Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
blith
Client


Joined: Jul 18, 2003
Posts: 977

PostPosted: Fri Dec 02, 2005 9:30 am Reply with quote

Why would someone try to see these files?
Code:
File does not exist: /home/*******/public_html/MSOffice/cltreq.asp

File does not exist: /home/*******/public_html/_vti_bin/owssvr.dll
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Fri Dec 02, 2005 9:35 am Reply with quote

Yep. But only a problem if you use a winblows server ROTFL
 
View user's profile Send private message
blith
PostPosted: Fri Dec 02, 2005 9:38 am Reply with quote

Thanks Raven. Sentinel did not stop this. Another thing these came from an IP at Ft Campbell. Right on the base!!
 
Raven
PostPosted: Fri Dec 02, 2005 9:54 am Reply with quote

NukeSentinel is not supposed to stop that. NukeSentinel guards against XSS and SQL injections. Not winblows exploits.
 
blith
PostPosted: Fri Dec 02, 2005 10:32 am Reply with quote

Thank you kind sir!
 
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Fri Dec 02, 2005 4:17 pm Reply with quote

blith
Be happy if you have only these two 404 files because there are a lot more. I found in my logfile analyzer e.g.:


/MSOffice/cltreq.asp
/_vti_inf.html
/_vti_bin/shtml.exe/_vti_rpc
/_vti_bin/_vti_aut/author.exe
/_vti_bin/_vti_aut/author.dll



But there are many results in "google" about this. See also: Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
blith
PostPosted: Fri Dec 02, 2005 4:30 pm Reply with quote

Susann wrote:
blith
Be happy if you have only these two 404 files because there are a lot more. I found in my logfile analyzer e.g.:


/MSOffice/cltreq.asp
/_vti_inf.html
/_vti_bin/shtml.exe/_vti_rpc
/_vti_bin/_vti_aut/author.exe
/_vti_bin/_vti_aut/author.dll



But there are many results in "google" about this. See also: Only registered users can see links on this board! Get registered or login!


Oh so this is not a bad thing... okay cool

Quote:
Friendly. You're being visited by a user who has installed Microsoft Office and Internet Explorer, and who has enabled the "Discuss" toolbar in his browser. When that toolbar is enabled, the browser will automatically query for these two files when visiting each site, to determine whether the Office Server Extensions are installed.
 
Susann
PostPosted: Fri Dec 02, 2005 4:34 pm Reply with quote

Yes its not bad like others e.g. /ultramode.txt/xmlrpc.php

xmlrpc.php found this also in my analyzer. It´s no security risk for php-nuke and wordpress if I remember correctly but for some other cms.


I find the 404 files always interesting.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©