Looks like some sort of shellbot wanting to connect to an IRC channel
#abusers on abuser.hacked.in:8080.
I've been seeing occaisonal probes for Mambo's index.php on and off
for a while now - the first part is similar to
http://nz-honeynet.org/papers/mambo-exploit-obfuscated.pdf but the
payloads are...
#abusers on abuser.hacked.in:8080.
I've been seeing occaisonal probes for Mambo's index.php on and off
for a while now - the first part is similar to
http://nz-honeynet.org/papers/mambo-exploit-obfuscated.pdf but the
payloads are...
[ more ]