Possible hacking

General General Questions
1

Hi all,

I got this report this morning from my server.

Attempts to use known hacks by 1 hosts were logged 30 time(s) from:

119.235.251.114: 30 Time(s)

\x81 30 Time(s)



A total of 1 sites probed the server

119.235.251.114



A total of 14 possible successful probes were detected (the following URLs

contain strings that match one or more of a listing of strings that

indicate a possible exploit):



/jam-and-aksesoris-watches-and-accessoref=\xdc\xae{\x9c\x81{\xecries/arloji-watches/omega.html HTTP Response 200

/index.php?dispatch=auth.login_form&return_url=index.php?oducP\x81\xa3|G\xc0dispatch=products.view&product_id=1068 HTTP Response 302

/jam-and-aksesoris-watches-and-accessoh-ho\xb4\x81\xd3.D\xd1\xe0.\x84ries/arloji-watches/omega.html HTTP Response 200

/pakaian-clothing-ls-cl\xcf\x81\x884\xf4fashion/sepatu-shoes.html HTTP Response 200

/index.php?dispatch=auth.login_form&return_url=index.php?dispatch=categories.view&c\xf0\xd34\xf2\xd6\x81\xfe\xecategory_id=53&sort_by=product&sort_order=asc&layout=products&currency=IDR HTTP Response 302

/jam-and-aksesoris-watches-and-accessories/aray/\xec\xc5\xe0.\xec\x81U\xf4rloji-watches/omega.html HTTP Response 200

/jam-and-aksesoris-watches-and-accessoref=/\xc3\x81!ries/arloji-watches/omega.html HTTP Response 200

/\xac\x81(\xbcaian-kucing-cat-apparel.html HTTP Response 200

/pakaian-clothing-fashion/wanita-woman/rompi-cardigan.html?sort_by=product&sort_order=asc&layout=products_multicil-a@m\xac\xe5\x81Polumns HTTP Response 200

/index.php?dispatch=auth.login_form&return_url=index.php?dispatch=products.view&product_id=2563&currency=IDRidde\xf0\x81\xd4E HTTP Response 302

/index.php?dispatch=auth.login_formispaD\xa8$\x81\xe0\x80&return_url=index.php?dispatch=products.view&product_id=2675 HTTP Response 302

/perabot-rumah-home-f-cloH\x87\x81$l\xcf5\xacurniture/perabot-kamar-tidur-bed-room/lemari-wardrobe.html HTTP Response 200

/pakaian-clothincats,\xe7\xbc3\xb4\x81\xd03$g-fashion/sepatu-shoes.html HTTP Response 200

/perabot-rumah-home-fome-\xb4\x81\xd3.\x84)I/@urniture/perabot-kamar-tidur-bed-room/lemari-wardrobe.html HTTP Response 200



I see there is a model like \xe7\xbc3 or \xx87 or \xac and any other wierd stuff starting with “\x” do any of you got this before? if yes, please advise if this attack is success or not.

Thanks



dsc81

2

I already got the respond from CS-Cart



“You have nothing to worry about. CS-Cart is immune to this kind of attacks. Those are only possible exploits, but they are not real.



Automatic attempts to exploit websites happen all the time. I suggest that you should not pay that much attention to them.



I hope this explains the situation.”



That's a relieve