Hacking attempt?

everchanging · April 21, 2018, 01:51:02 PM

Hi Guys I have a question:

While looking at reports > customers > online and looking at the Url Accessed I see the following:

Code Select


....&currency=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00

Is it me or is this a hacking attempt?
If so, is there reason for concern?

abantecart · April 21, 2018, 02:07:09 PM

There are many robot computers that run hack attempts based on know vulnerabilities in known applications.
They first try to detect type of application and apply some hack. If it succeeds, they penetrate the system.

Based on what you posted, it is not a problem, but can you share entire request?

everchanging · April 21, 2018, 02:41:16 PM

Hi

the request looks like this:

Code Select


[b].......(folder of abantecart)...[/b]/index.php?rt=product/product&product_id=142&currency=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00

while the previous attempt looked like this:

Code Select


index.php?rt=product/product&product_id=142&currency=../../../../../../../etc/passwd

abantecart · April 22, 2018, 07:39:17 AM

These are attempts to grab your password file from the system. It will not happen.

everchanging · April 22, 2018, 11:27:04 AM

OK... good to know

Thank you for your replies and clarifications

News:

Hacking attempt?

everchanging

abantecart

everchanging

abantecart

everchanging