mulrich
14/04/2007, 13h42
Salut
Un cas concret. Cette nuit c'etait un hacker qui a bien lu la liste des "tiers vulnerables", et contrairement a des autres, c'est arrête apres une premiere passage infructeuse.
/administrator/components/com_a6mambocredits/admin.a6mambocredits.php
/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php
/administrator/components/com_babackup/classes/Tar.php HTTP/1.1" /administrator/components/com_bayesiannaivefilter/lang.php HTTP/1.1" /administrator/components/com_colophon/admin.colophon.php HTTP/1.1"
/administrator/components/com_cropimage/admin.cropcanvas.php HTTP/1.1" /administrator/components/com_jim/install.jim.php HTTP/1.1" 404 14429 /administrator/components/com_kochsuite/config.kochsuite.php HTTP/1.1" /administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php
/administrator/components/com_lurm_constructor/admin.lurm_constructor.php
/administrator/components/com_mambelfish/mambelfish.class.php HTTP/1.1" /administrator/components/com_mgm/help.mgm.php HTTP/1.1" 404 14570 /administrator/components/com_mmp/help.mmp.php HTTP/1.1" 404 14275 /administrator/components/com_multibanners/extadminmenus.class.php "
/administrator/components/com_peoplebook/param.peoplebook.php HTTP/1.1" /administrator/components/com_phpshop/toolbar.phpshop.html.php HTTP/1.1" /administrator/components/com_remository/admin.remository.php HTTP/1.1" /administrator/components/com_serverstat/install.serverstat.php HTTP/1.1" /administrator/components/com_uhp/uhp_config.php HTTP/1.1" 404 14445 /administrator/components/com_webring/admin.webring.docs.php HTTP/1.1"
/components/calendar/com_calendar.php HTTP/1.1" 404 14400
/components/com_artlinks/artlinks.dispnew.php HTTP/1.1" 404 14367
/components/com_calendar.php HTTP/1.1"
/components/com_cpg/cpg.php HTTP/1.1" .fr "-"
/components/com_extcalendar/admin_events.php HTTP/1.1" 404 14338 /components/com_extended_registration/registration_detailed.inc.php
/components/com_forum/download.php HTTP/1.1" 404 14358
/components/com_galleria/galleria.html.php HTTP/1.1" 404 14442
/components/com_hashcash/server.php HTTP/1.1" 404 14341 /components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php /components/com_jd-wiki/lib/tpl/default/main.php HTTP/1.1" 404 14294 /components/com_joomlaboard/file_upload.php HTTP/1.1" 404 14384
/components/com_lmo/lmo.php HTTP/1.1"
/components/com_lmo/lmo.php HTTP/1.1"
/components/com_lmo/lmo.php HTTP/1.1" "
/components/com_loudmounth/includes/abbc/abbc.class.php HTTP/1.1" 404 /components/com_mambatstaff/mambatstaff.php HTTP/1.1" 404 14517 /components/com_mambowiki/MamboLogin.php HTTP/1.1" 404 14352
/components/com_moodle/moodle.php HTTP/1.1" 404 14418
/components/com_minibb.php HTTP/1.1" 4
/components/com_mosmedia/media.divs.php HTTP/1.1" 404 14190
/components/com_mosmedia/media.tab.php HTTP/1.1" 404 14551
/components/com_mospray/scripts/admin.php HTTP/1.1" 404 14345 /components/com_mtree/Savant2/Savant2_Plugin_textarea.php HTTP/1.1" /components/com_nfn_addressbook/nfnaddressbook.php HTTP/1.1" 404 14450 /components/com_pcchess/include.pcchess.php HTTP/1.1" 404 14272
/components/com_pccookbook/pccookbook.php HTTP/1.1" 404 14377
/components/com_performs/performs.php HTTP/1.1" 404 14359
/components/com_pollxt/conf.pollxt.php HTTP/1.1" 404 14256
/components/com_reporter/reporter.logic.php HTTP/1.1" 404 14607 /components/com_securityimages/configinsert.php HTTP/1.1" 404 14425
/components/com_securityimages/lang.php HTTP/1.1" 404 14490
/components/com_simpleboard/image_upload.php HTTP/1.1" 404 14321
/components/com_sitemap/sitemap.xml.php HTTP/1.1" 404 14259
/components/com_smf/smf.php HTTP/1.1" 404 14317 -" /components/com_swmenupro/ImageManager/Classes/ImageManager.php /components/com_thopper/inc/contact_type.php HTTP/1.1" 404 14207 /components/com_thopper/inc/itemstatus_type.php HTTP/1.1" 404 14291 /components/com_thopper/inc/projectstatus_type.php HTTP/1.1" 404 14283 /components/com_thopper/inc/request_type.php HTTP/1.1" 404 14465 /components/com_thopper/inc/responses_type.php HTTP/1.1" 404 14543 /components/com_thopper/inc/timelog_type.php HTTP/1.1" 404 14213 /components/com_thopper/inc/urgency_type.php HTTP/1.1" 404 14255 /components/com_videodb/core/videodb.class.xml.php HTTP/1.1" 404 14263 /components/com_zoom/classes/iptc/EXIF.php HTTP/1.1" 404 14550 /components/com_zoom/classes/iptc/EXIF_Makernote.php HTTP/1.1" 404
/components/minibb/index.php HTTP/1.1"
/includes/adminAttachments.php HTTP/1.1" .fr "-"
/includes/adminAvatars.php HTTP/1.1" .fr "-"
/includes/adminBackupdatabase.php HTTP/1.1"
/includes/adminBanned.php HTTP/1.1"
/includes/adminBoards.php 2.0.50727)" "-"
/includes/adminForums.php HTTP/1.1"
/includes/adminPolls.php HTTP/1.1"
/includes/adminSensored.php HTTP/1.1"
/includes/adminSmileys.php HTTP/1.1"
/includes/functions_cms.php HTTP/1.1" "-"
/includes/move.php "-"
/includes/poll.php HTTP/1.1"
/modules/calendar/mod_calendar.php HTTP/1.1"
/modules/mod_calendar.php HTTP/1.1"
/modules/mod_flatmenu.php HTTP/1.1" "-" "
/modules/mod_weather.php HTTP/1.1" "-"
/mod_cbsms_messages.php HTTP/1.1" "-"
Et c'etait une domaine *.fr.
Michael
Un cas concret. Cette nuit c'etait un hacker qui a bien lu la liste des "tiers vulnerables", et contrairement a des autres, c'est arrête apres une premiere passage infructeuse.
/administrator/components/com_a6mambocredits/admin.a6mambocredits.php
/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php
/administrator/components/com_babackup/classes/Tar.php HTTP/1.1" /administrator/components/com_bayesiannaivefilter/lang.php HTTP/1.1" /administrator/components/com_colophon/admin.colophon.php HTTP/1.1"
/administrator/components/com_cropimage/admin.cropcanvas.php HTTP/1.1" /administrator/components/com_jim/install.jim.php HTTP/1.1" 404 14429 /administrator/components/com_kochsuite/config.kochsuite.php HTTP/1.1" /administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php
/administrator/components/com_lurm_constructor/admin.lurm_constructor.php
/administrator/components/com_mambelfish/mambelfish.class.php HTTP/1.1" /administrator/components/com_mgm/help.mgm.php HTTP/1.1" 404 14570 /administrator/components/com_mmp/help.mmp.php HTTP/1.1" 404 14275 /administrator/components/com_multibanners/extadminmenus.class.php "
/administrator/components/com_peoplebook/param.peoplebook.php HTTP/1.1" /administrator/components/com_phpshop/toolbar.phpshop.html.php HTTP/1.1" /administrator/components/com_remository/admin.remository.php HTTP/1.1" /administrator/components/com_serverstat/install.serverstat.php HTTP/1.1" /administrator/components/com_uhp/uhp_config.php HTTP/1.1" 404 14445 /administrator/components/com_webring/admin.webring.docs.php HTTP/1.1"
/components/calendar/com_calendar.php HTTP/1.1" 404 14400
/components/com_artlinks/artlinks.dispnew.php HTTP/1.1" 404 14367
/components/com_calendar.php HTTP/1.1"
/components/com_cpg/cpg.php HTTP/1.1" .fr "-"
/components/com_extcalendar/admin_events.php HTTP/1.1" 404 14338 /components/com_extended_registration/registration_detailed.inc.php
/components/com_forum/download.php HTTP/1.1" 404 14358
/components/com_galleria/galleria.html.php HTTP/1.1" 404 14442
/components/com_hashcash/server.php HTTP/1.1" 404 14341 /components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php /components/com_jd-wiki/lib/tpl/default/main.php HTTP/1.1" 404 14294 /components/com_joomlaboard/file_upload.php HTTP/1.1" 404 14384
/components/com_lmo/lmo.php HTTP/1.1"
/components/com_lmo/lmo.php HTTP/1.1"
/components/com_lmo/lmo.php HTTP/1.1" "
/components/com_loudmounth/includes/abbc/abbc.class.php HTTP/1.1" 404 /components/com_mambatstaff/mambatstaff.php HTTP/1.1" 404 14517 /components/com_mambowiki/MamboLogin.php HTTP/1.1" 404 14352
/components/com_moodle/moodle.php HTTP/1.1" 404 14418
/components/com_minibb.php HTTP/1.1" 4
/components/com_mosmedia/media.divs.php HTTP/1.1" 404 14190
/components/com_mosmedia/media.tab.php HTTP/1.1" 404 14551
/components/com_mospray/scripts/admin.php HTTP/1.1" 404 14345 /components/com_mtree/Savant2/Savant2_Plugin_textarea.php HTTP/1.1" /components/com_nfn_addressbook/nfnaddressbook.php HTTP/1.1" 404 14450 /components/com_pcchess/include.pcchess.php HTTP/1.1" 404 14272
/components/com_pccookbook/pccookbook.php HTTP/1.1" 404 14377
/components/com_performs/performs.php HTTP/1.1" 404 14359
/components/com_pollxt/conf.pollxt.php HTTP/1.1" 404 14256
/components/com_reporter/reporter.logic.php HTTP/1.1" 404 14607 /components/com_securityimages/configinsert.php HTTP/1.1" 404 14425
/components/com_securityimages/lang.php HTTP/1.1" 404 14490
/components/com_simpleboard/image_upload.php HTTP/1.1" 404 14321
/components/com_sitemap/sitemap.xml.php HTTP/1.1" 404 14259
/components/com_smf/smf.php HTTP/1.1" 404 14317 -" /components/com_swmenupro/ImageManager/Classes/ImageManager.php /components/com_thopper/inc/contact_type.php HTTP/1.1" 404 14207 /components/com_thopper/inc/itemstatus_type.php HTTP/1.1" 404 14291 /components/com_thopper/inc/projectstatus_type.php HTTP/1.1" 404 14283 /components/com_thopper/inc/request_type.php HTTP/1.1" 404 14465 /components/com_thopper/inc/responses_type.php HTTP/1.1" 404 14543 /components/com_thopper/inc/timelog_type.php HTTP/1.1" 404 14213 /components/com_thopper/inc/urgency_type.php HTTP/1.1" 404 14255 /components/com_videodb/core/videodb.class.xml.php HTTP/1.1" 404 14263 /components/com_zoom/classes/iptc/EXIF.php HTTP/1.1" 404 14550 /components/com_zoom/classes/iptc/EXIF_Makernote.php HTTP/1.1" 404
/components/minibb/index.php HTTP/1.1"
/includes/adminAttachments.php HTTP/1.1" .fr "-"
/includes/adminAvatars.php HTTP/1.1" .fr "-"
/includes/adminBackupdatabase.php HTTP/1.1"
/includes/adminBanned.php HTTP/1.1"
/includes/adminBoards.php 2.0.50727)" "-"
/includes/adminForums.php HTTP/1.1"
/includes/adminPolls.php HTTP/1.1"
/includes/adminSensored.php HTTP/1.1"
/includes/adminSmileys.php HTTP/1.1"
/includes/functions_cms.php HTTP/1.1" "-"
/includes/move.php "-"
/includes/poll.php HTTP/1.1"
/modules/calendar/mod_calendar.php HTTP/1.1"
/modules/mod_calendar.php HTTP/1.1"
/modules/mod_flatmenu.php HTTP/1.1" "-" "
/modules/mod_weather.php HTTP/1.1" "-"
/mod_cbsms_messages.php HTTP/1.1" "-"
Et c'etait une domaine *.fr.
Michael