Access to unlinked files

Access to unlinked files

Post by Martin Fisch » Thu, 03 Jan 2002 02:40:56



Hi,

while looking at the stats for my website today, I noticed some
attempts to access a cgi-script on the server that's not linked from
anywhere.

The scripts got uploaded by mistake, when I did a sitecopy and
uploaded files that weren't ready to be released.

But what puzzles me is how anybody else found out about the script and
tried to access it. Is that possible or are there any other
explanations? The server is Apache 1.3.19. I did check the client IP
addresses. They came from different domains, some of them obviously
being addresses used for dial-up access.  

( The files have been deleted in the meantime of course ).

Regards,
Martin

 
 
 

Access to unlinked files

Post by David Efflan » Fri, 04 Jan 2002 04:45:55



Quote:> Hi,

> while looking at the stats for my website today, I noticed some
> attempts to access a cgi-script on the server that's not linked from
> anywhere.

> The scripts got uploaded by mistake, when I did a sitecopy and
> uploaded files that weren't ready to be released.

> But what puzzles me is how anybody else found out about the script and
> tried to access it. Is that possible or are there any other
> explanations? The server is Apache 1.3.19. I did check the client IP
> addresses. They came from different domains, some of them obviously
> being addresses used for dial-up access.  

Were they commonly available scripts or common names (like test.cgi or
formmail.pl or .cgi)?  Does your web host have any users other than you?  
Maybe they notice the scripts from the shell or their own CGI.

--
David Efflandt - All spam is ignored - http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/

 
 
 

Access to unlinked files

Post by Martin Fisch » Fri, 04 Jan 2002 17:30:15




> > while looking at the stats for my website today, I noticed some
> > attempts to access a cgi-script on the server that's not linked from
> > anywhere.

> > The scripts got uploaded by mistake, when I did a sitecopy and
> > uploaded files that weren't ready to be released.

> Were they commonly available scripts or common names (like test.cgi or
> formmail.pl or .cgi)?  Does your web host have any users other than you?  
> Maybe they notice the scripts from the shell or their own CGI.

Looks like your first suggestion might be a winner. The script was
named forum.pl. But if anybody would try to access commonly named
scripts, wouldn't I see 404s in my log for all these names? That
didn't happen. So maybe your second suggestion suits better. Will try
to find out, whether this is possible on the server I'm using (
together with many others ).

Thanks,
Martin

 
 
 

1. gdm_auth_secure_display: Could not unlink /var/gdm/:0.xauth file: No such file or directory

I can't login to X as a user, /var/log/messages shows:

gdm_auth_secure_display: Could not unlink /var/gdm/:0.xauth file: No
such file or directory

How do I fix this.

It started happening after a power failure, fsck complained about a
bunch of stuff, but disk looks OK.

I can log into gnome as root, but not as a user.

I've read the man page for xauth, but I'm not quite sure how to proceed.

TIA, Bruce.

--

Sattel Global Networks          818.709.6201 x122

2. multilingual emacs for slackware 1.1.1 now available

3. cannot unlink file or create files

4. UDP message size

5. "rm: can't unlink 'files'",can't delete files

6. too many mount points, wrong fs .. .etc during kernel boot up

7. File Access - Does Owner Access Override Group Access?

8. "how-to" set up chroot environment for an AIX service -- say, cvs pserver?

9. Unlinking Files & Dirs

10. Emulating unlink() on open files in Win32

11. unlink a file

12. unlink files!!!

13. unlinking a file