Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Possible attack on my site?


GeorgeP

Recommended Posts

I got A LOT of requests like:

 

 

mydomain.com/CB376A--hp-cb376a-multifunctionala-m1005-a4/ ';var%20midStr%20=%20'/';var%20midStr%20=%20'/images/infobox/';var%20midStr%20=%20'/images/infobox/images/infobox/images/infobox/';var%20midStr%20=%20'/';var%20midStr%20=%20'/';var%20midStr%20=%20'/images/infobox/';var%20midStr%20=%20'/';var%20midStr%20=%20

 

from one IP address.... is this guy attacking me or something ???

I tried to put that in my browser but I just get a normal page.

The normal URL is : mydomain.com/CB376A--hp-cb376a-multifunctionala-m1005-a4

is the rest an attack ???

Link to comment
Share on other sites

it happend again from another ip.... 80megs of transfer.... what the... ?????

 

Check the folder catalog/images/infobox

 

All that should be in there (std osC) is 4 images

Link to comment
Share on other sites

The %20 is url character coding - stands for a space.

So it reads:

var midStr = '/';var midStr = '/images/infobox/';

 

May be hotlinking..

 

you could try and change the name of the directory:

catalog\images\infobox

then apply the changes to page:

catalog/includes/classes/boxes.php

 

such as:

catalog\images\infoboxes

 

Then on page 'catalog/includes/classes/boxes.php' Line:105

$left_corner = tep_image(DIR_WS_IMAGES . 'infobox/corner_left.gif');

Change to:

$left_corner = tep_image(DIR_WS_IMAGES . 'infoboxes/corner_left.gif');

And all other like paths on this page..

 

See if it happens again..

Lloyd

Link to comment
Share on other sites

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...