latin...@resist.ca wrote: > Thank you noodle, i was cautious because of the 200 which appears when > someone access the web page.
You see HTTP 200 because it's passed as a query string, it's just serving your index.html from the root. It's probing for a web application with a path traversal vulnerability. Interesting to see the boot.ini mixed in there with /etc/passwd, whatever garbage is vulnerable to this attack is likely cross-platform.
