Security Basics mailing list archives
Re: Weird HTTP request
From: Alexander Meesters <a.meesters () sansyl com>
Date: Fri, 06 Apr 2012 00:47:36 +0200 (CEST)
i cannot see anything evil in this patch of code: http://www.domain.com/wp-content/plugins/sociable-30/addtofadexOf(c_name + "= "); if(c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf( "; ",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); } }return " "; } </script> <script type="text/javascript" language="javascript"> var countDownInterval=10*60; //secondsvar countDownTime=countDownInterval+1;//countdownfunction function countDown(){ countDownTime--; if (countDownTime <=0){ countDownTime=countDownInterval; clearTimeout(counter); window.location.reload(); return; } if(document.all){ //if IE 4+// document.all.countDownText.innerText = countDownTime+ " "; } elseif(document.getElementById) { //elseif NS6+// document.getElementById("countDownText").innerHTML=countDownTime+ " "; } counter=setTimeout("countDown()", 1000); }//toggle function function toggleRefresh(onoff){ if (onoff=="off") { clearTimeout(counter); mycmd ="norefresh"; } else { countDownTime=countDownInterval+1; countDown(); mycmd = "yesrefresh"; }//update classes //reset classes to orginal document.getElementById But then again, its not the full request... start en end tags are missing... ----- Oorspronkelijk bericht ----- Van: "Stephanus J Alex Taidri" <securityfocus.ae () taidri com> Aan: security-basics () securityfocus com Verzonden: Donderdag 5 april 2012 19:23:19 Onderwerp: Re: Weird HTTP request This is a WordPress injection attack attempt. On Thu, Apr 5, 2012 at 10:29 PM, J M <jerome.m () gmail com> wrote:
Hi ALL, i was wondering if someone has an idea what the URL request does... http://www.domain.com/wp-content/plugins/sociable-30/addtofadexOf(c_name%20+%20%22=%22);%20%20if%20(c_start!=-1)%20%20%20%20%7B%20%20%20%20%20c_start=c_start%20+%20c_name.length+1;%20%20%20%20%20c_end=document.cookie.indexOf(%22;%22,c_start);%20%20%20%20if%20(c_end==-1)%20c_end=document.cookie.length;%20%20%20%20return%20unescape(document.cookie.substring(c_start,c_end));%20%20%20%20%7D%20%20%20%7Dreturn%20%22%22;%7D%3C/script%3E%3Cscript%20type=%22text/javascript%22%20language=%22javascript%22%3Evar%20countDownInterval=10*60;%20//secondsvar%20countDownTime=countDownInterval+1;//countdown%20functionfunction%20countDown()%7BcountDownTime--;if%20(countDownTime%20%3C=0)%7BcountDownTime=countDownInterval;clearTimeout(counter);window.location.reload();return;%7Dif%20(document.all)%7B%20//if%20IE%204+//document.all.countDownText.innerText%20=%20countDownTime+%22%20%22;%7D%20else%20if%20(document.getElementById)%20%7B%20//else%20if%20NS6+//document.getElementById(%22countDownText%22).innerHTML=countDownTime+%22%20%22;%7Dcounter=setTimeout(%22countDown()%22,%201000);%7D//toggle%20functionfunction%20toggleRefresh(onoff)%7Bif%20(onoff==%22off%22)%20%7BclearTimeout(counter);mycmd%20=%20%22norefresh%22;%7D%20else%20%7BcountDownTime=countDownInterval+1;countDown();mycmd%20=%20%22yesrefresh%22;%7D//update%20classes//reset%20classes%20to%20orginaldocument.getElementById tia, ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Weird HTTP request J M (Apr 05)
- Re: Weird HTTP request Pierre Jaury (Apr 05)
- Re: Weird HTTP request Patrick Laverty (Apr 05)
- Re: Weird HTTP request E M (Apr 05)
- Re: Weird HTTP request Andre Silaghi (Apr 09)
- Re: Weird HTTP request E M (Apr 05)
- Re: Weird HTTP request Stephanus J Alex Taidri (Apr 05)
- Re: Weird HTTP request Henri Salo (Apr 09)
- <Possible follow-ups>
- Re: Weird HTTP request Alexander Meesters (Apr 09)