Some *attacks* i've seen on my site lately
Posted 03 November 2002 - 08:31 PM
The main one I see most often has to be directory transversal, i.e. ../ on the end of a URL string pointing to stuff like the unix password file, such as http://www.rootsecur...../passwordfile
Also I’v seen people adding web addresses on the end of URL’s such as:
http://www.rootsecur.../www.google.com im guessing in an attempt to include external code in order to execute it, or use the site as a proxy.
However to my knowledge PHP is most susceptible to this, as Perl does not have an “include” function (which includes, and then executes external code).
(My site was never vulnerable to these attacks.) But since seeing quite a few recently I changed my code from simply filtering them to in the case of directory transversal to displaying a custom message, and in the case of trying to use the site as a proxy I made it so the site they requested is displayed to them in a framed windows - so it looks like what they were trying worked
Posted 03 November 2002 - 11:29 PM
<!-- Im guessing you were trying to either execute external code or use the site as a proxy -->
<!-- If you were trying to get the site to execute your off-site code your out of luck! -->
<!-- Otherwise Rootsecure.net is no proxy server - go look elsewhere! -->
<!-- nick84 - (security concious coder of Rootsecure.net) -->
HAHAHA!! Very funny! I love this kind of stuff!
BinRev is hosted by the great people at Lunarpages!