Welcome to Geeklog, Anonymous Tuesday, November 26 2024 @ 03:36 pm EST
Geeklog Forums
Spammers looking for holes in Spam-X?
Status: offline
LWC
Forum User
Full Member
Registered: 02/19/04
Posts: 818
One of my sites has had hits to the following addresses in the previous month - and I don't think I even entered Spam-X as an admin:
What do you think? And why does it try to find Spam-X within the parameters of article.php?
But more scary, how do the spammers even know I use Geeklog/Spam-X (of all things) in the first place...?
/article.php/plugins/spamx/BlackList.Examine.class.php
/article.php/plugins/spamx/MassDelete.Admin.class.php/geeklog/plugins/spamx/BaseAdmin.class.php
/article.php/plugins/spamx/MassDelete.Admin.class.php
/article.php/actual_ID_of_the_main_article%20%20/plugins/spamx/MassDelete.Admin.class.php
/article.php/actual_ID_of_the_main_article/plugins/spamx/MassDelete.Admin.class.php/geeklog/plugins/spamx/BaseAdmin.class.php
/article.php/plugins/spamx/MassDelete.Admin.class.php/geeklog/plugins/spamx/BaseAdmin.class.php
/article.php/plugins/spamx/MassDelete.Admin.class.php
/article.php/actual_ID_of_the_main_article%20%20/plugins/spamx/MassDelete.Admin.class.php
/article.php/actual_ID_of_the_main_article/plugins/spamx/MassDelete.Admin.class.php/geeklog/plugins/spamx/BaseAdmin.class.php
What do you think? And why does it try to find Spam-X within the parameters of article.php?
But more scary, how do the spammers even know I use Geeklog/Spam-X (of all things) in the first place...?
6
5
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
This is nothing new, actually. We had a problem with Spam-X in earlier versions where the Spam-X files were missing the protection for direct execution and so when you installed Geeklog incorrectly, those could be used for spamming (ironically).
Ever since that issue became know have I seen all sorts of requests to try and test for those files. And yes, attached to each and every URL on the site. Not only articles.php but also others, even the docs directory. These are either stupid bots or script kiddies or both. If you installed Geeklog correctly such that those files can not be called up from a URL, you can simply ignore these requests.
And it's not really hard to figure out that a site is running on Geeklog. The URLs used on the site make it pretty obvious.
bye, Dirk
Ever since that issue became know have I seen all sorts of requests to try and test for those files. And yes, attached to each and every URL on the site. Not only articles.php but also others, even the docs directory. These are either stupid bots or script kiddies or both. If you installed Geeklog correctly such that those files can not be called up from a URL, you can simply ignore these requests.
And it's not really hard to figure out that a site is running on Geeklog. The URLs used on the site make it pretty obvious.
bye, Dirk
11
5
Quote
All times are EST. The time is now 03:36 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content