Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

List With Ips That Are Trying To Hack Cs-Cart Trought Api Rate Topic   * * * * * 1 votes

 
  • Hungryweb
  • Senior Member
  • Authorized Reseller
  • Join Date: 10-Feb 12
  • 1247 posts

Posted 21 May 2019 - 04:27 AM #1

Hi,

A while back we start monitoring the API requests and we found out that is in a continues trying to be hacked and bellow we share with you a list with IPs and also some parts of the requests

api-hack-1.png

api-hack-2.png

api-hack-3.png

api-hack-4.png
 
1.80.3.229
1.192.147.162
23.27.103.197 -  Baiduspider
23.27.117.182 -  Baiduspider
23.239.96.10
27.16.212.50
27.110.254.120
36.248.19.178
39.109.126.36
42.85.131.5
42.85.131.5
42.180.124.114
43.251.118.67 - Fake Baiduspider
50.117.40.70
58.56.96.52
60.176.228.251
61.218.40.100
81.88.49.35
91.107.64.185
101.75.146.107
103.45.70.72
103.231.12.179
106.45.1.143
111.224.218.54
112.66.107.96
112.117.17.8
113.233.161.79
113.238.169.77
113.247.33.244
114.199.68.65
115.84.71.25
115.84.71.34
115.84.71.205
115.84.97.206
115.84.97.210
115.84.98.16
115.84.98.22
115.84.98.53
115.84.98.83
115.84.98.92
115.84.117.190
116.253.143.197
118.113.21.147
118.250.115.138
119.84.99.2
119.84.99.5
120.10.18.238
120.10.45.226
120.79.209.163
120.200.69.32
120.200.68.18
120.200.69.32
120.200.69.59
120.200.70.100
120.200.71.48
121.16.172.25
121.40.20.81
121.58.213.122
122.97.174.139
122.97.174.163
122.97.174.198
122.97.178.158
122.97.178.165
122.97.178.208
122.97.179.88
122.114.171.128
122.114.193.70
122.226.184.68
125.46.207.74
122.114.171.128
122.226.184.68
122.114.193.70
122.226.184.76
124.47.22.86
124.235.138.100
125.41.80.127
125.46.206.61
125.68.15.176
125.84.176.125
139.205.4.205
141.101.166.199
142.54.172.210
148.163.168.82
152.32.140.196
152.32.140.254
153.3.195.194
171.36.135.110
171.42.159.139
173.245.77.219
175.11.230.143
175.148.145.158
175.148.161.162
180.143.55.68
180.232.7.5
182.109.177.41
182.109.183.255
182.124.97.214
182.242.105.247
183.42.49.82
183.214.196.29
183.214.196.81
183.214.196.83
202.178.116.122
203.177.158.165
205.164.26.80
216.172.155.152
218.14.55.82
219.156.64.184
220.200.158.119
220.250.62.132
221.3.160.180
221.193.59.216
221.195.215.163
221.232.20.247
222.86.227.236
222.137.31.99
222.137.167.228
222.186.10.28
222.186.10.54
222.186.10.142
222.186.46.6
222.186.46.122
222.186.57.34
222.186.57.109
222.186.57.142
222.186.57.149
222.186.59.29
222.186.59.44
222.186.150.193
222.186.150.234
222.186.150.239
222.186.160.61
222.218.251.83
222.244.138.71
223.73.88.207
223.88.244.203
223.166.74.211


 
  • kogi
  • Senior Member
  • Members
  • Join Date: 16-Aug 07
  • 614 posts

Posted 21 May 2019 - 04:37 AM #2

Hmm, Can I block access to /api directory?


find / -type f -name '*.base' -exec chown kogi.kogi {} \;

 
  • Hungryweb
  • Senior Member
  • Authorized Reseller
  • Join Date: 10-Feb 12
  • 1247 posts

Posted 21 May 2019 - 07:52 AM #3

Hmm, Can I block access to /api directory?


For all our customers that don't use API we rename the file /api.php