Answer the question
In order to leave comments, you need to log in
C
C
cicatrix2019-05-06 09:44:34
cicatrix, 2019-05-06 09:44:34
Hacking attempt, what did the "hacker" want to achieve?
I looked through the logs today, drew attention to another hacking attempt, as I understand it.
Since there is no php interpreter on the asp.net server in principle, the attempts are miserable, but just curious what the person wanted to achieve and what is this "magic" combination 238947899389478923-34567343546345 ?
Here is an excerpt from the log:
[06.05.2019 06:44:14] RQ from 163.232.57.44[CHR(0)]{${print(238947899389478923-34567343546345)}}, 5.135.230.129 url= ххх
[06.05.2019 06:44:14] Session start for 163.232.57.44[CHR(0)]{${print(238947899389478923-34567343546345)}}, 5.135.230.129 sid=j4w2zjc1yuzenufjzd3u2akn
[06.05.2019 06:44:14] RQ from 163.232.57.44[CHR(0)]<?php print(238947899389478923-34567343546345); ?>, 5.135.230.129 url= ххх
[06.05.2019 06:44:14] Session start for 163.232.57.44[CHR(0)]<?php print(238947899389478923-34567343546345); ?>, 5.135.230.129 sid=lgjrfbv5q1f2biggvp1ckbrr
[06.05.2019 06:44:14] RQ from 163.232.57.44[CHR(0)]'<?php print(238947899389478923-34567343546345); ?>', 5.135.230.129 url= ххх
[06.05.2019 06:44:14] Session start for 163.232.57.44[CHR(0)]'<?php print(238947899389478923-34567343546345); ?>', 5.135.230.129 sid=5klmtftlo5bwz3k2mb5lj5vg
[06.05.2019 06:44:15] RQ from 163.232.57.44[CHR(0)]"<?php print(238947899389478923-34567343546345); ?>", 5.135.230.129 url= ххх
[06.05.2019 06:44:15] Session start for 163.232.57.44[CHR(0)]"<?php print(238947899389478923-34567343546345); ?>", 5.135.230.129 sid=svpmdxrsj1iukozmnpepqucl
[06.05.2019 06:44:15] RQ from 163.232.57.44[CHR(0)]'{${print(238947899389478923-34567343546345)}}', 5.135.230.129 url= ххх
[06.05.2019 06:44:15] Session start for 163.232.57.44[CHR(0)]'{${print(238947899389478923-34567343546345)}}', 5.135.230.129 sid=f5myywg5gjndhfpy3coixu3m
[06.05.2019 06:44:16] RQ from 163.232.57.44[CHR(0)]"{${print(238947899389478923-34567343546345)}}", 5.135.230.129 url= ххх
[06.05.2019 06:44:16] Session start for 163.232.57.44[CHR(0)]"{${print(238947899389478923-34567343546345)}}", 5.135.230.129 sid=c4k1pkvycjgjflcdct4ntdkb
[06.05.2019 06:44:16] RQ from 163.232.57.44[CHR(0)]'];print(238947899389478923-34567343546345);//, 5.135.230.129 url= ххх
[06.05.2019 06:44:16] Session start for 163.232.57.44[CHR(0)]'];print(238947899389478923-34567343546345);//, 5.135.230.129 sid=2vwvsavhbqk4nxdaqalqj0jo
[06.05.2019 06:44:17] RQ from 163.232.57.44[CHR(0)]"];print(238947899389478923-34567343546345);//, 5.135.230.129 url= ххх
[06.05.2019 06:44:17] Session start for 163.232.57.44[CHR(0)]"];print(238947899389478923-34567343546345);//, 5.135.230.129 sid=4ilglrkrlcvxv53hdobq1bw4
[06.05.2019 06:44:17] RQ from 163.232.57.44[CHR(0)]');print(238947899389478923-34567343546345);//, 5.135.230.129 url= ххх
[06.05.2019 06:44:17] Session start for 163.232.57.44[CHR(0)]');print(238947899389478923-34567343546345);//, 5.135.230.129 sid=ta5slw3vrxdi2r3tagsrh1ii
[06.05.2019 06:44:18] RQ from 163.232.57.44[CHR(0)]");print(238947899389478923-34567343546345);//, 5.135.230.129 url= ххх
[06.05.2019 06:44:18] Session start for 163.232.57.44[CHR(0)]");print(238947899389478923-34567343546345);//, 5.135.230.129 sid=hxpupmql5zfbfmhcws2nzujr
[06.05.2019 06:44:18] RQ from 163.232.57.44[CHR(0)]}print(238947899389478923-34567343546345);{, 5.135.230.129 url= ххх
[06.05.2019 06:44:18] Session start for 163.232.57.44[CHR(0)]}print(238947899389478923-34567343546345);{, 5.135.230.129 sid=fn0k00r2fw532fpty1lj4xrw
Similar questions
T
D
M
B
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question