Webmin

JJJCR · 08-21-2019, 11:49 PM

Hi guys, anyone seen this link: https://thehackernews.com/2019/08/we...y-hacking.html

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

Skaperen · 08-22-2019, 02:16 AM

Linux itself is too hard to hack so they have to use tricks like this to get in.

greencedar · 08-22-2019, 06:59 AM

Thanks for the article. Webmin released a new, clean, version to take care of the problem.

Quote:

Webmin developers have now removed the malicious backdoor in its software to address the vulnerability and released the clean versions, Webmin 1.930 and Usermin version 1.780.

Jan K. · 08-22-2019, 08:57 AM

From link:

Turkish researcher Özkan Mustafa Akkuş publicly presented a zero-day remote code execution vulnerability in the Webmin at DefCon on August 10, without giving any advance notice to the affected project maintainers.

Now why would he do it that way?

From his ("I know Hack and I believe in Hak. So...You have no chance :/"

) website's whoAmI:

His purpose is to provide added value to the world of cyber security...

Which sounds all fine and well, but that's not really the proper way to do that, is it?

JJJCR · 08-22-2019, 08:53 PM

In the old days, you brag and tell the whole world you crack or hack something.

Nowadays, you keep quite and enjoy the ride. LOL.

Of course, it's better to Abstain from every form of wickedness and that includes unethical hacking.