Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

ArtcoInc

Search exploit ?

Recommended Posts

One of my shops has been getting MANY searches for the expressions "2022" and "2023" (without the quote signs), all from many different IP addresses.

Is anyone aware of an exploit effort searching for these terms? Or, does anyone know why these searches are being made?

TIA

Malcolm

Share this post


Link to post
Share on other sites

I have seen them recently on my site, don't know anything further about it. I use security pro to help with search exploits.

Share this post


Link to post
Share on other sites
6 hours ago, ArtcoInc said:

MANY searches for the expressions "2022" and "2023"

I have seen any like that. If the numbers are part of something else, it might be that they are looking for hacker scripts, which sometimes have the year in the name, or backups that sites do, like mysql_dump_2022.sql. If it is just the number, like ...com/index,php?2022 it is useless and not anything to worry about.


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

@Jack_mcs Thank you. Here's a sample of the Who's Online page ...

 

00:02:520Guest207.46.13.21008:28:5508:28:55/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 

00:11:100Guest207.46.13.15508:20:3708:20:37/catalog/advanced_search_result.php?search_in_description=1&keywords=2022 

00:24:420Guest207.46.13.15508:07:0508:20:34/catalog/advanced_search.php?search_in_description=1& 

00:12:080Guest207.46.13.4508:19:3908:29:36/catalog/advanced_search_result.php?search_in_description=1&keywords=2022 

00:00:500Guest40.77.167.7408:30:5708:30:57/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 

00:03:200Guest40.77.167.7408:28:2708:28:27/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 

 

Malcolm

Share this post


Link to post
Share on other sites
1 hour ago, ArtcoInc said:

Here's a sample of the Who's Online page

I don't remember if whos online shows the full parameter list. I seem to recall that it didn't in some cases. But if what you show is the full list then they are just normal searches for 2022 and 2023. It wouldn't gain a hacker anything to do such a search unless there was hacker code in the shop with those in it, which seems unlikely.  Could it be that your product line would contain either of those and people are just searching for the latest version? 


Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Need Help? See this thread and provide the information requested.

How to Upgrade to the latest version

Recommended SEO Addons

Share this post


Link to post
Share on other sites

@Jack_mcs Thank you again.

I can view the search history in this shop (I have an add-on installed), and I see that this all started around April 25. Since then, there have been over 400 searches for either 2022 or 2023. And other than the Date Available field, I don't think that there is anything in the part listing that refers to a date, or these numbers.

Going through the Search Log, I see that the actual search is for "2022" or "2023" (without the quotes). In the log, I have history of longer, multi-word searches (including some obvious exploit attempts).

So, yea.

Thanks again!

Malcolm

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×