From: Roland Häder Date: Mon, 1 Apr 2019 23:38:55 +0000 (+0200) Subject: Continued: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=7136865ca398b41614a80d57ae397bc1fff63c10;p=ctracker.git Continued: - added "vuln.php" which seem to be a remote-inclusion attack --- diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 3b6dd58..1a932ba 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -154,6 +154,9 @@ function initCrackerTrackerArrays () { // Server configuration (e.g. Apache) 'application/x-httpd-php', 'addtype', 'server-info', 'server-status', + // Annoying script name + 'vuln.php', + // @TODO Misc/unsorted 'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system', '&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.', @@ -235,6 +238,9 @@ function initCrackerTrackerArrays () { // Server configuration (e.g. Apache) 'application/x-httpd-php', + // Annoying script name + 'vuln.php', + // "Common" login names from VHCS exploiters 'starhack', 'DeLiMehmet', 'hisset', 'Hisset', 'delimert', 'MecTruy' ];