Wayne Weedon Posted November 7, 2010 Posted November 7, 2010 See this is my Apache logs today. They are perhaps using open proxy's or compromised servers to route this as the IP changes 2 hits per IP. No signs of any damage anyway. 94.124.120.17 - - [07/Nov/2010:15:05:20 +0000] "GET /catalog//index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.76" 94.124.120.17 - - [07/Nov/2010:15:05:21 +0000] "GET //index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.76" 189.126.103.207 - - [07/Nov/2010:15:06:52 +0000] "GET /catalog//index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.808" 189.126.103.207 - - [07/Nov/2010:15:06:52 +0000] "GET //index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.808" 207.58.138.162 - - [07/Nov/2010:15:09:42 +0000] "GET /catalog//index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.805" 207.58.138.162 - - [07/Nov/2010:15:09:43 +0000] "GET //index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.805" 94.23.48.205 - - [07/Nov/2010:15:14:35 +0000] "GET /catalog//index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.803" 94.23.48.205 - - [07/Nov/2010:15:14:35 +0000] "GET //index2.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 1246 "-" "libwww-perl/5.803"
tigergirl Posted November 8, 2010 Posted November 8, 2010 I've seen it too - see this post for more info I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire
burt Posted November 8, 2010 Posted November 8, 2010 Joomla (have you this on your website hosting), and they are trying to do a directory traversal "hack".
tigergirl Posted November 8, 2010 Posted November 8, 2010 Joomla (have you this on your website hosting), and they are trying to do a directory traversal "hack". Gary, cpanel offers it on my host but I don't have it installed - is this something I need to get fixed? What's a "directory traversal "hack"." ? I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire
burt Posted November 8, 2010 Posted November 8, 2010 http://en.wikipedia.org/wiki/Directory_traversal If it is not installed, I would not worry about it. Have you tried opening the URL yourself to see what happens? It is giving a 404, which means not found. Hence no worries.
tigergirl Posted November 8, 2010 Posted November 8, 2010 http://en.wikipedia....ctory_traversal If it is not installed, I would not worry about it. Have you tried opening the URL yourself to see what happens? It is giving a 404, which means not found. Hence no worries. googled and found that but still confusing. I got a 200 not a 404 - do I need to worry? I do have Security PRO.... I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.