Basically, we find the two most common attacks are focused on taking advantage of PHP and SQL vulnerabilities. Most of the PHP calls attempt to inject an infected http module into PHP so that control of our website is obtained. The SQL attempts appear to be mostly focused on obtaining accessing to the various system administration tools of our system
New to this years list are attempts to access third-party tools such as: google, yui, api, calendar, friendconnect, scriptaculous, mootools, umbraco, word-press, forums, etc.
In total, our 2011 consolidated hacking list contains 950 entries. A few of these can be considered to be duplicates because they only differ in punctuation, capitalization, and version numbers. However, we decided to publish these differences just to show the various extents that the hackers out there try.
The list contains two sections. The section at the top shows the GET requests. We like these because all parameters are completely shown. The bottom section contains the POST requests. While these appear to be complete and sometimes harmless, it is important to remember that the passed parameters are never displayed, thus making the POST attempts much more dangerous.
Note: Unfortunately, some of the url's exceed the width of this post and bleed across the entire width of the blog. We know this is unsightly, but we wanted to keep the content in tact.
Summary of Hacking Attempts for 2011