Lately I notice more and more XSS 'hack' attempts on my website. People trying to abuse one of my scripts to abuse other people. Now I'm not sure why my site would be of any interest to these people, but looking at the attempts in my logs apparently it is.
Anyways, normally it's a bunch of random international IP's. Examples: web01.o1.com, host243-116-dynamic.9-87-r.retail.telecomitalia.it, s7.cyrux.info, 126-130.zlt1.4nets.lv, www.betronic.de, wpc4219.amenworld.com, v3461.vps.masterhost.ru, capde022.org.
But now I found an interesting one... ninniach.student.utwente.nl
The question now is do I call the university of Twente informing them one of their students is trying XSS hacking attempts on their line, or do I let it go.
I think I'll just let it go, more trouble then it's worth really. But if you're reading this because you found this host as well (tried using index.php?a=http://usuario.bvsalud.org/faq/117.txt?? as XSS attempt) and want to take steps I'll back you up.
In the event somebody is reading this blog hoping they can XSS my site, EVERY $_GET variable is covered by intval(). So fuck off.