цитирам Stefan Gurdev <[EMAIL PROTECTED]>:
> Vurzan sum kum City Lan mreja. Prez nqkolko dni edin ot hostovete v > mrejata neshto si igrae s men. Eto log faila na apache-to: > > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "GET ///quote.html HTTP/1.0" > 404 272 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "GET > /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd% 00 > HTTP/1.0" 404 279 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "HEAD /cgi-bin/dcboard.cgi > HTTP/1.0" 404 0 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "GET > /cgi-bin/nph-maillist.pl HTTP/1.0" 404 283 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "GET > /cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd% 00&action=view&matchview=1 > HTTP/1.0" 404 280 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "GET > /cgi-bin/ustorekeeper.pl? command=goto&file=../../../../../../../../../../etc/passwd > HTTP/1.0" 404 283 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:24 +0300] "HEAD /cgi-bin/ikonboard/ > HTTP/1.0" 404 0 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:25 +0300] "HEAD /foldoc/ HTTP/1.0" 404 > 0 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:25 +0300] "HEAD /cgi-bin/adcycle/ > HTTP/1.0" 404 0 "-" "-" > 192.168.1.3 - - [08/Jun/2003:23:06:25 +0300] "GET > /cgi-bin/store.cgi?StartID=../etc/passwd%00.html HTTP/1.0" 404 277 "-" > "-" > 192.168.1.3 - - [08/Jun/2003:23:06:25 +0300] "HEAD /cgi- bin/bbs_forum.cgi > HTTP/1.0" 404 0 "-" "-" > > > Predpolagam hosta 192.168.1.3 e zarazen s nqkakuv virus, no vse pak nqkoi > imal li e podoen problem s tova neshto. Vuzmojno li e tova da e exploit > ili neshto ot tozi sort!!! > > Blagodarq predvaritelno!!! > > P.S: Znam che nivoto v tozi mail group e mnogo visoko. Tozi posting moje > bi ne e za tuk, pisah v nqkoi forumi no taka i ne poluchih kompetenten > otgovor! > > S uvajenie, Stefan! > /cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd%00 /cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd% 00&action=view&matchview=1 /cgi-bin/ustorekeeper.pl? command=goto&file=../../../../../../../../../../etc/passwd Potrebitelq ot tozi host se opitwa da hakne Apache-to ti Nqma kakwo da se symnqwash w towa!!! Prawi opiti s s powecheto izwestni bygowe na Apache. ../../../../../../../../../../../../ - s towa se podsiurqwa che shte otide w glawnata papka / posle utiwa e /etc/passwd i se opitwa da iwede parolite ti chesno kazano towa e edin ot nai naludnichawite nachini za hakwane...za da ti dekriptira pass (oswen ako ti ne si slojil nqkoq smeshna parola) ili da izpolzwa baza danni ot kriptirani pasowe i da srywnqwa..mislq che wseki znae za tezi programki :) mislq che ako si slagash dobri stabilni pasowe na mashinata nqma da imash nikakwi problemi nito da se pritesnqwash ot podobni nachinaniq. i wse pak mojesh da adnesh edno prawilo wyw firewall-a si da dropish zaqwkite ot tozi kompiutar :))))) Играй и спечели с Автомобилен Салон София 2003 - http://auto.dir.bg ------------------------------------------------------------------- Направи си адрес в mail.bG - http://mail.bg/new/ ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================
