KALF Computertechniek

banned: 210.44.159.49

Het is aan te raden om zo nu en dan  /var/log/apache2/access.log te controleren.
Een Chinese knuppel vindt het belangrijk om mijn databankjes te bekijken en probeert daartoe mijn PhPmYaDmIn (lol) op te starten. Ja hoor, die heb ik voor het grijpen liggen.

Te zien is hoe deze "would be hacker" meerdere phpmyadmin schrijfwijzen test in diverse hoofdmappen als /web, /admin, /db, xampp enzovoort.

iptracker biedt hier uitkomst: we hebben hier met een student te maken uit de omgeving van Jinan. (of all places!)

hackerip

De acces.log listing:
210.44.159.49 - - [08/Mar/2013:16:00:09 +0100] "GET HTTP/1.1 HTTP/1.1" 400 471 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrom
210.44.159.49 - - [08/Mar/2013:16:00:10 +0100] "GET /index.php HTTP/1.1" 500 290 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chr
210.44.159.49 - - [08/Mar/2013:16:00:15 +0100] "GET /admin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Geck
210.44.159.49 - - [08/Mar/2013:16:00:16 +0100] "GET /admin/pma/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like 
210.44.159.49 - - [08/Mar/2013:16:00:17 +0100] "GET /admin/phpmyadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:17 +0100] "GET /db/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) 
210.44.159.49 - - [08/Mar/2013:16:00:18 +0100] "GET /dbadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Ge
210.44.159.49 - - [08/Mar/2013:16:00:19 +0100] "GET /myadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Ge
210.44.159.49 - - [08/Mar/2013:16:00:19 +0100] "GET /mysql/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Geck
210.44.159.49 - - [08/Mar/2013:16:00:20 +0100] "GET /mysqladmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like
210.44.159.49 - - [08/Mar/2013:16:00:21 +0100] "GET /typo3/phpmyadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:22 +0100] "GET /phpadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like G
210.44.159.49 - - [08/Mar/2013:16:00:23 +0100] "GET /phpMyAdmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like
210.44.159.49 - - [08/Mar/2013:16:00:23 +0100] "GET /phpmyadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like
210.44.159.49 - - [08/Mar/2013:16:00:24 +0100] "GET /phpmyadmin1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, lik
210.44.159.49 - - [08/Mar/2013:16:00:25 +0100] "GET /phpmyadmin2/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, lik
210.44.159.49 - - [08/Mar/2013:16:00:26 +0100] "GET /pma/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko)
210.44.159.49 - - [08/Mar/2013:16:00:26 +0100] "GET /web/phpMyAdmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, 
210.44.159.49 - - [08/Mar/2013:16:00:27 +0100] "GET /xampp/phpmyadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:28 +0100] "GET /web/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko)
210.44.159.49 - - [08/Mar/2013:16:00:29 +0100] "GET /php-my-admin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, li
210.44.159.49 - - [08/Mar/2013:16:00:29 +0100] "GET /websql/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gec
210.44.159.49 - - [08/Mar/2013:16:00:30 +0100] "GET /phpmyadmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like
210.44.159.49 - - [08/Mar/2013:16:00:31 +0100] "GET /phpMyAdmin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like
210.44.159.49 - - [08/Mar/2013:16:00:32 +0100] "GET /phpMyAdmin-2/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, li
210.44.159.49 - - [08/Mar/2013:16:00:33 +0100] "GET /php-my-admin/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, li
210.44.159.49 - - [08/Mar/2013:16:00:33 +0100] "GET /phpMyAdmin-2.2.3/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:34 +0100] "GET /phpMyAdmin-2.2.6/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:35 +0100] "GET /phpMyAdmin-2.5.1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:36 +0100] "GET /phpMyAdmin-2.5.4/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:36 +0100] "GET /phpMyAdmin-2.5.5-rc1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K
210.44.159.49 - - [08/Mar/2013:16:00:37 +0100] "GET /phpMyAdmin-2.5.5-rc2/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K
210.44.159.49 - - [08/Mar/2013:16:00:38 +0100] "GET /phpMyAdmin-2.5.5/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:39 +0100] "GET /phpMyAdmin-2.5.5-pl1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K
210.44.159.49 - - [08/Mar/2013:16:00:40 +0100] "GET /phpMyAdmin-2.5.6-rc1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K
210.44.159.49 - - [08/Mar/2013:16:00:40 +0100] "GET /phpMyAdmin-2.5.6-rc2/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K
210.44.159.49 - - [08/Mar/2013:16:00:41 +0100] "GET /phpMyAdmin-2.5.6/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:42 +0100] "GET /phpMyAdmin-2.5.7/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML
210.44.159.49 - - [08/Mar/2013:16:00:43 +0100] "GET /phpMyAdmin-2.5.7-pl1/index.php HTTP/1.1" 302 487 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (K 

 

Drucken