I find this disturbing [Archive] - Armageddon Games Forums

View Full Version : I find this disturbing

Masamune

07-26-2004, 12:55 PM

I've been running a file server using WWW fileshare pro. I went through my logs and found the following.

7/26/2004 1:46:50 AM 68.121.233.25 SEARCH
7/26/2004 1:46:50 AM 68.121.233.25
7/26/2004 2:10:25 AM 68.34.194.46 SEARCH
7/26/2004 3:48:00 AM 68.34.194.46 SEARCH
7/26/2004 4:16:11 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 4:16:11 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 4:16:11 AM 68.34.107.139 GET /scripts/httpodbc.dll
7/26/2004 4:16:11 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 4:16:12 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 4:16:13 AM 68.34.107.139 GET /msadc/httpodbc.dll
7/26/2004 4:16:14 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:16:15 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:16:16 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:16:16 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:16:17 AM 68.34.107.139 GET /c/httpodbc.dll
7/26/2004 4:16:18 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:16:19 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:16:20 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:16:21 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:16:21 AM 68.34.107.139 GET /d/httpodbc.dll
7/26/2004 4:16:22 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:23 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:24 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:25 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:26 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 4:16:26 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:27 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:28 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:29 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:30 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 4:16:31 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:32 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:32 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:33 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:16:34 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 4:16:35 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:16:36 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:16:37 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:16:38 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:16:39 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/httpodbc.dll
7/26/2004 4:16:40 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:16:40 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:16:41 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:16:42 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:16:43 AM 68.34.107.139 GET /scripts/Á/httpodbc.dll
7/26/2004 4:16:44 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:16:45 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:16:46 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:16:47 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:16:48 AM 68.34.107.139 GET /scripts/À//httpodbc.dll
7/26/2004 4:16:49 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 4:16:49 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 4:16:50 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 4:16:51 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 4:16:52 AM 68.34.107.139 GET /scripts/À¯/httpodbc.dll
7/26/2004 4:16:53 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 4:16:54 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 4:16:55 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 4:16:56 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 4:16:57 AM 68.34.107.139 GET /scripts/Áœ/httpodbc.dll
7/26/2004 4:16:57 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:16:58 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:16:59 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:00 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:01 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 4:17:02 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:03 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:03 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:04 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 4:17:05 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 4:17:06 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:17:07 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:17:08 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:17:09 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:17:10 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 4:17:11 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 4:17:11 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 4:17:12 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 4:17:13 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 4:17:14 AM 68.34.107.139 GET /scripts/%2f/httpodbc.dll
7/26/2004 4:58:55 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 4:58:56 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 4:58:58 AM 68.34.107.139 GET /scripts/httpodbc.dll
7/26/2004 4:58:59 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 4:59:01 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 4:59:02 AM 68.34.107.139 GET /msadc/httpodbc.dll
7/26/2004 4:59:04 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:59:05 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:59:07 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:59:08 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 4:59:10 AM 68.34.107.139 GET /c/httpodbc.dll
7/26/2004 4:59:11 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:59:12 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:59:14 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:59:15 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 4:59:17 AM 68.34.107.139 GET /d/httpodbc.dll
7/26/2004 4:59:18 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:20 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:21 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:23 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:24 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 4:59:26 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:27 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:29 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:30 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:32 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 4:59:33 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:35 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:36 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:37 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 4:59:39 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 4:59:41 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:59:42 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:59:43 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:59:45 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 4:59:46 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/httpodbc.dll
7/26/2004 4:59:48 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:59:49 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:59:51 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:59:52 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 4:59:54 AM 68.34.107.139 GET /scripts/Á/httpodbc.dll
7/26/2004 4:59:55 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:59:57 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 4:59:58 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:00:00 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:00:01 AM 68.34.107.139 GET /scripts/À//httpodbc.dll
7/26/2004 5:00:03 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:00:04 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:00:06 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:00:07 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:00:09 AM 68.34.107.139 GET /scripts/À¯/httpodbc.dll
7/26/2004 5:00:10 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:00:11 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:00:13 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:00:14 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:00:16 AM 68.34.107.139 GET /scripts/Áœ/httpodbc.dll
7/26/2004 5:00:17 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:19 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:20 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:22 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:23 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 5:00:25 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:26 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:28 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:29 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:00:31 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 5:00:32 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:00:33 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:00:35 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:00:36 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:00:38 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 5:00:39 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:00:41 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:00:42 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:00:44 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:00:45 AM 68.34.107.139 GET /scripts/%2f/httpodbc.dll
7/26/2004 5:33:13 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 5:33:14 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 5:33:15 AM 68.34.107.139 GET /scripts/httpodbc.dll
7/26/2004 5:33:17 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 5:33:18 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 5:33:19 AM 68.34.107.139 GET /msadc/httpodbc.dll
7/26/2004 5:33:20 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 5:33:21 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 5:33:22 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 5:33:23 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 5:33:25 AM 68.34.107.139 GET /c/httpodbc.dll
7/26/2004 5:33:26 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 5:33:27 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 5:33:28 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 5:33:29 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 5:33:31 AM 68.34.107.139 GET /d/httpodbc.dll
7/26/2004 5:33:32 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:33 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:34 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:35 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:36 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 5:33:38 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:39 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:40 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:41 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:42 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 5:33:43 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:44 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:46 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:47 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 5:33:48 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 5:33:49 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 5:33:50 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 5:33:51 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 5:33:53 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 5:33:54 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/httpodbc.dll
7/26/2004 5:33:55 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 5:33:56 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 5:33:57 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 5:33:59 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 5:34:00 AM 68.34.107.139 GET /scripts/Á/httpodbc.dll
7/26/2004 5:34:01 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:34:02 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:34:04 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:34:05 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 5:34:06 AM 68.34.107.139 GET /scripts/À//httpodbc.dll
7/26/2004 5:34:07 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:34:09 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:34:10 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:34:11 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 5:34:12 AM 68.34.107.139 GET /scripts/À¯/httpodbc.dll
7/26/2004 5:34:14 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:34:15 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:34:16 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:34:17 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 5:34:19 AM 68.34.107.139 GET /scripts/Áœ/httpodbc.dll
7/26/2004 5:34:20 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:21 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:22 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:24 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:25 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 5:34:26 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:27 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:28 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:30 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 5:34:31 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 5:34:32 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:34:33 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:34:34 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:34:35 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 5:34:37 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 5:34:38 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:34:39 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:34:40 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:34:42 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 5:34:43 AM 68.34.107.139 GET /scripts/%2f/httpodbc.dll
7/26/2004 7:22:38 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 7:22:39 AM 68.34.107.139 GET /scripts/root.exe
7/26/2004 7:22:41 AM 68.34.107.139 GET /scripts/httpodbc.dll
7/26/2004 7:22:42 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 7:22:43 AM 68.34.107.139 GET /msadc/root.exe
7/26/2004 7:22:44 AM 68.34.107.139 GET /msadc/httpodbc.dll
7/26/2004 7:22:45 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 7:22:46 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 7:22:48 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 7:22:49 AM 68.34.107.139 GET /c/winnt/system32/cmd.exe
7/26/2004 7:22:50 AM 68.34.107.139 GET /c/httpodbc.dll
7/26/2004 7:22:51 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 7:22:52 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 7:22:54 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 7:22:55 AM 68.34.107.139 GET /d/winnt/system32/cmd.exe
7/26/2004 7:22:56 AM 68.34.107.139 GET /d/httpodbc.dll
7/26/2004 7:22:57 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:22:58 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:22:59 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:01 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:02 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 7:23:03 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:04 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:05 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:07 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:08 AM 68.34.107.139 GET /_vti_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 7:23:09 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:10 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:11 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:12 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:13 AM 68.34.107.139 GET /_mem_bin/%5c/%5c/%5c/httpodbc.dll
7/26/2004 7:23:14 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 7:23:16 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 7:23:17 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 7:23:18 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/winnt/system32/cmd.exe
7/26/2004 7:23:19 AM 68.34.107.139 GET /msadc/%5c/%5c/%5c/Á/Á/Á/httpodbc.dll
7/26/2004 7:23:20 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 7:23:21 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 7:23:22 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 7:23:23 AM 68.34.107.139 GET /scripts/Á/winnt/system32/cmd.exe
7/26/2004 7:23:24 AM 68.34.107.139 GET /scripts/Á/httpodbc.dll
7/26/2004 7:23:26 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 7:23:27 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 7:23:28 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 7:23:29 AM 68.34.107.139 GET /scripts/À//winnt/system32/cmd.exe
7/26/2004 7:23:30 AM 68.34.107.139 GET /scripts/À//httpodbc.dll
7/26/2004 7:23:31 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 7:23:32 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 7:23:34 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 7:23:35 AM 68.34.107.139 GET /scripts/À¯/winnt/system32/cmd.exe
7/26/2004 7:23:36 AM 68.34.107.139 GET /scripts/À¯/httpodbc.dll
7/26/2004 7:23:37 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 7:23:38 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 7:23:39 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 7:23:40 AM 68.34.107.139 GET /scripts/Áœ/winnt/system32/cmd.exe
7/26/2004 7:23:42 AM 68.34.107.139 GET /scripts/Áœ/httpodbc.dll
7/26/2004 7:23:43 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:44 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:45 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:46 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:47 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 7:23:49 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:50 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:51 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:52 AM 68.34.107.139 GET /scripts/ 5c/winnt/system32/cmd.exe
7/26/2004 7:23:53 AM 68.34.107.139 GET /scripts/ 5c/httpodbc.dll
7/26/2004 7:23:54 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:56 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:57 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:58 AM 68.34.107.139 GET /scripts/%5c/winnt/system32/cmd.exe
7/26/2004 7:23:59 AM 68.34.107.139 GET /scripts/%5c/httpodbc.dll
7/26/2004 7:24:00 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 7:24:01 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 7:24:02 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 7:24:04 AM 68.34.107.139 GET /scripts/%2f/winnt/system32/cmd.exe
7/26/2004 7:24:05 AM 68.34.107.139 GET /scripts/%2f/httpodbc.dll
7/26/2004 8:41:03 AM 24.106.133.158 GET
7/26/2004 10:53:00 AM 65.78.104.19 GET /
7/26/2004 10:53:00 AM 65.78.104.19 GET /web.css
7/26/2004 10:53:00 AM 65.78.104.19 GET /icon1.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon15.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon2.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon12.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon5.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon14.gif
7/26/2004 10:53:01 AM 65.78.104.19 GET /icon13.gif
7/26/2004 10:53:08 AM 65.78.104.19 GET /aqua teen hunger force/
7/26/2004 10:53:09 AM 65.78.104.19 GET /web.css
7/26/2004 10:53:09 AM 65.78.104.19 GET /icon15.gif
7/26/2004 10:53:09 AM 65.78.104.19 GET /icon4.gif
7/26/2004 10:53:13 AM 65.78.104.19 GET /aqua teen hunger force/athf - revenge of the mooninites.avi
7/26/2004 10:53:44 AM 65.78.104.19 GET /
7/26/2004 10:53:46 AM 65.78.104.19 GET /web.css
7/26/2004 10:53:47 AM 65.78.104.19 GET /icon15.gif
7/26/2004 10:53:48 AM 65.78.104.19 GET /icon1.gif
7/26/2004 10:53:48 AM 65.78.104.19 GET /icon2.gif
7/26/2004 10:53:49 AM 65.78.104.19 GET /icon5.gif
7/26/2004 10:53:49 AM 65.78.104.19 GET /icon12.gif
7/26/2004 10:53:51 AM 65.78.104.19 GET /icon14.gif
7/26/2004 10:53:51 AM 65.78.104.19 GET /icon13.gif
7/26/2004 10:54:06 AM 65.78.104.19 GET /favicon.ico
7/26/2004 10:56:57 AM 69.136.87.60 GET /
7/26/2004 10:57:01 AM 69.136.87.60 GET /web.css
7/26/2004 10:57:01 AM 69.136.87.60 GET /icon15.gif
7/26/2004 10:57:01 AM 69.136.87.60 GET /icon1.gif
7/26/2004 10:57:02 AM 69.136.87.60 GET /icon5.gif
7/26/2004 10:57:02 AM 69.136.87.60 GET /icon14.gif
7/26/2004 10:57:02 AM 69.136.87.60 GET /icon13.gif
7/26/2004 10:57:02 AM 69.136.87.60 GET /icon2.gif
7/26/2004 10:57:03 AM 69.136.87.60 GET /icon12.gif
7/26/2004 10:57:08 AM 69.136.87.60 GET /aqua teen hunger force/
7/26/2004 10:57:09 AM 69.136.87.60 GET /web.css
7/26/2004 10:57:09 AM 69.136.87.60 GET /icon15.gif
7/26/2004 10:57:10 AM 69.136.87.60 GET /icon4.gif
7/26/2004 10:57:12 AM 69.136.87.60 GET /aqua teen hunger force/athf - mc pee pants.avi

I keep the server root on my other hard drive. So I have no idea how cmd.exe could have been accessed at all. I closed off the port and shut off the server. Any ideas on wtf is going on?

Dechipher

07-26-2004, 12:59 PM

Yeah. That guy has a lot of free time.

AtmaWeapon

07-26-2004, 02:04 PM

Sounds like someone found an exploit. %5c and %2f are not instructions to get to directories you intended for people to get to. %5c is /, %2f is \. The person is trying to access directories outside of where you have specified file access. I wouldn't be surprised to find a few %2e s (.) scattered about in there, either.

My guess is it is their intent to use access to cmd.exe to compromise your system.

Breaker

07-26-2004, 03:53 PM

It's not unusual... there are thousands of script kiddies that go through IP ranges scanning for vulnerable ports. Most likely a bot/script came across the port that you had hosting WWW fileshare pro and tested it for *drumroll* invulnerabilities. I've been hosting an FTP and Apache server for almost 2 years and get shit like this all the time. It's harmless.

Advice: Stop using WWW Fileshare Pro. It's garbage.
This is what you want - http://httpd.apache.org/docs/windows.html

VT_Hokie_Fan

07-26-2004, 09:38 PM

u copy pasted that, right, because that was really long. Couldn't you have shortened it to, like 10 lines?

Dechipher

07-26-2004, 09:47 PM

Did kill you to scroll down those extra two seconds? No. Perhaps all of that was needed. Perhaps he wanted to look intelligent. Who cares why he posted it all? His post accomplished its intended goal, so whether or not he needed all that does not matter, as it did what it needed to do. You don't have to read through all of that. Someone might need it for reference though. There are a multiplicity of reasons.

linkofzelda1

07-27-2004, 12:25 PM

u copy pasted that, right, because that was really long. Couldn't you have shortened it to, like 10 lines?

No, he couldn't have. He needed all of it to show you how hard someone tried to get into his computer. There's no reason to even ask him.

Masamune

07-27-2004, 04:05 PM

I could have just as well pasted all 3 logs. That isn't even all of one. It's that long because he's been at it for a fucking while.

Breaker - What could be accomplished by getting my cmd.exe? Are they able to screw with anything? Or are they just being an ass?

theXused

07-30-2004, 11:15 AM

Seems like that person knows what they are doing. I would just shut down the computer for a while, so then he can't do anything to it.

gdorf

07-30-2004, 02:25 PM

Seems like that person knows what they are doing. I would just shut down the computer for a while, so then he can't do anything to it.

What are you talking about? It doesn't take "someone who knows what they are doing" for this shit. Anyone can use nmap, then find a download for "exploitz" and try to run them on an already vulnerable computer. Someone who "knows what they are doing" wouldn't be trying to gain access to masamunes web server, for one thing.

Masa, either patch your software, or, as breaker suggested, get better software, and you'll be fine. "Turn off the computer" pfft.

AtmaWeapon

07-30-2004, 07:29 PM

What are you talking about? It doesn't take "someone who knows what they are doing" for this shit. Anyone can use nmap, then find a download for "exploitz" and try to run them on an already vulnerable computer. Someone who "knows what they are doing" wouldn't be trying to gain access to masamunes web server, for one thing.

Masa, either patch your software, or, as breaker suggested, get better software, and you'll be fine. "Turn off the computer" pfft.

Word. Masa's getting hit by a script kiddie, someone who doesn't know anything about how to hack other than "d0wnl04d th3z3 4ppZ 4 h4><!" There are very few people who know less about what they are doing than a script kiddie.

Masamune

07-30-2004, 07:42 PM

That makes me a feel a little better. But what's the point of doing what they're doing? They actually trying to do something, or just piss me off? Because this shit goes on for hours at a time. Either it's a bot or someone with way too much time on their hands.

Rainman

07-31-2004, 12:31 PM

Script Kiddie = someone with way too much time on their hands

It goes with the definition. :/

AtmaWeapon

07-31-2004, 02:14 PM

Script kiddies do it so they can brag to their friends about what a krad doomster of the apocalypse they are. They don't know what they are doing, nor do they care, they just know that the people they want to impress don't know how to do it and fear him because he can.

Here's how it works. There's 3 kinds of people in this area, listed in order of danger: script kiddies, crackers, and hackers. A hacker you don't need to worry about. If a hacker takes over your system while you are not on it, odds are you won't know. Used to, they'd apply the patch to fix the vulnerability, but sometimes the patches break other programs so most hackers don't do that anymore. A cracker you don't want. They try to get through security so they can screw things up and break your computer because "you should have known better than to use X program". A script kiddie is a cracker that doesn't know how to find new exploits, only how to work with common exploits and usually only by using tools he downloads.

It makes sense why they do what they do when you look at how they gain the admiration of their peers. A script kiddie usually has a lot of friends that also have no idea what they are doing. The more boxes he can "hack" in a way that they can see it has been hacked the more valid he looks to them, no matter how difficult/easy the hack was.

A cracker wants high visibility or usefulness of what he is breaking. A cracker's reputation is measured by the difficulty of their successes. Notice in The Matrix, Neo was impressed by Trinity because she "cracked the IRS dbase". It is believed that any hacker that pulls this feat off and gets away with it is instantly transported to heaven by a host of angels.

A hacker wants as low visibility as possible. When a hacker tells his friends what he did, he brags about the technique he used rather than the importance of the computer hacked. A good portion of security bulletins are posted as the result of a hacker's report on the exploit. Hackers are motivated by curiosity about security, so the admiration of peers isn't as important as it is to a script kiddie or cracker.

In short, a script kiddie gets his ePenis++ by doing simple, well-known exploits en masse and scaring his friends that don't know how he did it. A cracker gets his ePenis++ by making some high-visibility or important site either stop functioning or by taking it over. A hacker gets his ePenis++ when he finds a system configuration he's never met before and waltzes around its security while not damaging the box in either way.

Fun fact: Both hackers and crackers HATE script kiddies.

gdorf

07-31-2004, 02:22 PM

That makes me a feel a little better. But what's the point of doing what they're doing? They actually trying to do something, or just piss me off? Because this shit goes on for hours at a time. Either it's a bot or someone with way too much time on their hands.

Is your software patched? Then your most likely fine. Remember, as Atma pointed out, these kids can't find anything of their own. They try to find computers running programs that haven't been patched in months and download exploits pre-made for that program/version. So, I reitterate: Patch, Upgrade, enjoy. :)

Masamune

07-31-2004, 03:06 PM

The latest version is 2.60 which I already have. And the only patch I see available is an upgrade from 2.50 to 2.60. I dled it and installed it anyway just to be safe.

Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.