2018年2月17日 星期六

從 Web Log 學習系統漏洞 4

最近又有新的入侵狀況, 查了一下估狗大神, 應該是 NAS 上面的漏洞

WebDAV (Web-based Distributed Authoring and Versioning), 是一個HTTP(S)的延伸通訊協定, 讓你的網頁伺服器成為一個標準的網路磁碟. 在WebDAV的支援下, NAS使用者將可以用HTTP(S)的協定來遠端讀寫網路磁碟

186.95.81.73 - - [15/Feb/2018:20:21:09 +0800] "GET / HTTP/1.0" 200 1527
186.95.81.73 - - [15/Feb/2018:20:21:20 +0800] "GET /webdav HTTP/1.0" 404 204
186.95.81.73 - - [15/Feb/2018:20:22:11 +0800] "GET / HTTP/1.0" 200 1527
186.95.81.73 - - [15/Feb/2018:20:22:12 +0800] "GET / HTTP/1.0" 200 1527
92.30.47.173 - - [16/Feb/2018:13:34:43 +0800] "GET / HTTP/1.0" 200 1527

92.30.47.173 - - [16/Feb/2018:13:35:14 +0800] "GET /webdav HTTP/1.0" 404 204
92.30.47.173 - - [16/Feb/2018:13:35:34 +0800] "GET /webdav HTTP/1.0" 404 204
92.30.47.173 - - [16/Feb/2018:13:36:15 +0800] "GET / HTTP/1.0" 200 1527
223.105.4.250 - - [16/Feb/2018:14:26:26 +0800] "GET http://112.124.127.162:83/index.php HTTP/1.1" 404 207
176.45.186.255 - - [16/Feb/2018:17:25:29 +0800] "GET / HTTP/1.0" 200 1527
176.45.186.255 - - [16/Feb/2018:17:25:59 +0800] "GET /webdav HTTP/1.0" 404 204
176.45.186.255 - - [16/Feb/2018:17:26:40 +0800] "GET /webdav HTTP/1.0" 404 204
176.45.186.255 - - [16/Feb/2018:17:27:01 +0800] "GET / HTTP/1.0" 200 1527
87.240.201.119 - - [16/Feb/2018:19:01:42 +0800] "GET / HTTP/1.0" 200 1527
66.240.205.34 - - [16/Feb/2018:20:17:29 +0800] "Gh0st\xad" 400 226
155.94.88.138 - - [16/Feb/2018:20:48:44 +0800] "GET / HTTP/1.0" 200 1527
41.141.22.175 - - [16/Feb/2018:20:58:54 +0800] "GET / HTTP/1.0" 200 1527
41.141.22.175 - - [16/Feb/2018:20:59:05 +0800] "GET /webdav HTTP/1.0" 404 204
41.141.22.175 - - [16/Feb/2018:20:59:55 +0800] "GET / HTTP/1.0" 200 1527
41.141.22.175 - - [16/Feb/2018:20:59:56 +0800] "GET / HTTP/1.0" 200 1527
96.127.158.234 - - [17/Feb/2018:10:18:26 +0800] "SSH-2.0-Go" 400 226
96.127.158.234 - - [17/Feb/2018:10:18:31 +0800] "\x16\x03\x01" 400 226
96.127.158.235 - - [17/Feb/2018:10:18:33 +0800] "GET / HTTP/1.1" 200 1527
172.104.108.109 - - [17/Feb/2018:10:39:27 +0800] "GET / HTTP/1.1" 200 1527
47.88.195.50 - - [17/Feb/2018:12:00:19 +0800] "GET /server.js HTTP/1.1" 400 226
155.94.88.138 - - [17/Feb/2018:17:48:33 +0800] "GET / HTTP/1.0" 200 1527


at
分類:

沒有留言:

張貼留言