Menu
I saw that my nopCommerce site had a logged search for:
ADw-script AD4-alert(202) ADw-/script AD4-
I'm a bit curious though what they were trying to accomplish. I searched a bit for it and appearently the ADw-script AD4- encodes in UTF7 to <script>. But why the alert(202)?
Were they just checking for vulnerabilities?
More hacking attemps was logged and I made a new question about them here: Hacking attempt, what were they trying to do and how can I check if they succeeded?
235
Someone is checking if you have a UTF-7 injection vulnerability to exploit it later. UTF-7 uses only characters that are usually not considered harmful. Do you always use meta charset in your HTML?
Always use meta charset as high as possible in your HTML, like this:
<!doctype html>
<html lang="en-us">
<head>
<meta charset="utf-8">
...
and you won't have to worry about UTF-7 based XSS attacks.
172
Yup , they were just checking if your site is vulnerable for XSS.
Read http://www.cgisecurity.com/xss-faq.html
and Rsnakes XSS cheat-sheet
http://ha.ckers.org/xss.html
for more info
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
