List of Some Known Hackers Injection Pages
November 12th, 2008
This website I know of has been repeatedly getting hammered by an injection attack which targets their errors.php file. It tries to force apache to run code found on the following locations. I recommend blacklisting all of the following domains from your apache, IIS access.
http://www.bvikrasnodar.ru/netcat_files/12-cmd.txt http://198.170.231.121/components/com_forum/language/1.gif http://ahack.007gb.com/rotest.txt http://bimbam.dk/readme.txt http://buqtery.cc/c99.txt http://clusty.com/search http://cr4nk.ws/h2/r57 http://freiburg.africatwin.de/Tours/i http://gosgo.com/bbs/idr.txt http://hotel682.server4you.de/include/limits/sys_cr4nk/i http://juegos0nline.webcindario.com/id.txt http://l33th4ck.altervista.org/id.txt http://l33th4ck.altervista.org/it_id.txt http://lipno.org/sql.txt http://locoputo.supergranny.ws/1.gif http://russianinterpreter.ru/images/stories/idd.txt http://senzakiakkiere.altervista.org/id.txt http://socomalliance.com/Ladders/id.txt http://warsector.ru/access2007.log http://www.aquaplant-chile.cl/info/3colong.txt http://www.bicarabuku.com/mambots/system/sql.txt http://www.bvikrasnodar.ru/netcat_files/12-cmd.txt http://www.clubdelbarman.com/forum/customavatars/license.txt http://www.concurs.org/tst.txt http://www.entru-meet.org/images/id.txt http://www.faraimusic.com/id.txt http://www.feelinedesigns.com/include/shipping/docs/sql.txt http://www.fm24forum.de/update/fissh/sys_cr4nk/cr4nk http://www.fm24forum.de/update/fissh/sys_cr4nk/i http://www.fm24forum.de/update/fissh/sys_cr4nk/love http://www.geocities.com/distovario/test.txt http://www.geocities.com/siskagita/test.txt http://www.geocities.com/sofiawila/test.txt http://www.globalcare.or.kr/donor/tst.txt http://www.guimp.com/ http://www.hexapharm.com/extranet/locales/en/id.txt http://www.iglesialcs.cl/newweb//images/.bash/errors.txt http://www.iglesialcs.cl/newweb//images/stories/.bash/km.txt http://www.infernalis.de/cms/administrator/components/com_weblinks/.%20/.bash/id.txt http://www.jirkaotte.de/112music/store/i http://www.mazcotaz.com/h http://www.mazcotaz.com/help/cmd.txt http://www.mfa.gov.bt/idara.txt%0D http://www.purpleplanet.com/components/com_jfwhois/language/idnews.txt http://www.quiwui.com/media/help/sql.txt http://www.samilglass.com/image http://www.samilglass.com/images/v6id.txt http://www.schausteller-scheit.de//header/sys_cr4nk/i http://www.stralingsrisicos.nl/images/gif/gif.txt http://www.trainershub.com/images/trainers/tst.txt http://www.usa-westen.info/Fotos/save.jpg http://www.visionundprodukt.de/vision2006/images/.bash/in.txt http://www.woodshackproductions.com/panda/mp3s/help/cmd.txt http://www.zyssetd.ch/.../test.txt
