WordPress.org

1. joex
   Member
   Posted 5 months ago #

   My sitemaps have recently started generating locations for areas that don't even exist on my site, pointing to scripts for phpMyAdmin, zingiri-web-shop, and others.

   Here is an example of some of the locations generated in the xml.gz files:
   

   <!--
     <gen:info>
       <gen:name>Google Sitemap Generator</gen:name>
       <gen:version>1.0.0.0</gen:version>
       <gen:date>2011-12-17T17:07:13Z</gen:date>
     </gen:info>
   -->
   <url>
     <loc>http://example.com/phpMyAdmin-2.6.0/scripts/setup.php</loc>
     <lastmod>2011-12-17T16:29:31Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/mysql-admin/scripts/setup.php</loc>
     <lastmod>2011-12-17T16:25:12Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/webadmin/index.php</loc>
     <lastmod>2011-12-17T16:36:02Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/sqlmanager/scripts/setup.php</loc>
     <lastmod>2011-12-17T16:40:56Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com//mysql/setup/index.php</loc>
     <lastmod>2011-11-14T14:09:48Z</lastmod>
     <changefreq>hourly</changefreq>
     <priority>0.1</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/wp-content/plugins/zingiri-web-shop/load.php</loc>
     <lastmod>2011-12-17T16:38:59Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/admin/phpmyadmin/scripts/setup.php</loc>
     <lastmod>2011-12-17T16:24:39Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com//phpMyAdmin-2.6.0-rc1/scripts/setup.php</loc>
     <lastmod>2011-12-09T18:54:10Z</lastmod>
     <changefreq>hourly</changefreq>
     <priority>0.1</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com//admin/setup/index.php</loc>
     <lastmod>2011-11-14T14:09:44Z</lastmod>
     <changefreq>hourly</changefreq>
     <priority>0.1</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/mysql-admin/setup/index.php</loc>
     <lastmod>2011-11-22T21:21:00Z</lastmod>
     <changefreq>monthly</changefreq>
     <priority>0.7</priority>
     <mobile:mobile/></url>
   <url>
     <loc>http://example.com/pma/index.php</loc>
     <lastmod>2011-12-07T18:30:10Z</lastmod>
     <changefreq>yearly</changefreq>
     <priority>0.8</priority>
     <mobile:mobile/></url>

   Does anyone know why these may be getting generated? It almost appears as some kind of brute force to see if vulnerable scripts exist in these locations, as after these files were generated, the 404 logs in my server went ballistic!

   http://wordpress.org/extend/plugins/google-sitemap-generator/

2. Arne
   Member
   Posted 5 months ago #

   That file is not from the sitemaps plugin. The plugin doesnt generate anything like "gen:info"

3. joex
   Member
   Posted 5 months ago #

   You're right, sorry about the mix up. This is coming from something else.
   Thanks for the reply.

Reply

You must log in to post.