Highest Voted 'exploit' Questions - Server Fault Stack Exchange

0

votes

1 answer

What is this regular (every 120 seconds) HTTP 1.1 POST?

From several IP addresses my Apache 2.4 server got this entry turn in the logs. For the 88.* address I saw 178 entries. The timing interval is between 120 and 123 seconds, generally 122. 88.207.37.105 - - [20/May/2017:18:11:47 +0000] "POST /…

http-headers exploit

asked May 21 '17 at 10:07

Josh

181
1
8

0

votes

1 answer

How to prevent DOS attack on xmlrpc.php

We've been having trouble recently with a DOS attack on our main website, which is run using Apache httpd 2.2.9 and Drupal 6.35. The attack is a post to Dupal's xmlrpc.php, which is a known exploit which has been patched in recent versions of…

apache-2.2 .htaccess exploit xmlrpc

asked Apr 13 '16 at 14:29

Jack BeNimble

194
11

0

votes

1 answer

Exploit PHP File Found in /tmp directory

I have been alerted to by our system that a PHP shell has been found in the /tmp directory. Firstly - I would like to know how it could have got here and why it would be here - is there any way PHP can be executed at this level? Secondly it has…

php shell exploit

asked Feb 04 '15 at 07:16

Chris

1,289
2
18
34

0

votes

1 answer

Windows Vista, Win7 ASLR in Kernel land

Is ASLR also implemented for kernel land address space addresses? if yes, since which version of microsoft windows exactly? Thanks for your time.

windows security exploit

asked Sep 08 '09 at 11:43

Benjamin

147
1
1
6

0

votes

1 answer

OpenSSL certificates

Since the recent surfacing of the heartbleed exploit, I have become curious as to how long openssl certificates are usually kept before they are regenerated? Is it days, weeks, months, years? I can't seem to find a definitive answer. I realize that…

security openssl exploit

asked Apr 23 '14 at 18:42

ddaa

1

0

votes

1 answer

Ramnode was hacked SolusVM zero day exploit (what should I customer do?)

So, ramnode was compromised, some kid used zero day exploit to gain access and rm -rf. I'm really happy how ramnode team handled situation, finally my VPS was restored and it is back online. I've a question, and I need someone with experience to…

security exploit

asked Jun 17 '13 at 07:01

user113400

0

votes

1 answer

Windows Task Scheduler Security Issue

Using the Windows Task Scheduler allows non-administrator users to gain access to administrative rights. Normally, Windows prevents execute applications which need to have more rights. A message appears where the user has to confirm it. There is an…

security windows-7 task-scheduler exploit

asked Jul 17 '12 at 23:58

System.Data

183
1
6

0

votes

2 answers

Apache/PHP root exploit

Because of insecure handling of uploaded files, an attacker was able to run php code on my server (CentOS 5.4) That issue has been fixed, but while he was connected he appears to have modified a file which was owned by root (file perms 644),…

php apache-2.2 root hacking exploit

asked Nov 19 '11 at 18:09

anon coward

1
1
1

0

votes

1 answer

Protect against silent1.pl Perl Script

I operate a small shared hosting area. While I notice that people are unable/struggle to exploit with PHP I have found a small minority of people using Perl in order to obtain server information. So, to put it simply here is the question I would…

security shell perl exploit

asked May 08 '11 at 16:40

Chris

1,289
2
18
34

0

votes

1 answer

Apache trailing slash added to files problem

I am having a problem with Apache. What it does is this: Take /index.php file containing an code with src set to relative path myimg.jpg, both in the root of my server. So, www.mysite.com would show the image as would…

apache-2.2 security configuration exploit

asked Feb 23 '11 at 14:37

Francisc

153
1
3
11

0

votes

1 answer

grsecurity effieffectiveness test with latest proftpd remote exploit

i just tested grsecurity. i installed debian and a vulnerable version of proftpd. i launched an exploit. worked. patched the latest kernel with grsec. and now the exploit doesnt work anymore. BUT . wouldnt just a the new kernel alone cause the…

ftp exploit grsec

asked Jan 31 '11 at 21:03

baj

139
2
8

0

votes

2 answers

images security

How I can check all my images on server, they don't prepared with maulicious code ? I mean for example Gif PHP exploits and so on...

exploit vulnerabilities security

asked Oct 18 '10 at 12:08

astropanic

307
2
5
18

0

votes

1 answer

Has my Apache server been exploited?

I recently got the following in my server logs: 70.190.xxx.xx - - [26/Sep/2010:19:03:17 -0500]…

apache-2.2 logging exploit

asked Sep 27 '10 at 01:31

Jack

0

votes

1 answer

metasploit confusion

I'm using (Metasploit framework-3.4.0-linux-i686) under Kubuntu, and i'm the only Linux machine connected to my company network, so i was trying to let my boss know that our network is a big mess, and prove that using metasploit, witch i didn't use…

windows networking exploit

asked Jun 27 '10 at 06:19

Raafat

0

votes

1 answer

How Do I Secure WordPress Blogs Against Elemento_pcx Exploit?

I have a client who has several WordPress 2.9.2 blogs that he hosts. They are getting a deface kind of hack with the Elemento_pcx exploit somehow. It drops these files in the root folder of the blog: -rw-r--r-- 1 userx userx 1459 Apr 16 04:25…

permissions wordpress exploit attacks

asked May 04 '10 at 18:04

ServerChecker

1,518
2
14
35

Questions tagged [exploit]