I was combing through my Apache logs, just checking up on things and I
found something very odd that I've never seen before. These wierd
accesses:
index.php?=PHPE 9568F34-D428-11d2-A769-00AA001ACF42
index.php?=PHPE 9568F35-D428-11d2-A769-00AA001ACF43
I'm not sure what this is.
This is what they do:
The first one simply displays the Zend Optimizer logo, and the second
one goes to my home page.
The first one only occurs about 10 times, on the same page, from 2
different IPs. The second occurs probably 50 times, on the same page,
from 4 different IPs.
Does anyone know what this is? If so, can it be useful to me, or is it
simply a security hole.
--TekWiz
3  1543 
TekWiz wrote: I was combing through my Apache logs, just checking up on things and I
found something very odd that I've never seen before. These wierd
accesses:
index.php?=PHPE 9568F34-D428-11d2-A769-00AA001ACF42
index.php?=PHPE 9568F35-D428-11d2-A769-00AA001ACF43
I'm not sure what this is.
This is what they do:
The first one simply displays the Zend Optimizer logo, and the second
one goes to my home page.
The first one only occurs about 10 times, on the same page, from 2
different IPs. The second occurs probably 50 times, on the same page,
from 4 different IPs.
Does anyone know what this is? If so, can it be useful to me, or is it
simply a security hole.
--TekWiz
What does index.php do? Does it expect arguements in $_GET or $_POST
??? It might well be a hacking process crawling the web for php
suffixed files and then sending some duff information to see if PHP
would throw out an error (if it did, then I guess it might give the
hacker something to work on).
I can't see how youget the Zend Optimizer logo from the first link, and
your home page on the second link. I think first time around, its
reading it from your PCs cache - I'm not sure - I'm guessing...
Hope that helps some,
randelld
The first request is a PHP "Easter Egg". In order to not show the logo, you
need to set expose_php to off in php.ini. Someone may be trying to
determine if your server is running PHP (for benign or malevolent reasons).
The second request, as far as I know, is meaningless.
- Kevin
"TekWiz" <te****@twarlic k.net> wrote in message
news:11******** *************@z 14g2000cwz.goog legroups.com... I was combing through my Apache logs, just checking up on things and I
found something very odd that I've never seen before. These wierd
accesses:
index.php?=PHPE 9568F34-D428-11d2-A769-00AA001ACF42
index.php?=PHPE 9568F35-D428-11d2-A769-00AA001ACF43
I'm not sure what this is.
This is what they do:
The first one simply displays the Zend Optimizer logo, and the second
one goes to my home page.
The first one only occurs about 10 times, on the same page, from 2
different IPs. The second occurs probably 50 times, on the same page,
from 4 different IPs.
Does anyone know what this is? If so, can it be useful to me, or is it
simply a security hole.
--TekWiz
"TekWiz" <te****@twarlic k.net> writes: I was combing through my Apache logs, just checking up on things and I
found something very odd that I've never seen before. These wierd
accesses:
index.php?=PHPE 9568F34-D428-11d2-A769-00AA001ACF42
index.php?=PHPE 9568F35-D428-11d2-A769-00AA001ACF43
I'm not sure what this is.
--snip--
Does anyone know what this is? If so, can it be useful to me, or is it
simply a security hole.
I don't know the technical term for these type of strings, but they're
completely harmless PHP control codes. They actually work on any
webserver with expose_php enabled (see, for example, http://www.php.net/?=PHPE9568F36-D42...9-00AA001ACF42 ) If they
make you nervous, though, you can set the expose_php in your php.ini
file to Off.
There are actually four codes that I know about (you can see their
definitions in the php source within /ext/standard/info.h)
?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
Displays the PHP logo. (This provides a way for the phpinfo function
to display a PHP logo).
?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
Displays the Zend logo. (Also used by phpinfo).
?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
Displays an "easter egg" image of a rabbit in PHP 5.0, a dog in PHP
4.3.0, or some dude in 4.2.3
?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
Displays the PHP development credits. (This page is linked to from phpinfo).
I hope this helps.
--
Peter Sahlstrom ne**@sahlstrom. us http://peter.stormlash.net This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: William C. White |
last post by:
Does anyone know of a way to use PHP /w Authorize.net AIM without using
cURL? Our website is hosted on a shared drive and the webhost company
doesn't installed additional software (such as cURL) on the server because
of that. Our site will have an SSL certificate next week, so I would like
to use AIM instead of SIM, however, I don't know how to send data via POST
over https and recieve data from the Authorize.net server over an https...
|
by: Albert Ahtenberg |
last post by:
Hello,
I don't know if it is only me but I was sure that header("Location:url")
redirects the browser instantly to URL, or at least stops the execution of
the code. But appearantely it continues to execute the code until the
browser send his reply to the header instruction. So an exit(); after each
redirection won't hurt at all
|
by: James |
last post by:
Hi,
I have a form with 2 fields.
'A'
'B'
The user completes one of the fields and the form is submitted.
On the results page I want to run a query, but this will change
subject to which field is completed.
|
by: Ollivier Robert |
last post by:
Hello,
I'm trying to link PHP with Oracle 9.2.0/OCI8 with gcc 3.2.3 on a Solaris9
system. The link succeeds but everytime I try to run php, I get a SEGV from
inside the libcnltsh.so library.
354 roberto@ausone:Build/php-4.3.2> ldd /opt/php4/bin/php
libsablot.so.0 => /usr/local/lib/libsablot.so.0
libstdc++.so.5 => /usr/local/lib/libstdc++.so.5
libm.so.1 => /usr/lib/libm.so.1
|
by: Richard Galli |
last post by:
I want viewers to compare state laws on a single subject.
Imagine a three-column table with a drop-down box on the top. A viewer
selects a state from the list, and that state's text fills the column below.
The viewer can select states from the drop down lists above the other two
columns as well. If the viewer selects only one, only one column fills. If
the viewer selects two states, two columns fill. Etc.
I could, if appropriate, have...
| | |
by: Albert Ahtenberg |
last post by:
Hello,
I have two questions.
1. When the user presses the back button and returns to a form he filled
the form is reseted. How do I leave there the values he inserted?
2. When the user comes back to a page where he had a submitted POST data
the browser keeps telling that the data has expired and asks if repost. How
to avoid that? I tried registering all POST and GET vars as SESSION vars but
|
by: inderjit S Gabrie |
last post by:
Hi all
Here is the scenerio ...is it possibly to do this...
i am getting valid course dates output on to a web which i have designed
....all is okay so far , look at the following web url
http://www.mis.gla.ac.uk/biquery/training/
but each of the courses held have maximum of 8 people that could be
|
by: Jack |
last post by:
Hi All,
What is the PHP equivilent of Oracle bind variables in a SQL statement, e.g.
select x from y where z=:parameter
Which in asp/jsp would be followed by some statements to bind a value to :parameter
I dont like the idea of making the SQL statement on the fly without binding parameters as I
dont want a highly polluted SQL cache.
|
by: Sandwick |
last post by:
I am trying to change the size of a drawing so they are all 3x3.
the script below is what i was trying to use to cut it in half ... I
get errors.
I can display the normal picture but not the results of the picture
half the size. The PHP I have installed support 1.62 or higher. And
all I would like to do is take and image and make it fit a 3x3.
Any suggestions to where I should read or look would be appreciated.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
