I have a script that saves irregular strings in the url and look what someone tried to run
OPENED: /index.php?function=data:, METHOD: GET PORT: 36606
OPENED: /index.php?classified_path=data:,? METHOD: GET PORT: 49650
OPENED: /index.php?base==data:, METHOD: GET PORT: 48062
OPENED: /index.php?G_JGALL[inc_path]=data:, METHOD: GET PORT: 33185
OPENED: /index.php?G_JGALL[inc_path]=data:, METHOD: GET PORT: 51399
What does it mean? I googled G_JGALL and found nothing but this https://github.com/sakti/fuzfuz/blob/master/data/rfi/rfi.txt which i don't understand.. and this http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2158
What kind of an attack is this and should I worry about?
I'm not using any gallery system on my website.
If I understood your linked CVE correctly you don't need to care about if you don't have installed a software called jGallery 1.3 . Somebody, proberbly a script kiddie, tried to check for this vulnerability. You may could check for the user agent (if it is not something like a typical browser user agent) and block all requests from that user agent or that IP.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.