Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday 1 October 2008

Skiddiealysis - Analyzing skiddie scanners

I came across this early this morning but was far too shattered to post about it ..... so several hours and some sleep later, here it is. This comes courtesy of Insecurity.nl;

Due to the international nature of the blogging entry, it will be in english, for some non-dutch speaking internet users might be interested in it's contents. Some time ago, SavageTiger blogged about the RFI bot attacks against our servers, and the internet in general. I decided to take a look, interested in the concept of automated RFI scanners and PHP-based bots. Although the groups behind it turned out to be rather dissapointing, and I encountered a lot of horribly written code, it was a rather interesting ride as well. Let us first look at the bot SavageTiger discovered:


http://www.insecurity.nl/?strInsecurity_Component=article&intArticle_ID=111

Interestingly, our favourite skiddie, cr4nk, hasn't replied since his second e-mail this morning. Ran out of words in his vocabulary perhaps?

No comments: