• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Fuzzing? Or something sinister?

LEGEND ,
Mar 22, 2017 Mar 22, 2017

Copy link to clipboard

Copied

Hello, all,

It has recently been brought to my attention that someone in Germany has been trying some pretty weird things with our public-facing website, and I'm inclined to believe that these actors are just trying to fuzz our servers.  Pen testing in the wild, so to speak.

But then there's that paranoid part of me that is thinking this could be something else, something malicious.

This/these person(s) are flooding our web servers with GET requests that are odd:

GET/60,83,84,89,76,69,62,108,105,32,123,108,105,115,116,45,115,116,121,108,101,45,105,109,97,103,101,58,32,117,114,108,40,34,106,97,118,97,115,99,114,105,112,116,58,106,97,118,97,115,99,114,105,112,116,58,56,55,56,48,53,52,97,101,48,100,52,54,54,52,100,53,53,98,48,101,49,98,55,50,53,98,51,48,101,57,50,57,34,41,59,125,60,47,83,84,89,76,69,62,60,85,76,62,60,76,73,62,88 HTTP/1.1

Someone here managed to decode this:

<STYLE>li {list-style-image:url("javascript:javascript:878054ae0d4664d55b0e1b725b30e929");}</STYLE><UL><LI>

Now, I've never seen "javascript:javascript:{random string}", before.  Is this an attempt to inject code into our website???  Or is this a part of a fuzzing technique?  Something worse??  Something weak a script-kiddie would use?

V/r,

^_^

Views

446

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Mar 22, 2017 Mar 22, 2017

Copy link to clipboard

Copied

I've never heard the phrase fuzzing but it could be sinister or accidental, but definitely a scan of some sort. Here, we treat everything as hostile until we determine otherwise -- but we deal with payments so we tend to be very protective, bordering paranoid.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Mar 22, 2017 Mar 22, 2017

Copy link to clipboard

Copied

LATEST

Hi, Steve Sommers​,

https://forums.adobe.com/people/Steve+Sommers  wrote

but we deal with payments so we tend to be very protective, bordering paranoid.

I know how that goes.  I'm working for USG DoD, and paranoia is the M.O., here.

"Fuzzing" is a black hat method of automated probing for security vulnerabilities using malformed data injection.

V/r,

^_^

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation