TinyPortal

General => Chit chat => Topic started by: AVainberg on April 08, 2006, 05:14:43 PM

Title: xmlrpc hacking danger
Post by: AVainberg on April 08, 2006, 05:14:43 PM
If you have xmlrpc on your server consider removing this script. I get a lot of hackers trying to run this script. It looks like they are able to take control of your machine with this script.  :knuppel2:
Title: Re: xmlrpc hacking danger
Post by: TwinsX2Dad on April 09, 2006, 12:47:41 AM
If you're running any recent implementation (1.01-1.06) of XML-RPC, this is absolutely not an issue. What you're interpreting as a 'hacker' is probably a remote function call originating from something you need. Removing it can limit your site's functionality.

XML-RPC is widely supported, with bindings for Python, Perl, Java, C, C++, Tcl, KDE, Zope, AppleScript, Unicode, Microsoft .NET, Ruby, Rebol, Delphi and other languages. If you have anything which needs to make remote process calls through XML, you're probably going to need it on your server.
Title: Re: xmlrpc hacking danger
Post by: AVainberg on April 09, 2006, 02:02:32 AM
Thank you for the answer. So far I do not think that I need remote procedure calls. I use only TP & SMF to my understanding there is no xmlrpc in TP. Also xmlrpc is not present in my folder. I just look in the error log files and I see 5-10 calls from IP address around the globe (PL, CZ, JP, USA) and I interpreted this calls to be from hackers. Maybe I am wrong.