We Got Hacked By… Bingbot?

Actual line from server log file (host ip and domain name altered):

Line 6618: 2017-01-30 21:12:44 W3SVC923663 WEB728 123.123.123.123 GET /companies.asp remove=1723 443 – 157.55.39.69 HTTP/1.1 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) – – http://www.website.com 200 0 0 24266 352 2515

Web application written using classic asp on IIS7 with SQL Server and hosted remotely.

  • No robots.txt.
  • Forced login only on the index.asp page.
  • All other pages don’t check for authorization.
  • All pages include navigation.asp.
  • Search.asp has <a href=’search.asp?selection=’all”>search all</a>.
  • Companies.asp has <a href=’companies.asp?remove=123′>delete</a>

True story. Today.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s