I found the following hack on our server logs. I have been using a new book on Cold Fusion hacking (Hack Proofing Cold Fusion) and making server side upgrades to security. Still have some more to do but found this interesting hack from Korea on my site logs.
Data hacking found on log files: Ted Barker ps: this is from our BBS area and looks to be grabbing the url.id from the data files rather than a direct access to the database on server. Any ideas? ----------------- Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+i-NavFourF) - http://cafe155.daum.net/_c21_/bbs_read?grpid=jGRx&fldid=DLY3&page=1&prev_page=0&firstbbsdepth=&lastbbsdepth=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz&contentval=0004Xzzzzzzzzzzzzzzzzzzzzzzzzz&datanum=281&head=%C7%D1%B1%B9%C0%FC%C0%EF&subj=%3Cb%3EF80%BD%B4%C6%C3%BD%BA%C5%B8%3C%2Fb%3E&nick=%C0%FE%C0%BA%B9%CC%BC%D2&id=gqTxCzVunXo0&smsnum=-1&smsvalid=0&count=5&day=20040914110321&datatype=9&selectyn=n&avatarcate=1&rowid=AAAA4zAATAAAal/AAs&edge= 2004-09-15 06:21:50 203.253.173.200 - mail.kwp.org GET /top_right.gif - 200 0 HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+98;+Win+9x+4.90) - http://cafe184.daum.net/_c21_/bbs_read?grpid=qz8e&fldid=8AA&page=1&prev_page=0&firstbbsdepth=&lastbbsdepth=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz&contentval=0000Mzzzzzzzzzzzzzzzzzzzzzzzzz&datanum=22&head=&subj=%C7%D1%B1%B9%C0%CE%BF%A1%B0%D4+%C0%D8%C7%F4%C1%F8+%C0%FC%C0%EF+6.25+%B1%D7%B7%AF%B3%AA+%B9%CC%B1%BA%C2%FC%C0%FC+%BF%EB%BB%E7%B5%E9%C0%C7+%B3%FA%B8%AE%BF%A1+%B1%ED%B0%D4+%B0%A2%C0%CE%B5%C7%BE%EE+%C0%D6%B4%C2+6.25&nick=%B1%E8%C1%D8%C8%A3&id=l54bx8X3woc0&smsnum=0&smsvalid=0&count=10&day=20040830084025&datatype=Z&selectyn=n&avatarcate=1&rowid=AAAAxhAASAAANalAAN&edge= =============================================================== Ted Barker: PH: 214.320.0342 The Korean War Project (Online since 1/15/94) http://www.koreanwar.org/ (Website since 2/15/95) =============================================================== ---------------------------------------------------------- To post, send email to [EMAIL PROTECTED] To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm
