/manager/html(Apache Tomcat)http://123.249.24.233/POST_ip_port.php/tmUnblock.cgi/HNAP1//phpMyAdmin/scripts/setup.php(PHPMyAdmin)/pma/scripts/setup.php/myadmin/scripts/setup.php/MyAdmin/scripts/setup.php/vyvy/vyv/vy.php/cgi-sys/php5/cgi-bin/test-cgi/cgi-bin/printenv/cgi-bin/test.cgi/cgi-bin/test.pl/cgi-bin/test.sh/cgi-bin/teste.pl/cgi-bin/teste.cgi/cgi-bin/teste.sh/cgi-bin/print-env/cgi-bin/print.pl/cgi-bin/print.cgi/cgi-bin/printenv.sh/dpdp/dpd/dp.php/upup/upu/up.php/admin/fckeditor/editor/filemanager/browser/default/connectors/test.html/web-console/ServerInfo.jsp/vtigercrm//operator/basic.shtml(AXIS 206 Network Camera)/secure/ltx_conf.htm(M30X / M306 Wireless Ethernet Monitor)/syslog.htm(Linux?)
Last active
February 1, 2023 09:36
-
-
Save renancouto/0ad35842f1c536c1dbbe to your computer and use it in GitHub Desktop.
A collection of weird URLs that I think are used to exploit security vulnerabilities on web apps
Bloddy Chinese Spammers!!1
I made my server live for the first time, and within 5 minutes these requests started flowing in.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Depending on your web server, you can just shunt the traffic. For apache HTTPD I used mod_rewrite and added the following:
For our particular site this is acceptable because none of the URLs we process have the word POST in them.
And the results are the 403 Forbidden you'd expect: