Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --48d9096c-A--
- [23/Aug/2014:14:27:18 --0400] Go6GSUWntUYAAEPaTlIAAAEG [attackers-ip] 57504 [target-server-ip] 80
- --48d9096c-B--
- POST /xmlrpc.php HTTP/1.1
- Content-Length: 215
- Host: [attackerstargetdomain.com]
- X-Forwarded-For: [attackers-ip]
- X-Varnish: 1715115807
- --48d9096c-C--
- <?xml version="1.0" encoding="iso-8859-1"?>
- <methodCall>
- <methodName>wp.getUsersBlogs</methodName>
- <params>
- <param><value>test</value></param>
- <param><value>sydney</value></param>
- </params>
- </methodCall>
- --48d9096c-F--
- HTTP/1.1 404 Not Found
- X-Powered-By: PHP/5.3.22
- Expires: Wed, 11 Jan 1984 05:00:00 GMT
- Cache-Control: no-cache, must-revalidate, max-age=0
- Pragma: no-cache
- Vary: Accept-Encoding
- Connection: close
- Content-Type: text/html; charset=UTF-8
- --48d9096c-H--
- Message: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"]
- Action: Intercepted (phase 2)
- Stopwatch: 1408818438112841 626398 (1127* 1964 -)
- Producer: ModSecurity for Apache/2.5.13 (http://www.modsecurity.org/).
- Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5
- --48d9096c-Z--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement