While looking through apache logs today, I found a few interesting entries.
`123.45.678.9 - - [02/Jun/2013:17:42:10 +0800] "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 1105`
`123.45.678.9 - - [02/Jun/2013:17:42:11 +0800] "GET /sdk/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 1105`
Someone tried to access vmware config files on my system. Fortunately, I am not running apache as root, so no access rights. Secondly, I'm not running a VM on the system. He even tried different encoding to see to bypass probably some kind of blacklist.
And of course a few of the customary binary stuff that always comes in. Luckily all responded with 501.
Quite surprised at the volume of attacks that are coming in, I'm running a small website that has probably less than 10 backlinks so where do they harvest all the URL to spam?