Results 1 to 9 of 9
  1. #1
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    Can I get an interpretation?
    I did not know where else to make this post. Move it if desired.

    I found this "asc=echo%20%27xx23423%27.%272xxcv3%27.%27dcfxcx2xd" when reviewing the statpress for "top page visits" on one of my wordpress sites.

    Can anyone interpret this? I have never made a page and can not find a page on my site with this designation
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  2. #2
    ...and a Pirate's heart. Convergence's Avatar
    Join Date
    June 24th, 2005
    Posts
    6,918
    %20 is a blank space
    %27 is an apostrophe

    Does this look more familiar?

    Code:
    asc=echo 'xx23423'.'2xxcv3'.'dcfxcx2xd
    asc is usually a sort order - Ascending.
    Salty kisses, Sandy toes, and a Pirate's heart...

  3. #3
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    Thanks.

    It is not something that I recognize and there is nothing on my other WP powered sites that looks out of place.

    The stats indicate that it has received a few hundred visits.
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  4. #4
    Newbie
    Join Date
    November 7th, 2012
    Posts
    8
    this is result of a vuln scanner..

    In other words a hacker (/bot) scanning for (blind) SQL injection exploits..

  5. Thanks From:

  6. #5
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    Is this something that my host should be guarding against??

    Is there some protection for this?

    Thanks
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  7. #6
    Newbie
    Join Date
    November 7th, 2012
    Posts
    8
    well that is kinda an open question..

    Does your website run home made CMS?
    Do you run WordPress

    Of course your system should protect you for such scans being successful.
    If you would click the whole link, I'm assuming the part you posted is part of a link like:
    http://site.com/somfile.php?asc=xxxx...

    Just click the link what do you get? if you actually see any error showing information or even worse any of those values 'xx23423' '2xxcv3' 'dcfxcx2xd' on your page you have a HUGE problem.

    There are ways you can block those kind of scans but there are so many possibilities I can't go into that specifically..
    (also because I don't know your server config to say anything useful)

    It is not 100% possible to block all scans like this.. and if you system is good it also shouldn't matter too much

  8. Thanks From:

  9. #7
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    No home brewed CMS

    Site is wordpress based

    Site is on a reseller hosting plan

    See post #1 for where the item was found

    This does not appear on any of the other sites.
    Last edited by Witzer; November 7th, 2012 at 08:11 PM.
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  10. #8
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    The site seems to be operating fine. G Web Tools does not indicate any problems, but I assume that when Goog reacts that it is already too late..
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  11. #9
    Newbie
    Join Date
    November 7th, 2012
    Posts
    8
    I don't know the plugin statpress actually, but did you follow the full link to see what kind of page you get (otherwise PM it the full url to me and I'll check it for you)
    ?
    Also when hosted on WordPress just make sure WP is up to date as are all your plugins / themes.

    And install 1 or 2 security plugins (like bulletproof and 'Better WP security') then you should be ok.

    It's annoying these scans as they pollute your stats.

    Also I don't suspect Google has anything to do with it.. it is just the scanner that scanned this a couple 100 / 1000nd times and statpress is showing that.. probably it doesn't come to google, or google even doesn't notice this..

    (I'm saying probably because I don't know statpress and not 100% sure about what stats it shows and how it records stats)

  12. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. RI Tax Agency Interpretation: Advertising isn't Advertising
    By markwelch in forum Rhode Island Affiliate Tax
    Replies: 8
    Last Post: July 24th, 2009, 09:19 AM
  2. North Carolina tax agency's interpretation of Advertising-Nexus Tax Law?
    By markwelch in forum North Carolina Affiliate Tax
    Replies: 2
    Last Post: July 7th, 2009, 05:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •