Deprecated: Joomla\Input\Input implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary) in /homepages/13/d380392445/htdocs/Jlive/libraries/vendor/joomla/input/src/Input.php on line 41

Deprecated: Return type of Joomla\Input\Input::count() should either be compatible with Countable::count(): int, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /homepages/13/d380392445/htdocs/Jlive/libraries/vendor/joomla/input/src/Input.php on line 170

Deprecated: KunenaControllerApplicationDisplay implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary) in /homepages/13/d380392445/htdocs/Jlive/libraries/kunena/controller/application/display.php on line 21

Deprecated: preg_match_all(): Passing null to parameter #2 ($subject) of type string is deprecated in /homepages/13/d380392445/htdocs/Jlive/administrator/components/com_easyblog/includes/adsense/adsense.php on line 138
Detected intrusion attempts - Macrotone Blogs
By Geoffrey Chapman on Sunday, 24 February 2013
Category: Miscellaneous

Detected intrusion attempts

We have detected an unusual (for us) sudden spate of web attacks on our site by hackers which we thought we would share with the community.

These attacks have taken a different route to those we normally see. They have basically fallen into two separate categories:

Malicious User Agent:  
This attack vector describes where a hacker tries to access the site using a browser configured to send malicious PHP code in its user agent string (a small piece of text used to describe the browser to your server).  The idea behind it is that buggy log processing software will parse it and allow the hacker to gain control of the website.

Direct File Inclusion:
In this attack vector a hacker tries to trick vulnerable components into loading arbitrary files. Depending on the vulnerable component, the file will either be output verbatim or parsed as a PHP file. This allows attackers to disclose sensitive information about the site or to run malicious code uploaded to the site through another vulnerable vector, e.g. an unfiltered upload of executable PHP code.

Leave Comments