Jump to content

- - - - -

Some *attacks* i've seen on my site lately

  • Please log in to reply
2 replies to this topic

#1 nick84



  • Agents of the Revolution
  • 1,680 posts
  • Gender:Male

Posted 03 November 2002 - 08:31 PM

Just thought I’d post some info on the “attacks” I have seen people attempt on my website lately:

The main one I see most often has to be directory transversal, i.e. ../ on the end of a URL string pointing to stuff like the unix password file, such as http://www.rootsecur...../passwordfile

Also I’v seen people adding web addresses on the end of URL’s such as:
http://www.rootsecur.../www.google.com im guessing in an attempt to include external code in order to execute it, or use the site as a proxy.
However to my knowledge PHP is most susceptible to this, as Perl does not have an “include” function (which includes, and then executes external code).

(My site was never vulnerable to these attacks.) But since seeing quite a few recently I changed my code from simply filtering them to in the case of directory transversal to displaying a custom message, and in the case of trying to use the site as a proxy I made it so the site they requested is displayed to them in a framed windows - so it looks like what they were trying worked :rules:

#2 W1nt3rmut3


    Phreak Scout

  • Agents of the Revolution
  • 321 posts

Posted 03 November 2002 - 08:53 PM

very l33t.

#3 StankDawg


    same old Dawg, no new tricks

  • Moderating Team
  • 8,110 posts
  • Gender:Male
  • Country:

Posted 03 November 2002 - 11:29 PM

<!-- Im guessing you were trying to either execute external code or use the site as a proxy -->
<!-- If you were trying to get the site to execute your off-site code your out of luck! -->
<!-- Otherwise Rootsecure.net is no proxy server - go look elsewhere! -->
<!-- nick84 - (security concious coder of Rootsecure.net) -->

HAHAHA!! Very funny! I love this kind of stuff!

BinRev is hosted by the great people at Lunarpages!