1
peterr
What were these hackers trying to do ?
  • 2004/11/14 23:28

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Hi,

Picked up three '404's from the web server logs, and I'm simply interested in what these website abuse attempts were trying to do. The url's were:

http://www.example.com/templates_c/_tpl_vars['xoops_imageurl']; ?>logo.gif

http://www.example.com/templates_c/_tpl_vars['xoops_url']; ?>/xoops.css

http://www.example.com/templates_c/_tpl_vars['xoops_themecss']; ?>

Obviously they found out the site is running XOOPS, and there is a /templates_c path, but they won't be able to pass PHP code like like, a bit like attempting a passthru.

Sigh, ... some people have got nothing better to do. LOL

Peter

2
Eugney
Re: What were these hackers trying to do ?
  • 2004/11/15 0:07

  • Eugney

  • Not too shy to talk

  • Posts: 162

  • Since: 2004/7/25


......templates_c always exist on XOOPS it is like the chache lol

3
peterr
Re: What were these hackers trying to do ?
  • 2004/11/15 0:46

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Hi,

Quote:

Eugney wrote:
......templates_c always exist on XOOPS it is like the cache


Yes, I did already state...

Quote:
there is a /templates_c path,


and I know what the path is for, but my subject, is a question.

Peter

4
leonsmy
Re: What were these hackers trying to do ?
  • 2004/12/6 8:36

  • leonsmy

  • Just popping in

  • Posts: 6

  • Since: 2004/12/4


I'm pretty new to Xoops, but have used PHP-Nuke for years. In the log in PHP-Nuke, 404 Page errors can be someone fishing for ways to hack, but quite unlikely. It's probably more to the fact that the person trying to login to your site using the cache was for some reason unable to load the page they previously were on.

Could be a number of reasons:

server popular and bandwidth could have been stretched or the user is using a slow machine and timed out before they were able to load the screen.

An idea to stop these from happening is to bounce users directly from a 404, 403 and even 500 Error Page straight to your Homepage.

This can be configured quite easily using CPanel. I believe .htaccess is able to do this as well.

Hope that helps

5
Herko
Re: What were these hackers trying to do ?
  • 2004/12/6 11:48

  • Herko

  • XOOPS is my life!

  • Posts: 4238

  • Since: 2002/2/4 1


Since Smarty translates Smarty tags into PHP, it could very well be errors in pages (not completely loaded etc.) that generate these 404 errors. So not by definition done by hackers.

Herko

Login

Who's Online

319 user(s) are online (260 user(s) are browsing Support Forums)


Members: 0


Guests: 319


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits