Last post Aug 04, 2011 12:45 PM by GPankaj
Jul 29, 2011 03:47 PM|aous77|LINK
My system logged an interesting URL that i am not sure if it’s an attack of some sort or just a site crawler gone haywire.
It logged multiple instances of a valid URL with the following querystring params added with a small variation
and so on
Some of my online search returned articles related to a Joomla exploit. Luckily I am not running Joomla and after checking for various common exploits I was glad to find out that no harm was done. Nevertheless I am asking on this forum:
Anyone knows anything about this? Are there any preventive measures that I should take?
Help is greatly appreciated
Jul 29, 2011 03:57 PM|tehremo|LINK
Definitely a hack attempt, and looks like its a Linux issue. Being that you are posting on an ASP.NET forum, I'll assume this is not an issue for you.
Jul 29, 2011 04:13 PM|aous77|LINK
yes you are correct i am not running linux.
so i guess there is nothing much to be done about this.
Aug 04, 2011 12:45 PM|GPankaj|LINK
What is the version of IIS and .Net framework you are working on or the site is developed.
This is an example of Directory traversal attack. You can ensure the following
First of all, ensure you have installed the latest version of your web server software, and sure that all patches have been applied.
Secondly, effectively filter any user input. Ideally remove everything but the known good data and filter meta characters from the user input. This will ensure that only what should be entered in the field will be submitted to the server.