Faking (all) user agents

If you are going to fake a user agent, do it right :) Seeing some web scanners faking all possible browsers out there in one single request:

  • Firefox/3.6
  • Chrome/9
  • Firefox/3.0
  • Opera/9.99?
  • Safari
  • and more..

This is the actual log (searching for vulnerable oscommerce files):

 

I wonder if it is a bug in their scanners or they did on purpose to bypass user agent restrictions.

This entry was posted in log analysis, webattacks and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>