Tell me more ×
IT Security Stack Exchange is a question and answer site for IT security professionals. It's 100% free, no registration required.
up vote -2 down vote favorite

I was browsing my website's server logs, and noticed these strange entries in the 'request uri' column. 

/.open_box
/.slideshow
/.motion_detected

Each of those words are in the Java Script associated with the site.

The attacker seems to be stepping through my Java Script objects and putting each into a request like /.container or /.slideshow What might they be trying to do?

If I had something like the following in my .htaccess file:

AddType application/open_box

the attacker might get somewhere, I suppose, but that seems far fetched.

share|improve this question
5  
Please expand your question with more background information and possibly some code blocks, there is not enough in the original answer to go on. – Eric G Apr 2 at 3:21
I have edited and expanded, but still seem to be getting down-votes. Please explain. Is this such a mind-numbingly stupid question? – Bobbi Bennett Apr 2 at 15:02
@BobbiBennett - No it's not a stupid question, problem is you're not including much information we could base our answers on. Including complete server log entries that are relevant to the question would be, for example, one way of helping us determine if this is some sort of scripted attack, manual work of a script kiddie trying to find an XSS vector, of just a random crawler collecting URLs that it wants to parse all wrong from your JavaScript. If you could provide a link, or relevant parts of your JS code here or on PasteBin, that would be even better. Cheers! – TildalWave Apr 2 at 15:09
@TildalWave, thanks for the nudge in the right direction. In trying to extract a telling sequence from the log, I see these entries are related to css class names somehow. It is going to take some digging to make a more coherent question. – Bobbi Bennett Apr 2 at 16:37

Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Browse other questions tagged or ask your own question.