瑞星卡卡安全论坛

首页 » 技术交流区 » 可疑文件交流 » 大家帮我看看黑客是通过什么漏洞攻击服务器的??(紧急)
weir158 - 2010-2-5 17:08:00
大家帮我看看黑客是通过什么漏洞攻击服务器的??(紧急)
2010-01-24 16:23:59 63.185.215.56 PUT /jsky_test.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:08 63.185.215.56 PUT /jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:18 63.185.215.56 PUT /CJ/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:26 63.185.215.56 PUT /xin/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:33 63.185.215.56 PUT /fz/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:36 63.185.215.56 PUT /data/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-26 09:40:52 63.185.215.56 PUT /formytest.htm - 80 - 202.75.223.250 Mozilla/4.0+(compatible;+MSIE+6.0;+Win32) 501 0 0
2010-01-26 10:26:00 63.185.215.56 PUT /oto.htm - 80 - 78.165.83.227 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0
2010-01-28 10:55:57 63.185.215.56 PUT /oto.htm - 80 - 78.165.95.64 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0
2010-01-29 15:01:41 63.185.215.56 PUT /vupmeatsy.txt - 80 - 88.254.120.133 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0
2010-01-29 17:14:00 63.185.215.56 PUT /test_9462.html - 80 - 124.115.170.4 Mozilla/5.0+(X11;+U;+Linux;+C+-)+AppleWebKit/523.15+(KHTML,+like+Gecko,+Safari/419.3)+Qt/4.4.3 501 0 0
2010-01-29 17:14:32 63.185.215.56 PUT /fz/test_8270.html - 80 - 124.115.170.4 Mozilla/5.0+(X11;+U;+Linux;+C+-)+AppleWebKit/523.15+(KHTML,+like+Gecko,+Safari/419.3)+Qt/4.4.3 501 0 0

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
金星王子 - 2010-2-6 23:25:00
看上去应该是IE的0DAY漏洞,但是后面的系统信息发生了变化,这个漏洞似乎应该是第三方软件的(想一下IE和火狐如果同时出现被漏洞攻击,那么漏洞就应该在第三方软件上)。
1
查看完整版本: 大家帮我看看黑客是通过什么漏洞攻击服务器的??(紧急)
© 2000 - 2025 Rising Corp. Ltd.