I knew Windows 2000 was insecure, but damn
Eager as I am to learn relatively new skills, I recently converted an old Gateway PC I have from Windows98 to Windows 2000 Advanced Server running ColdFusion and IIS.
Did I download any patches, you ask? Any service packs, you inquire?
But of course not, as it has been less than 1 day and I just recently got SQL Server running an imported MySQL database. Upgrades and patches are for another time.
And just now, I attempted to view some rudimentary CFM files, and voila. This is the message I received:
HELLO! Welcome to http://www.worm.com !
Hacked By Chinese!
Wonderfuckingful. How do you un-hack Windows? Anyone? All my CFM files render this way. Rad.
Reader interactions
7 Replies to “I knew Windows 2000 was insecure, but damn”
Comments are closed.
ah ah ahh ahahahhah ahhahahah…
fuck windows, erase it and install linux, apache and Cold Fusion.
as for the unhacking… try erasing it… and then reinstalling and then service packing it to death.
If you run the current ColdFusion build on linux then you really are fucked. Man Kevin, it’s like you haven’t seen any news broadcasts in the past nine months or something.
here’s a link Code Red. use it and then patch the shit out of that mo’fo
Is this an IIS issue or a coldfusion issue? I have just installed AdvanceServer and IIS, CFMX and MS SQL. This machine is a bitch to control/maintain. If only all server apps could run on FreeBSD life would be grand. 30 minutes and the BSD server is locked down and secure. With AdvWin200 who the hell knows if it’s safe.
FreeBSD, Apache 2, Php, MySQL and portsentry……less then 1 hour. It’s and all day job with AdvWin2000.
Hi Kev – get all of MSFT’s patches, etc. – don’t have the exact URL handy, but try http://www.microsoft.com/security.
You’re seeing that on all pages because the worm’s residing in RAM and rewriting http requests.
Best thing I can recommend is to remove all script mappings, except *.ASA and *.ASP. Especially IDQ/HTR/etc.