amelierosalyn.com

Stop that

• Posted on 28th June 2007 at 22:28
• · Tagged: Rambling, Rants, Security, Site

From my error logs today:

/tag/security/protection.php?action=logout &siteurl=hackyfile.txt
/protection.php?action=logout &siteurl=hackyfile.txt
/protection.php?action=logout &siteurl=hackyfile.txt
/protection.php?action=logout &siteurl=hackyfile.txt
/protection.php?action=logout &siteurl=hackyfile.txt
/tag/protection.php?action=logout &siteurl=hackyfile.txt
/tag/phpaskit/page/2/protection.php?action=logout &siteurl=hackyfile.txt
/tag/phpaskit/page/protection.php?action=logout &siteurl=hackyfile.txt
/tag/php/page/2/protection.php?action=logout &siteurl=hackyfile.txt
/tag/php/page/2/protection.php?action=logout &siteurl=hackyfile.txt
/tag/php/page/2/protection.php?action=logout &siteurl=hackyfile.txt

(etc., etc... Each page was done about 4 times, and in total 200 hacky attempts were made)

Dear hackers,

I would have thought that with all the 404s you're getting that you would at least give up. I don't have anything to do with any files called protection.php on my site and scouring every single link trying to hack me is a waste of time.

Go away.

No love,
Me.

Comments (11)

1. Bastards aren't they? ;)

   You realise that they're trying to use an arbitary code execution flaw found in several Codegrrl.com products a couple of years ago?

   Paul Enderson on 29/06/2007 at 1:56

2. Oh I know very well what they're trying to do... I blogged about it a couple of days ago, hehe.

   Though this proves people are still using those insecure scripts. If this isn't a warning that they'll be hit then I don't know what is...

   Amelie on 29/06/2007 at 5:37

3. Sometimes it takes something like this to 'scare' people in to reacting to a potential problem that they would otherwise have ignored! ;)

   Paul Enderson on 29/06/2007 at 9:50

4. Ah, I remember when my whole server was hacked. I could have cried, especially because I was a fool and didn't have any back-ups.

   Amber on 29/06/2007 at 12:09

5. I realize that Paul has beaten me to what I was going to say. Seeing a file called "protection" immediately made me think of CodeGrrl scripts, since they have (well, had) such a file in their scripts. Maybe you've been associated with them because of PHPAskIt (zomg it's lyke tutally insekiore).

   Julie on 30/06/2007 at 0:57

6. ^ zomg yeah i kno!1111111!1one

   Amelie on 30/06/2007 at 0:58

7. "If this isn't a warning that they'll be hit then I don't know what is" — people at TFL get hacked using phpFanBase and yet continue installing it. There's no helping some.

   Jem on 30/06/2007 at 22:23

8. ^ Yeah, but they're idiots (just those who think PHPFB is awsum!11, not all TFL members).

   Amelie on 30/06/2007 at 22:26

9. Eh. That sucks man! Damn hackers >:[

   Matt on 1/07/2007 at 0:12

10. I hate hackers.

    I really don't see the point of them, since they don't gain anything from hacking personal sites.

    Jane on 3/07/2007 at 0:38

11. Ug. 200 hacky attempts. Idiotic.

    Shannon on 3/07/2007 at 2:22

← Previous entry: What not to do on the internet | Next entry: Strange search queries →