Jump to:

17452 Posts in 4473 Topics by 1971 members

Archive

SilverStripe Forums » Archive » Hacking Attempt Targeting Silverstripe Files

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 1041 Views
  • HansR
    Avatar
    Community Member
    140 Posts

    Hacking Attempt Targeting Silverstripe Files Link to this post

    This morning I had what appears to be an hour-long attempt to hack in to my website using code-injection exploits (see here for details). What makes this one different from all the other attempts that I've noticed so far is that they were targeting Silverstripe files (e.g., SSViewer.php). It looks like it failed, but perhaps someone with a bit more knowledge of Silverstripe's internals could take a closer look as to whether any of these attempts could work with a poorly configured server. The full log is available here.

    Basically, I'd like to know if this was a lame attempt, or if they might have found something.

    Hans

  • Ingo
    Avatar
    Forum Moderator
    801 Posts

    Re: Hacking Attempt Targeting Silverstripe Files Link to this post

    Sorry for the delayed answer, and thanks for providing a detailed description+log.

    You're right, it looks like somebody picked specific core Silverstripe files with variables which actually exist in those files. I would still say its a script that takes variables as GET parameters on all executable files in a software project. Perhaps for the remote chance that somebody still has "register_globals" directive turned on (which was turned off default starting from PHP 4.2).

    So doesn't seem like a targeted attack, just a script trying its luck...

    1041 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.