[CentOS] decode http hack attempt?
Tony Mountifield
tony at softins.co.uk
Thu Sep 24 13:53:25 UTC 2015
In article <e4bd3a73fc95477064436043eb8a37ed.squirrel at webmail.harte-lyne.ca>,
James B. Byrne <byrnejb at harte-lyne.ca> wrote:
> Can anyone de-cypher the second entry for me?
>
> --------------------- httpd Begin ------------------------
>
>
> Requests with error response codes
> 403 Forbidden
> /: 9 Time(s)
> /?c=4e5e5d7364f443e28fbf0d3ae744a59a: 3 Time(s)
>
> I have found the string via Google but have not located any explanation.
It appears to be something to do with a PHP framework called ThinkPHP.
One of the hits when searching for it is for ThinkPHP on Google Code.
Perhaps there is a vulnerability in ThinkPHP, and this access is from
a machine scanning for vulnerable sites? Just a guess.
I don't think it has a meaning - it's just a 128-bit number expressed in hex.
Cheers
Tony
--
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org
More information about the CentOS
mailing list