Trying to hack into a Spinneret (aka "really???")
ags
Posts: 386
I had some debug logging enabled on on my Prop server, and noticed that one (or more) individuals had made numerous attempts (while spoofing the client address to be mine) to hack into my tiny little Propeller server. There's nothing on it! It's a uController!
The source of the User-agent was Romania (not that I would be certain of that either). The attempts were to acces //myadmin, //phymyadmin, //admin, and variations.
While I understand the motivation to solve a puzzle, or spar (intellectually) with an opponent, I was surprised to see than anyone found value in that exercise.
Beware what URI you post here....
The source of the User-agent was Romania (not that I would be certain of that either). The attempts were to acces //myadmin, //phymyadmin, //admin, and variations.
While I understand the motivation to solve a puzzle, or spar (intellectually) with an opponent, I was surprised to see than anyone found value in that exercise.
Beware what URI you post here....
Comments
I assume you were using port 80 or some other "normal" port. This would be normal.
I'm 99.9999~ sure theres nothing intellectual behind it.
1. Most common: figure out a way to upload a server side script to the web server. The script can then be used to send spam without tracking back to the sender. Or the script may deliver malware payload to the client browser. Or the script may be a repository or cache of stolen data (like leaving your stolen guns buried in a neighbor's yard, rather than your own).
2. To see if there is data on the server of value; i.e. credit card numbers.
In my experience looking at thousands of log files for this kind of nonsense, most modern webserver crackers seem to be based in Estonia or Romania. I have a colleague who flies to Romania monthly where he has teams of superb software programmers who work for $5-$15 hour. I pointed out to him that it is likely the same shops are also pirates and/or crackers of one kind or another, which didn't bother him (he could never afford to have his applications developed so inexpensively in the States).
'
I guess when you live in Romania this is the most exciting thing going.(pretty sad)
'
I have thought of the Spinneret as hacker fish bate.
One Spinneret to fish them out and another to post their IP address on the net for everyone to see who they are.
'
It would be like a public service.
-Phil
I had my Spinneret on a proxy at the time it happened.
-Phil
http://www.freevalidcreditcardnumbersandporn.com
Oh, and the port is sqrt(7)
The "attack" I saw was using my own IP address as it's address. That was pretty obvious.
'
I like the new site name, Its like a treble-hook.
I'm not finding a whois entry for your domain, and I'm sure as hell not going to click on it before I do.
-Phil