in MT.Net, X-Geek

Script kiddie fail

Watch out, we've got a badass over here.

Watch out, we’ve got a badass over here.

Some bored kid out there has taken to brute force attacking my webserver in the early morning. I just noticed this referrer entry on the URL:

[Redacted IP] – – [19/Jan/2016:03:33:28 -0500] “POST /wp-login.php HTTP/1.1” 200 3416 “-” “–user-agent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0”

Catch that? Whatever script Dr. Evil is trying to run here sets the referrer value by using –user-agent= as an argument. Instead, our boy genius is passing…

–user-agent=”–user-agent …”

Brilliant. Simply brilliant.