Jump to content

* * * * * 1 votes

Simple Investigation of Remote-File-Include Attempts

  • Please log in to reply
No replies to this topic

#1 McGrewSecurity


    SUPR3M3 31337 Mack Daddy P1MP

  • Agents of the Revolution
  • 338 posts
  • Location:Starkville, MS

Posted 04 October 2007 - 01:27 AM

I noticed a few attempts in my logs at attacking my site, where the source scanned for some RFI vulnerabilities (and did so very poorly). I decided to use it as an example for my readers, to see how a few simple techniques can be applied to take a few simple log entries and build up a reasonable profile of the attack and attackers. I have a short writeup and I have posted it to my site:


I figured this would be of interest to at least a handful of people here.

BinRev is hosted by the great people at Lunarpages!