Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: You are being directed to the US FBI where your IP address and details will also be logged.
Special Forums Cybersecurity You are being directed to the US FBI where your IP address and details will also be logged. Post 303039193 by Neo on Wednesday 25th of September 2019 10:53:29 PM
Old 09-25-2019
OK.. the above logging provides the clue of what the hacker / scanning tool is attempting:

GitHub - ab1gale/phpcms-2008-CVE-2018-19127

Quote:
Recently we found a vulnerability in /type.php of phpcms 2008 source code. When attackers send crafted requests like "/type.php?template=tag_(){};@unlink(FILE);assert($_POST[1]);{//../rss", evil content (in this case "@unlink(FILE);assert($_POST[1]);") will be written into cache file (in this case "/cache_template/rss.tpl.php") on phpcms 2008 website.
This does not effect our site since we do not run phpcms; but it is still interesting to see the non-stop hacking attempts; so in this case it's not "a big deal".. just par for the course on the web.

It's never ending.... keeping a busy web site up and running smoothly.
 

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

know who logged and logged out with their timings

being ordinary user (not having any administrative rights) can avail myself a facility to know who logged and logged out with their timings get popped onto my terminal as if it get echo 'ed... (3 Replies)
Discussion started by: vkandati
3 Replies

2. Ubuntu

tar not reading if output directed to /dev/null

I stumbled across a somewhat strange behavior of tar and find no explanation for it: i was testing a DVD for read errors and thought to simply tar the content and direct the output to /dev/null: tar -cvf - /my/mountpoint/*ts > /dev/null This way i expected the system to read the complete... (4 Replies)
Discussion started by: bakunin
4 Replies

3. IP Networking

Local Lan, no-ip directed DNS forward, surf within lan

Hi, We have a website running on a local centos 5.4 surfer, static IP. The domain.com uses no-ip.com to take care of the DNS, it forwards all to my server. My router receives the port 80 call, routes it to my server and the world can see domain.com perfectly fine. However, we cannot see... (3 Replies)
Discussion started by: lawstudent
3 Replies

4. UNIX for Dummies Questions & Answers

at -l doesnt give details of the scheduled job. How to get the details?

I have scheduled couple of shell scripts to run using 'at' command. The o/p of at -l is: $ at -l 1320904800.a Thu Nov 10 01:00:00 2011 1320894000.a Wed Nov 9 22:00:00 2011 1320876000.a Wed Nov 9 17:00:00 2011 $ uname -a SunOS dc2prcrptetl2 5.9 Generic_122300-54 sun4u sparc... (2 Replies)
Discussion started by: superparticle
2 Replies

5. Shell Programming and Scripting

Double quotes is not present to the directed file

I have the below to direct the values to a xml file, echo "<xml version="1.0">" >> /root/xml/sample.xml but when the check the sample.xml file, the output looks like the below one(without double quotes) <xml version=1.0> but i want the output like <xml version="1.0"> Any help on... (8 Replies)
Discussion started by: vel4ever
8 Replies

6. UNIX for Beginners Questions & Answers

Fetching address and user details from log file

Hi All, I have a requirement to get the address values from a large log file along with the user details. line1,line2,city,stateCode,postalCode,countryCode. The below code as advised in the earlier post is giving the user data zgrep -B1 "Failed to calculate Tax" log.2018-05-23.gz | grep... (8 Replies)
Discussion started by: nextStep
8 Replies

LEARN ABOUT MOJAVE

php-fpm

PHP-FPM(8)							Scripting Language							PHP-FPM(8)

NAME

       php-fpm - PHP FastCGI Process Manager 'PHP-FPM'

SYNOPSIS

       php-fpm [options]

DESCRIPTION

       PHP  is	a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. This
       is a variant of PHP that will run in the background as a daemon, listening for CGI requests. Output is logged to /usr/var/log/php-fpm.log.

       Most options are set in the configuration file. The configuration file is /private/etc/php-fpm.conf. By default, php-fpm  will  respond	to
       CGI  requests  listening  on localhost http port 9000. Therefore php-fpm expects your webserver to forward all requests for '.php' files to
       port 9000 and you should edit your webserver configuration file appropriately.

OPTIONS

       -C	      Do not chdir to the script's directory

       --php-ini path|file
       -c path|file   Look for php.ini file in the directory path or use the specified file

       --no-php-ini
       -n	      No php.ini file will be used

       --define foo[=bar]
       -d foo[=bar]   Define INI entry foo with value bar

       -e	      Generate extended information for debugger/profiler

       --help
       -h	      This help

       --info
       -i	      PHP information and configuration

       --modules
       -m	      Show compiled in modules

       --version
       -v	      Version number --prefix path

       -p	      Specify alternative prefix path (the default is /usr)

       --pid file
       -g	      Specify the PID file location.

       --fpm-config file
       -y	      Specify alternative path to FastCGI process manager configuration file (the default is /private/etc/php-fpm.conf)

       --test
       -t	      Test FPM configuration file and exit If called twice (-tt), the configuration is dumped before exiting.

       --daemonize
       -D	      Force to run in background and ignore daemonize option from configuration file.

       --nodaemonize
       -F	      Force to stay in foreground and ignore daemonize option from configuration file.

       --force-stderr
       -O	      Force output to stderr in nodaemonize even if stderr is not a TTY.

       --allow-to-run-as-root
       -R	      Allow pool to run as root (disabled by default)

FILES

       php-fpm.conf   The configuration file for the php-fpm daemon.

       php.ini	      The standard php configuration file.

EXAMPLES

       For any unix systems which use init.d for their main process manager, you should use the init script provided to start and stop the php-fpm
       daemon.

	      sudo /etc/init.d/php-fpm start

       For  any unix systems which use systemd for their main process manager, you should use the unit file provided to start and stop the php-fpm
       daemon.

	      sudo systemctl start php-fpm.service

       If your installation has no appropriate init script, launch php-fpm with no arguments. It will launch as a daemon (background  process)	by
       default.  The  file  /usr/var/run/php-fpm.pid  determines whether php-fpm is already up and running. Once started, php-fpm then responds to
       several POSIX signals:

	      SIGINT,SIGTERM	  immediate termination
	      SIGQUIT		  graceful stop
	      SIGUSR1		  re-open log file
	      SIGUSR2		  graceful reload of all workers + reload of fpm conf/binary

TIPS

       The PHP-FPM CGI daemon will work well with most popular webservers, including Apache2, lighttpd and nginx.

SEE ALSO

       The PHP-FPM website:
       http://php-fpm.org

       For a more or less complete description of PHP look here:
       http://www.php.net/manual/

       A nice introduction to PHP by Stig Bakken can be found here:
       http://www.zend.com/zend/art/intro.php

BUGS

       You can view the list of known bugs or report any new bug you found at:
       http://bugs.php.net

AUTHORS

       PHP-FPM SAPI was written by Andrei Nigmatulin. The mailing-lists are highload-php-en (English) and highload-php-ru (Russian).

       The PHP Group: Thies C. Arntzen, Stig Bakken, Andi Gutmans, Rasmus Lerdorf, Sam Ruby, Sascha Schumann, Zeev Suraski, Jim  Winstead,  Andrei
       Zmievski.

       A List of active developers can be found here:
       http://www.php.net/credits.php

       And last but not least PHP was developed with the help of a huge amount of contributors all around the world.

VERSION INFORMATION

       This manpage describes php-fpm, version 7.1.19.

COPYRIGHT

       Copyright (C) 1997-2018 The PHP Group
       Copyright (c) 2007-2009, Andrei Nigmatulin

       This  source  file  is  subject to version 3.01 of the PHP license, that is bundled with this package in the file LICENSE, and is available
       through the world-wide-web at the following url:
       http://www.php.net/license/3_01.txt

       If you did not receive a copy of the PHP license and  are  unable  to  obtain  it  through  the	world-wide-web,  please  send  a  note	to
       license@php.net so we can mail you a copy immediately.

The PHP Group							       2018								PHP-FPM(8)
All times are GMT -4. The time now is 02:39 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy