Error In Apache Log That I haven't Seen Before

What is this? I haven't seen or heard of this one "~!^~!^~!.html"

[Thu May 20 10:36:45 2004] [error] [client 61.135.131.173] File does
not exist: /var/www/html/~!^~!^~!.html

Does anyone have an idea of what the "~!^~!^~!" translates to?

Thanks

On 2004-05-20, Jeff <jeff@misterunix.com> wrote:
> What is this? I haven't seen or heard of this one "~!^~!^~!.html"
>
> [Thu May 20 10:36:45 2004] [error] [client 61.135.131.173] File does
> not exist: /var/www/html/~!^~!^~!.html
>
exploit hunting for faulty scripts

> What is this? I haven't seen or heard of this one "~!^~!^~!.html"
>
> [Thu May 20 10:36:45 2004] [error] [client 61.135.131.173] File does
> not exist: /var/www/html/~!^~!^~!.html
>
> Does anyone have an idea of what the "~!^~!^~!" translates to?

I noticed the same things for the first time in my logs. Interesting, the
host is on the same subnet and the second instance is the same host (what
are the odds?).

[Wed May 19 13:49:06 2004] [error] [client 61.135.131.163] File does not
exist: /home/website/pc9/~!^~!^~!.html
[Wed May 19 13:49:07 2004] [error] [client 61.135.131.163] File does not
exist: /home/jberkes/web/~!^~!^~!.html
[Thu May 20 10:02:17 2004] [error] [client 61.135.131.173] File does not
exist: /home/website/pc9/~!^~!^~!.html
[Thu May 20 10:02:18 2004] [error] [client 61.135.131.173] File does not
exist: /home/jberkes/web/~!^~!^~!.html

I suspect that this is some sort of broken crawler, rather than a random
host scanner. The reason being that my logs show this host also fetching
valid URLs on virtual hosts, so it knows the destination domain name.

61.135.131.174 - - [09/May/2004:11:23:05 -0700] "GET / HTTP/1.1" 200 5527
"-" "google"
61.135.131.174 - - [09/May/2004:11:23:06 -0700] "GET /robots.txt HTTP/1.1"
200 32 "-" "google"

So yeah, there it goes fetching the home page and robots.txt. But it lies,
I think, because Google isn't in China. The IP is in China.

--
Jem Berkes
http://www.sysdesign.ca/