WebApp Sec mailing list archives
RE: Mambo, Coppermine and PHPBB Attacks
From: "John Cobb" <johnc () nobytes com>
Date: Mon, 19 Dec 2005 11:26:47 -0000
Hi Ryan, I have also noticed a lot of attacks recently. I think this is possibly thanks to a new worm/irc bot running on *nix. Recent report I have received: Requests with error response codes 403 Forbidden /: 1 Time(s) 404 Not Found /Forums/admin/admin_styles.phpadmin_styles ... cho%20YYY;echo|: 2 Time(s) /blog/xmlrpc.php: 1 Time(s) /blog/xmlsrv/xmlrpc.php: 1 Time(s) /blogs/xmlsrv/xmlrpc.php: 1 Time(s) /drupal/xmlrpc.php: 1 Time(s) /modules/Forums/admin/admin_styles.phpadmi ... cho%20YYY;echo|: 2 Time(s) /phpgroupware/xmlrpc.php: 1 Time(s) /sumthin: 1 Time(s) /wordpress/xmlrpc.php: 1 Time(s) /xmlrpc.php: 3 Time(s) /xmlrpc/xmlrpc.php: 1 Time(s) /xmlsrv/xmlrpc.php: 1 Time(s) 405 Method Not Allowed 1.3.3.7:1337: 1 Time(s) Regards John Cobb www.nobytes.com -----Original Message----- From: Mark Ryan del Moral Talabis [mailto:talabis () gmail com] Sent: Monday, December 19, 2005 6:24 AM To: webappsec () securityfocus com Subject: Mambo, Coppermine and PHPBB Attacks Our honeynet has been picking up an increase in the number of code injection attacks in the past few days. Attacks are primarily directed to several popular open source applications: Mambo, Coppermine and PHPBB. Analysis: http://www.philippinehoneynet.org/dataarchive.php?date=2005-12-17 Ryan Talabis Lead Analyst Philippine Honeynet Project http://www.philippinehoneynet.org
Current thread:
- Mambo, Coppermine and PHPBB Attacks Mark Ryan del Moral Talabis (Dec 18)
- RE: Mambo, Coppermine and PHPBB Attacks John Cobb (Dec 19)
- Re: Mambo, Coppermine and PHPBB Attacks Paul Laudanski (Dec 20)
- Re: Mambo, Coppermine and PHPBB Attacks Tofik Suleymanov (Dec 20)
- Re: Mambo, Coppermine and PHPBB Attacks Paul Laudanski (Dec 21)
- Re: Mambo, Coppermine and PHPBB Attacks Yasuo Ohgaki (Dec 24)
- Re: Mambo, Coppermine and PHPBB Attacks Paul Laudanski (Dec 24)
- Re: Mambo, Coppermine and PHPBB Attacks Yasuo Ohgaki (Dec 25)
- Re: Mambo, Coppermine and PHPBB Attacks Paul Laudanski (Dec 25)
- Re: Mambo, Coppermine and PHPBB Attacks Yasuo Ohgaki (Dec 29)
- Re: Mambo, Coppermine and PHPBB Attacks ascii (Dec 29)
- Re: Mambo, Coppermine and PHPBB Attacks Andrew van der Stock (Dec 29)
- Re: Mambo, Coppermine and PHPBB Attacks Tofik Suleymanov (Dec 20)