Well someone is requesting some URL's with really strange hex codes.
How can I find out what they are up to. The problem is I don't even know what code that is, it's not a hex code.
How can I find out what's going on here?
Asked
Active
Viewed 295 times
2 Answers
1
\x is an escape sequence that can be used to represent any byte, though it's more commonly used to represent bytes that do not have an associated ASCII character.
So, the snippet that you posted in the title translates to, in bytes:
18 ba 4c 03 40 ea 24 03 48 5a 6d
What this means to your web service is completely dependent on how the web server and application handle this input.
Shane Madden
- 112,982
- 12
- 174
- 248
-
It can't handle it I think but someone is up to something I found this on stackoverlow http://stackoverflow.com/questions/5202901/who-can-decode-this-code – mashup Jul 25 '11 at 15:54
1
If it's definitely not something you'd expect for your application it is entirely possible someone is doing Something Nasty (tm).
Google the URL (or an interesting part of it) and see what you get - As an example, Code Red and Nimda's patterns were published all over the internet, so if you Googled the request you would often find a page talking about the worm that was harassing your (non-Windows) web server.
Also consider blocking the requesting address(es) if they're the same ones over and over again. If it's a legit user they'll complain. If not you will have cleaner logs.
voretaq7
- 79,345
- 17
- 128
- 213