0 Replies Latest reply on Jan 18, 2017 6:45 AM by WolfShade

    Hack attempt using sleep()???

    WolfShade Level 4

      Hello, all,


      I'm just curious if anyone else has had any hack attempts on their webserver using sleep() as part of an injection attempt?


      Someone in network security, here, forwarded sections of a log that show someone attempted, for an hour and a half, to slip the sleep() command in as a URL parameter, and they even tried to add bogus CFID and CFTOKEN URL parameters (I'm assuming as an attempt at session hijacking??)


      Has anyone else seen anything like this?