22:07:17
shinmera
I think I finally figured out and fixed one of the weirder crash sources in ldapper.
22:07:29
shinmera
Also noticed from the log that someone was desperately trying to run sql injections, lol
22:08:07
shinmera
very cool that we have just millions of bot computers out there constantly hammering every possible webpage for basic exploits
22:11:32
Colleen
applied-langua.ge/wp-foo/ is specially set up to leave a surprise for scanners who think we run WordPress.
22:11:32
hayley
applied-langua.ge/wp-foo/ is specially set up to leave a surprise for scanners who think we run WordPress.
22:13:41
shinmera
here's some of the strings they tried for usernames: anon/**/and/**/cast(md5('1019524963')as/**/int)>0
22:14:13
shinmera
anon'and/**/convert(int,sys.fn_sqlvarbasetostr(hashbytes('md5','1732621225')))>'0'
22:26:28
shinmera
ooh, juicy https://github.com/dvershinin/nginx-honeypot/
22:26:33
shinmera
might give this a try some time
6:18:07
shinmera
they were already gone