Security: Repeated perl bot attack attempts targeting sitemap
« on: January 01, 2008, 11:16:19 PM »
Hi all.

In following my site's traffic, I've noticed persistent attack attempts by bots specifically targeting the sitemap.  The user agent is almost always libwww-perl/5.805.  The bots typically reference a php instruction that has been uploaded onto someone else's site in a text file. The code on the text file is what the bot attempts to inject into the form on the target page (i.e. the admin login).

Here is a generic example of an attempt:

XML-SITEMAPS, of course, creates an admin login page, but not at the location of the XML file that is generated.

Are there are any known security issues with these types of attacks?
Re: Security: Repeated perl bot attack attempts targeting sitemap
« Reply #1 on: January 02, 2008, 06:46:26 PM »

xml sitemap is NOT an executable page so it cannot be exploited in any way, this must be a bot script that just attempts to attach parameters to any found URL on the site.
Oleg Ignatiuk
Send me a Private Message

For maximum exposure and traffic for your web site check out our additional SEO Services.