Code:
213.208.135.7 - - [28/Aug/2009:15:35:37 -0500]
"GET /blog/2009/07/20/php-curl/?t=../../../../../../../../etc/passwd HTTP/1.0" 200 31672 "-"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1)
Gecko/2008070400 SUSE/3.0.1-0.1 Firefox/3.0.1"
213.208.135.7 - - [28/Aug/2009:15:35:37 -0500]
"GET /blog/2009/07/20/php-curl/?t=../../../../../../../../etc/passwd HTTP/1.0" 200 31672 "-"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1)
Gecko/2008070400 SUSE/3.0.1-0.1 Firefox/3.0.1"
Napad je ponovio 67 puta sa nekoliko IP adresa. Menjao je URI, montirao refferer, operativni sistem i sl ali je
Code:
../../../../../../../../etc/passwd
ostavio. Da li je mogao da procita sadrzaj passwd fajla ima dozvolu 0644?../../../../../../../../etc/passwd
Da li .htaccess moze da zastiti server od takvih kretena?