lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <534C5338.6030107@suche.org>
Date: Mon, 14 Apr 2014 23:29:28 +0200
From: Thomas Lußnig <lussnig@...he.org>
To: fulldisclosure@...lists.org
Subject: [FD] New PHP-Attack Vector ?

In the last few days i see more and more scan's for an new php url
"/phpTest/zologize/axa.php" i never seen before on the server.
I think this can be an preparation for an new attack. Is there anything
known about this url and possible defects ?

Information: No Header is send with the request and no Query Parameter
is send.

IP's that Scanned the URL:
61.230.22.153  
54.200.15.115  
61.19.83.194   
103.13.30.157  
109.184.190.223
219.144.196.190
219.90.114.133 
221.215.217.106
140.116.102.61 


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ