Advertisements

Wallet Manager Code Update

It is with great pain that I have to announce that my wallet manager code was compromised at an unknown time in the past. I haven’t spent too much time doing computer forensics because I believe that I was compromised on a previous VM that hosted my site in 2011, which has since been deleted in favor of a OS refresh.

Details about the compromise can be found on this stackoverflow.com post. If you have downloaded and are running a copy of my Wallet Manager, you will want to look at files in the /protected/models/ directory for the exploit code.

Going forward I am going to publish the Wallet Manager code to a public GitHub repository. My goal will be to secure the code, make it open source, and enable community contributions.

Advertisements

6 Comments on “Wallet Manager Code Update”

  1. Arionos says:

    Never seen your wallet manager but always good to see someone choosing the open source route. Good luck with the bug hunting.

  2. That’s not good at all, makes me glad I’ve just ran it internally rather than on my main site. Thanks for letting us know though and hope to see it on GitHub soon! 🙂

  3. ray says:

    how can i get a copy of the Wallet Manager ?

  4. dimmyrez says:

    Any way we can get our hands on the code?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s