SpiderLabs^® Blog

Our web sensors picked up a big uptick in Local File Inclusion (LFI) attacks today. We received 3675 attacks that targeted a wide range of applications all attempting to use directory traversals to access: Windowswin.ini boot.ini Here is a sampling...

Read More 

Our web honeypot sensors picked up attacks aimed at exploiting a Zen Cart SQL Injection vulnerability. The attacks send a POST request to the following URLs: POST /admin/sqlpatch.php/password_forgotten.php?action=execute POST /black_market/admin/sqlpatch.php/password_forgotten.php?action=execute POST /cart/admin/sqlpatch.php/password_forgotten.php?action=execute POST /product_info.php/products_id/1658/admin/sqlpatch.php/password_forgotten.php?action=execute POST /shop/admin/sqlpatch.php/password_forgotten.php?action=execute POST /shopping/admin/sqlpatch.php/password_forgotten.php?action=execute POST /store/admin/sqlpatch.php/password_forgotten.php?action=execute...

Read More 

As we first noted in a previous Honeypot Alert Blog post, our web honeypots have again received attempts to exploit a WordPress is-human pluging remote command injection vulnerability. ExploitDB lists the following data: # Exploit Title: is-human (1.4.2 and prior)...

Read More 

Monthly Web Honeypot Status Report We have received a tremendous amount of positive feedback on our web-based honeypot alert blog posts. While we agree that this data is useful for raising awareness of individual attack details, we feel that what...

Read More