Results 1 to 2 of 2

Thread: Someone trying to hack our server "/index.php?option=../../etc/passwd"

  1. 24-02-2010, 04:18 PM #1
    icanhazburger
    icanhazburger is offline
    Senior Member
    Join Date
    Sep 2007
    Posts
    409
    Thanks
    7
    Thanked
    32 times in 12 posts
    • icanhazburger's system
      • Motherboard:
      • Foxconn 946GZ7MA/946PL7MA Series
      • CPU:
      • DualCore Intel Core 2 Duo E6400
      • Memory:
      • 2 gig DDR2-667
      • Storage:
      • 320gig Baracuda II
      • Graphics card(s):
      • 7900 GS vc3600 cooler
      • PSU:
      • 600w
      • Case:
      • Something with a 25cm fan
      • Monitor(s):
      • 1 x 22"w 1 x 19"
      • Internet:
      • Pipex Max :(

    Red face Someone trying to hack our server "/index.php?option=../../etc/passwd"

    Hi all, one of our clients has got a Joomla (yuck, not our choice) website hosted on our server.

    It's a windows server and earlier today their site kept on becoming unavaliable. I checked task manager on the server and their app pool was taking 100% cpu! I downloaded and ran IISPeek and found the following 2 url requests were causing the problem, I then blocked the ip range these were coming from and normality was restored.



    As its a Windows server the file they are trying to locate is obviously not going to exist. But it was causing the site to crash.

    So my question is - Can I block those url requests or stop the server from trying to process them?
    In the internets, no one can hear you sarcasm.
    Reply With Quote Reply With Quote
  2. 27-02-2010, 11:58 AM #2
    .walls
    .walls is offline
    Registered+
    Join Date
    Jul 2009
    Posts
    70
    Thanks
    9
    Thanked
    19 times in 16 posts

    Re: Someone trying to hack our server "/index.php?option=../../etc/passwd"

    You can use URLScan to disable unsafe characters (such as the double period). It's part of the IIS lockdown tool.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Looking Through Windows
    By Paul Adams in forum Software
    Replies: 16
    Last Post: 19-10-2018, 09:07 AM
  2. Best Network Print Server? Linux?
    By joshwa in forum Software
    Replies: 17
    Last Post: 12-07-2008, 08:57 AM
  3. Building a server for hosting database driven websites
    By jjmax in forum Software
    Replies: 5
    Last Post: 26-04-2008, 06:45 PM
  4. VPN Server 2003 and DG834GT
    By pcpower in forum Networking and Broadband
    Replies: 1
    Last Post: 21-08-2007, 08:37 PM
  5. Building a Home Server....
    By EtheAv8r in forum PC Hardware and Components
    Replies: 1
    Last Post: 08-12-2004, 08:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules