Jump to content


Photo
* * * * * 1 votes

Simple Investigation of Remote-File-Include Attempts


  • Please log in to reply
No replies to this topic

#1 McGrewSecurity

McGrewSecurity

    SUPR3M3 31337 Mack Daddy P1MP

  • Agents of the Revolution
  • 338 posts
  • Location:Starkville, MS

Posted 04 October 2007 - 01:27 AM

I noticed a few attempts in my logs at attacking my site, where the source scanned for some RFI vulnerabilities (and did so very poorly). I decided to use it as an example for my readers, to see how a few simple techniques can be applied to take a few simple log entries and build up a reasonable profile of the attack and attackers. I have a short writeup and I have posted it to my site:

http://www.mcgrewsec....com/blog/?p=65

I figured this would be of interest to at least a handful of people here.




BinRev is hosted by the great people at Lunarpages!