Mort-lemur Posted November 1, 2014 Share Posted November 1, 2014 Hi, Just saw the following as the url of a visitor on my site: redirect.php?action=banner&goto=http://crashynews.wordpress.com/2013/03/31/crash-of-the-mutants-leaked-info1/ What is this and what are they trying to do? Thanks Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted November 1, 2014 Share Posted November 1, 2014 A really old OSCOM release redirected to the goto url without verifying if it was assigned to a banner. , osCommerce Link to comment Share on other sites More sharing options...
Mort-lemur Posted November 1, 2014 Author Share Posted November 1, 2014 @@Harald Ponce de Leon Thanks Harald - so it was something "sniffing" for security flaws? The IP address was china Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
♥bruyndoncx Posted November 1, 2014 Share Posted November 1, 2014 i have regular visitors looking for wordpress security flaws - no wordpress installed on my site (w00t) KEEP CALM AND CARRY ON I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support). So if you are still here ? What are you waiting for ?! Find the most frequent unique errors to fix: grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted November 2, 2014 Share Posted November 2, 2014 It's not a security flaw. It just allowed someone to post a link of your redirect url that would then redirect to the url specified. I just looked into the code history and could not find this for the "banner" action. What I was referring to was with the "url" action that was fixed in 2.2MS2-051112 (from 2005). The "url" action is used on the product information page if a product url was entered. The banner url you received is probably from a fork. , osCommerce Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.