This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Hacking Attempt Targeting Silverstripe Files

2 Posts 1371 Views

HansR

Community Member, 141 Posts

29 August 2008 at 6:16am

This morning I had what appears to be an hour-long attempt to hack in to my website using code-injection exploits (see here for details). What makes this one different from all the other attempts that I've noticed so far is that they were targeting Silverstripe files (e.g., SSViewer.php). It looks like it failed, but perhaps someone with a bit more knowledge of Silverstripe's internals could take a closer look as to whether any of these attempts could work with a poorly configured server. The full log is available here.

Basically, I'd like to know if this was a lame attempt, or if they might have found something.

Hans

Ingo

Forum Moderator, 801 Posts

12 September 2008 at 4:31am

Sorry for the delayed answer, and thanks for providing a detailed description+log.

You're right, it looks like somebody picked specific core Silverstripe files with variables which actually exist in those files. I would still say its a script that takes variables as GET parameters on all executable files in a software project. Perhaps for the remote chance that somebody still has "register_globals" directive turned on (which was turned off default starting from PHP 4.2).

So doesn't seem like a targeted attack, just a script trying its luck...

Return to top