Damn.. its surely not a night shop.Lyecdevf wrote: 212.76.251.82 :13 - daytime -- open
Wonder wonder. ..hmm...
--
FrankB
Code: Select all
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port11-TCP:V=4.01%I=7%D=5/7%Time=445DF6E4%P=i686-pc-linux-gnu%r(NULL,10
SF:4C,"Warning:\x20bad\x20syntax,
Code: Select all
69.81.139.197 - - [06/May/2006:18:31:38 +0200] "GET /*/pub/LBG_sig.jpg HTTP/1.1" 304 - "http://www.suck-oold.com/modules.php?name=Forums&file=viewtopic&t=719&postdays=0&postorder=asc&start=0" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7"
68.248.45.189 - - [06/May/2006:18:32:58 +0200] "GET / HTTP/1.0" 200 2843 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:32:58 +0200] "GET /aeo HTTP/1.0" 404 197 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:32:58 +0200] "GET /cgi-win/ HTTP/1.0" 404 202 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:32:59 +0200] "GET /cgibin/qsammtx HTTP/1.0" 404 208 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:32:59 +0200] "GET /cgiwin/ HTTP/1.0" 404 201 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:32:59 +0200] "GET /scripts/ HTTP/1.0" 404 202 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:00 +0200] "GET /_private/ HTTP/1.0" 404 203 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:00 +0200] "GET /cgi-win/bkl HTTP/1.0" 404 205 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:00 +0200] "GET /_vti_pvt/ HTTP/1.0" 404 203 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:00 +0200] "GET /_vti_cnf/ HTTP/1.0" 404 203 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:01 +0200] "GET /cgi-win/bqq HTTP/1.0" 404 205 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:01 +0200] "GET /_vti_bin/ HTTP/1.0" 404 203 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:01 +0200] "GET /_vti_cnf/htuzu HTTP/1.0" 404 208 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:01 +0200] "GET /bin/ HTTP/1.0" 404 198 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:41 +0200] "GET /_vti_bin/jqysr HTTP/1.0" 404 208 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:41 +0200] "GET //%2E%2E%2E%2E%2E%2E/aaaaaa/../c%6Fnf%69g%2Esys HTTP/1.0" 404 212 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:42 +0200] "GET /cgi/pubkyfc HTTP/1.0" 404 205 "-" "Mozilla/4.0 (compatible)"
68.248.45.189 - - [06/May/2006:18:33:42 +0200] "GET //cg%69-b%69n/aaaaaa/../p%61ssw%6Frds/./%75s%65rs%2Ehtx HTTP/1.0" 404 222 "-" "Mozilla/4.0 (compatible)"
If I understand, someone from here have tried to hack the guy and he's in trouble?FrankB wrote: (Roumanians never laugh with that kind of situation)
A message to the admin of this froum though, in Roumanian :
Bad_Brain : , nyy guvf vf n cenax, srry serr gb qryrgr zl cbfg, v vf hfryrff ohg shaal, rkprcg gur YBT, gung vf trahvar naq gehr )"
I don't think *he* is joking.
--
FrankB
Not exactly, it is written in 1998 by a college professor and it fits for Netware and eventually Linux kernels <2 .. in internal networks. Now, with some 'IP-spoofing', maybe, but still, we are in 2006 and many systems have Syn-flooding protected by default or by a firewall.Lyecdevf wrote:I think that the following would be the exploit for this site. It is written I believe for the open ports in our example.
Lyecdevf wrote: As I understand you need to download Apache, Perl[...]