Fckeditor trolling


Finding several ip addresses on several websites seaching for fckeditor. If your using this software you should very seriously consider putting it behind and password protected .htaccess subdirectory. Here is a youtube video on how to crack your website.

Damned trolls…


I’ve seen the requests for it in my logs for a while, but I’ve never looked into it. Thanks for pointing out the video. It seems to be a fairly old bug (http://www.securityfocus.com/archive/1/513422/30/0/threaded), so updated software should be fine. In fact, it’s not even a bug as much as it’s poorly thought out. It seems to originally be designed as a convenience feature…

Anyway, note the OS in the video. I it’s called BackTrack Linux which is a flavour of Ubuntu loaded with tools for penetration testing / hacking. Good to play around with if you really want to get a feel for who you might be dealing with when running a website.