Jump to content

Archived

This topic is now archived and is closed to further replies.

Mort-lemur

Whos Online - Strange URL

Recommended Posts

Hi,

 

Just saw the following as the url of a visitor on my site:

redirect.php?action=banner&goto=http://crashynews.wordpress.com/2013/03/31/crash-of-the-mutants-leaked-info1/ 

What is this and what are they trying to do?

 

Thanks


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites

@@Harald Ponce de Leon

 

Thanks Harald - so it was something "sniffing" for security flaws?

 

The IP address was china


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites

i have regular visitors looking for wordpress security flaws - no wordpress installed on my site (w00t)


KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Share this post


Link to post
Share on other sites

It's not a security flaw. It just allowed someone to post a link of your redirect url that would then redirect to the url specified.

 

I just looked into the code history and could not find this for the "banner" action. What I was referring to was with the "url" action that was fixed in 2.2MS2-051112 (from 2005). The "url" action is used on the product information page if a product url was entered.

 

The banner url you received is probably from a fork.


:heart:, osCommerce

Share this post


Link to post
Share on other sites

×