Breakdown of attack URL
Posted: Thu Nov 03, 2011 10:41 am
I want a better understanding of what I'm looking at when an attack is reported to me. I'm hoping you guys can help me out by breaking down a URL for me and sending me to the correct sources to get more information. Example URL:
My understanding was that a server responds with 200 when the request succeeded. I'm guessing the above URL didn't break anything as far as the server was concerned so it sent a 200 repsonse. And if I load this in the browser, it continued to load the page as expected. So what was this URL trying to do exactly? Thanks!
Code: Select all
/MFR1.HTM?view=Panasonic_reviews%22%20onmousedown=%22ct(this,%20'http%3A%2F%2Fwww.imaging-resource.com%2FMFR1.HTM%3Fview%3DPanasonic_reviews','21','3','%2F%2F%2F%3Fpage%3Dpanasonic','',%20'00f08b68183ac8e8fc131147ad2015c66e310dec38043fbb8cc3',%200)/?page=../../../../../../../../../../../../..//proc/self/environ%0000 HTTP Response 200