Fckeditor trolling


#1

Finding several ip addresses on several websites seaching for fckeditor. If your using this software you should very seriously consider putting it behind and password protected .htaccess subdirectory. Here is a youtube video on how to crack your website.

Damned trolls…


#2

I’ve seen the requests for it in my logs for a while, but I’ve never looked into it. Thanks for pointing out the video. It seems to be a fairly old bug (http://www.securityfocus.com/archive/1/513422/30/0/threaded), so updated software should be fine. In fact, it’s not even a bug as much as it’s poorly thought out. It seems to originally be designed as a convenience feature…

Anyway, note the OS in the video. I it’s called BackTrack Linux which is a flavour of Ubuntu loaded with tools for penetration testing / hacking. Good to play around with if you really want to get a feel for who you might be dealing with when running a website.