lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 00:20:57 -0400
From: Michael Baker <michael@...ttlecorp.com>
To: Thomas Lußnig <lussnig@...he.org>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] New PHP-Attack Vector ?

Seems to be a shopping cart software.  A quick dork for that URI yields a
lot of results that seem to be susceptable to various well-known attack
vectors via a couple of quick (&harmless) manual checks.

- Mike


On Mon, Apr 14, 2014 at 5:29 PM, Thomas Lußnig <lussnig@...he.org> wrote:

> In the last few days i see more and more scan's for an new php url
> "/phpTest/zologize/axa.php" i never seen before on the server.
> I think this can be an preparation for an new attack. Is there anything
> known about this url and possible defects ?
>
> Information: No Header is send with the request and no Query Parameter
> is send.
>
> IP's that Scanned the URL:
> 61.230.22.153
> 54.200.15.115
> 61.19.83.194
> 103.13.30.157
> 109.184.190.223
> 219.144.196.190
> 219.90.114.133
> 221.215.217.106
> 140.116.102.61
>
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
>

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists