> > > > PORT     STATE SERVICE
> > > > 21/tcp   open  ftp
> > > > 22/tcp   open  ssh
> > > > 23/tcp   open  telnet
> > > > 25/tcp   open  smtp
> > > > 79/tcp   open  finger
> > > > 80/tcp   open  http
> > > > 106/tcp  open  pop3pw
> > > > 110/tcp  open  pop-3
> > > > 119/tcp  open  nntp
> > > > 139/tcp  open  netbios-ssn
> > > > 143/tcp  open  imap
> > > > 443/tcp  open  https
> > > > 513/tcp  open  login
> > > > 514/tcp  open  shell
> > > > 587/tcp  open  submission
> > > > 990/tcp  open  ftps
> > > > 992/tcp  open  telnets
> > > > 993/tcp  open  imaps
> > > > 995/tcp  open  pop3s
> > > > 2401/tcp open  cvspserver
> > > > 3306/tcp open  mysql
> > > > 5190/tcp open  aol
> > > >
> > > > MySQL is available for internet logins... I bet that's the same MySQL
> > > > they are storing credit card information in!!! They have "AIM" running
> > > > on the server for god sakes!!!!  I can think of at least 7 starting
> > > > points to break into that box... and I bet 3 of them would have me
> > > > ending up as root or at least getting write access to the web space.
> > > >
> > > > pchdtv guys... I love you and what you stand for. I will donate my
> > > > time to secure your server properly if you wish. If anyone has contact
> > > > info for "Jack" is it? Send him my offer and my contact information.
> > > >
> > > > --
> > > > Anthony Vito
> > > > anthony.vito at gmail.com
> > > >
> > > >
> > > > _______________________________________________
> > > > mythtv-users mailing list
> > > > mythtv-users at mythtv.org
> > > > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> > > >
> > > >
> > > >
> > >
> > >
> > > _______________________________________________
> > > mythtv-users mailing list
> > > mythtv-users at mythtv.org
> > > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> > >
> > >
> > >
> >
> >
> > --
> > You must be the change you wish to see in the world. - Gandhi
> >
> > 
> > _______________________________________________
> > mythtv-users mailing list
> > mythtv-users at mythtv.org
> > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
> >
> >
> >
>


More information about the mythtv-users mailing list