Event Details
Date
14 September 2010
POST Values
CFID:
xxxxxxxx, CFTOKEN=xxxxxxxx, CFGLOBALS=urltoken=CFID#=xxxxxxx&CFTOKEN#=xxxxxxx#lastvisit={ts '2010-09-14 14:33:18'}#timecreated={ts '2010-09-14 14:33:18'}#hitcount=2#cftoken=xxxxxxxx#cfid=xxxxxxxx#, __mmsid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, __mmuid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, __mmtrk=0|||x|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
What the hacker was hoping for
This isn't actually a hack attempt. What this is is cold fusion's horrible built in session handler. It will crop up occasionally in your logs. Sometimes they are forged, sometimes not. However if you're not running Cold Fusion (which you shouldn't be), you should be safe.
How to prevent this
- Don't run Cold Fusion
No comments:
Post a Comment