Results 1 to 7 of 7
  1. #1
    Join Date
    Mar 2004
    Posts
    1,301

    what does "../winnt/system32/cmd.exe?/......" mean?

    Hi,

    On my apache log, I found this and don't know what this mean? This is not my IP.



    68.82.250.182 - - [15/Apr/2004:00:24:56 -0400] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300


    Thanks!

  2. #2
    It was a window exploit attempt. If you are using Unix, you should be fine.

  3. #3
    Join Date
    Mar 2004
    Posts
    1,301
    Hi Alex,

    did the person perform a randomly scan?
    I am on windows with router and Zonealarm Pro setup.
    Should I be worried?

    Thanks!

  4. #4

  5. #5
    Join Date
    Mar 2004
    Posts
    1,301
    thank you Alex!

    I am patched up.

  6. #6
    Join Date
    Feb 2003
    Location
    Kuala Lumpur, Malaysia
    Posts
    4,974
    That was once upon a time

    My server was brought down as it has badly flooded my apache

  7. #7
    I am not very good at windows. This is just a wild idea. Do you think we can move cmd.exe to a non default folder, and don't set the path to it. Whenever we try to use cmd.exe we have to type the whole absolute path ? Does it helps ? By default, does windows require cmd.exe located in %systemroor%\cmd.exe ?

    This is just a ideal and a question .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •