文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >在Apache2日志中找到黑客吗?

在Apache2日志中找到黑客吗?
EN

Security用户
提问于 2012-02-02 12:48:58
回答 2查看 4.3K关注 0票数 1

黑客攻击是一个失败,因为他们无法将创建的页面作为主页。但是我们最近在我们的网站上(通过rss)发现了一个被操纵的页面。

因此,我查看了Apache2日志,并找到了执行此操作的IP。但我不明白我做了什么。你能帮我理解一下吗?

代码语言:javascript
复制
The-IP-of-the-bad-guy - - [23/Jan/2012:00:51:49 +0100] "POST /wp-login.php HTTP/1.1" 302 979 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 ( .NET CLR 3.5.30729; .NET4.0E)"
The-IP-of-the-bad-guy - - [23/Jan/2012:00:51:50 +0100] "GET /wp-admin/ HTTP/1.1" 302 436 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 ( .NET CLR 3.5.30729; .NET4.0E)"
The-IP-of-the-bad-guy - - [23/Jan/2012:00:51:50 +0100] "GET /wp-login.php?redirect_to=http%3A%2F%2Fmy-website.com%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 6314 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 ( .NET CLR 3.5.30729; .NET4.0E)"
The-IP-of-the-bad-guy - - [23/Jan/2012:19:28:58 +0100] "POST /wp-login.php HTTP/1.1" 200 6010 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 ( .NET CLR 3.5.30729; .NET4.0E)"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:38:59 +0100] "GET /wp-login.php HTTP/1.1" 200 2267 "-" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:38:59 +0100] "GET /wp-admin/css/wp-admin.css?ver=20111208 HTTP/1.1" 200 21939 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-includes/js/thickbox/thickbox.js?ver=3.1-20111117 HTTP/1.1" 200 4185 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-includes/js/thickbox/thickbox.css?ver=20111117 HTTP/1.1" 200 1473 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.2 HTTP/1.1" 200 842 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-content/plugins/joliprint/js/wp_joliprint-min.js?ver=1.3.0 HTTP/1.1" 200 1200 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-includes/js/jquery/jquery.js?ver=1.7.1 HTTP/1.1" 200 33557 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:00 +0100] "GET /wp-admin/css/colors-fresh.css?ver=20111206 HTTP/1.1" 200 6818 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:01 +0100] "GET /wp-admin/images/logo-login.png HTTP/1.1" 200 9240 "http://my-website.com/wp-admin/css/wp-admin.css?ver=20111208" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:01 +0100] "GET /wp-admin/images/button-grad.png HTTP/1.1" 200 589 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:01 +0100] "GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1" 200 6235 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:01 +0100] "GET /favicon.ico HTTP/1.1" 200 292 "-" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:50 +0100] "GET /wp-admin/images/button-grad-active.png HTTP/1.1" 200 632 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:51 +0100] "POST /wp-login.php HTTP/1.1" 302 999 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:51 +0100] "GET /wp-admin/ HTTP/1.1" 200 10632 "http://my-website.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-content/plugins/akismet/akismet.css?ver=2.5.4.4 HTTP/1.1" 200 902 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin,wp-pointer&ver=1747f87854de3d4df3fdb74e9ef12757 HTTP/1.1" 200 24054 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-content/plugins/nextgen-gallery/admin/css/menu.css?ver=3.3.1 HTTP/1.1" 200 638 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-content/plugins/akismet/akismet.js?ver=2.5.4.6 HTTP/1.1" 200 1909 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-content/plugins/google-analyticator/jquery.sparkline.min.js?ver=1.5.1 HTTP/1.1" 200 5591 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-admin/load-scripts.php?c=0&load=jquery,utils&ver=edec3fab0cb6297ea474806db1895fa7 HTTP/1.1" 200 34157 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-admin/images/media-button.png?ver=20111005 HTTP/1.1" 200 3465 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-admin/images/wpspin_light.gif HTTP/1.1" 200 2541 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:52 +0100] "GET /wp-admin/load-scripts.php?c=0&load=admin-bar,thickbox,hoverIntent,common,jquery-color,wp-ajax-response,wp-lists,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,quicktags,jquery-query,admin-comments,dashboard,plugin-install,media-upload,jquery-ui-position,wp-pointer&ver=34baa2862d9a262745d9c88bef79a2b1 HTTP/1.1" 200 34460 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-admin/images/menu-shadow.png HTTP/1.1" 200 477 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-admin/images/menu.png?ver=20111128 HTTP/1.1" 200 10029 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-admin/images/arrows.png HTTP/1.1" 200 841 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-admin/images/icons32.png?ver=20111206 HTTP/1.1" 200 13791 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-admin/images/white-grad.png HTTP/1.1" 200 556 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-includes/images/admin-bar-sprite.png?d=20111130 HTTP/1.1" 200 4347 "http://my-website.com/wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin,wp-pointer&ver=1747f87854de3d4df3fdb74e9ef12757" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 432 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-includes/images/icon-pointer-flag.png HTTP/1.1" 200 1130 "http://my-website.com/wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin,wp-pointer&ver=1747f87854de3d4df3fdb74e9ef12757" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-includes/images/xit.gif HTTP/1.1" 200 528 "http://my-website.com/wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin,wp-pointer&ver=1747f87854de3d4df3fdb74e9ef12757" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "GET /wp-includes/images/arrow-pointer-blue.png HTTP/1.1" 200 1306 "http://my-website.com/wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin,wp-pointer&ver=1747f87854de3d4df3fdb74e9ef12757" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:53 +0100] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 1402 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:57 +0100] "GET /wp-admin/tools.php HTTP/1.1" 200 6074 "http://my-website.com/wp-admin/" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:58 +0100] "GET /wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin&ver=7f0753feec257518ac1fec83d5bced6a HTTP/1.1" 200 23518 "http://my-website.com/wp-admin/tools.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:58 +0100] "GET /wp-admin/load-scripts.php?c=0&load=admin-bar,thickbox,hoverIntent,common,jquery-color,wp-ajax-response,wp-lists,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,media-upload&ver=29164086bcacfd9628adb3ba7e6061c9 HTTP/1.1" 200 22963 "http://my-website.com/wp-admin/tools.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:58 +0100] "GET /wp-admin/images/press-this.png HTTP/1.1" 200 1165 "http://my-website.com/wp-admin/load-styles.php?c=0&dir=ltr&load=admin-bar,wp-admin&ver=7f0753feec257518ac1fec83d5bced6a" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:39:58 +0100] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 432 "http://my-website.com/wp-admin/tools.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:01 +0100] "GET /wp-admin/edit-comments.php HTTP/1.1" 200 17215 "http://my-website.com/wp-admin/tools.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-content/plugins/subscribe-to-comments-reloaded/post-and-comments.css?ver=3.3.1 HTTP/1.1" 200 540 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-content/plugins/subscribe-to-comments-reloaded/images/subscribe-to-comments-small.png HTTP/1.1" 200 1818 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-includes/images/smilies/icon_wink.gif HTTP/1.1" 200 516 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-includes/css/editor-buttons.css?ver=20111114 HTTP/1.1" 200 6619 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-admin/load-styles.php?c=0&dir=ltr&load=wp-jquery-ui-dialog&ver=3e676db9ea65504c756e11cf9a70be9e HTTP/1.1" 200 1429 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-includes/images/smilies/icon_smile.gif HTTP/1.1" 200 521 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-admin/images/menu-bits.gif?ver=20100610 HTTP/1.1" 200 1487 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-admin/images/bubble_bg.gif HTTP/1.1" 200 742 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "GET /wp-admin/load-scripts.php?c=0&load=admin-bar,thickbox,hoverIntent,common,jquery-color,wp-ajax-response,wp-lists,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,quicktags,jquery-query,admin-comments,media-upload,word-count,jquery-ui-resizable,jquery-ui-draggable,jquery-ui-button,jquery-ui-position,jquery-ui-dialog,wpdialogs,wplink,wpdialogs-popup&ver=d340fd552393b5ce31a5bf215e6761b1 HTTP/1.1" 200 50472 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:02 +0100] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 432 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:12 +0100] "GET /wp-admin/edit.php HTTP/1.1" 200 15549 "http://my-website.com/wp-admin/edit-comments.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:13 +0100] "GET /wp-includes/images/blank.gif HTTP/1.1" 200 388 "http://my-website.com/wp-admin/edit.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:13 +0100] "GET /wp-admin/images/comment-grey-bubble.png HTTP/1.1" 200 504 "http://my-website.com/wp-admin/edit.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:13 +0100] "GET /wp-admin/images/list.png HTTP/1.1" 200 1452 "http://my-website.com/wp-admin/css/colors-fresh.css?ver=20111206" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:13 +0100] "GET /wp-admin/load-scripts.php?c=0&load=admin-bar,thickbox,hoverIntent,common,jquery-color,wp-ajax-response,wp-lists,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,suggest,inline-edit-post,media-upload&ver=4f3c823d59bcbf4c7a95fc1bf0635c82 HTTP/1.1" 200 26034 "http://my-website.com/wp-admin/edit.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
The-IP-of-the-bad-guy - - [25/Jan/2012:16:40:13 +0100] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 432 "http://my-website.com/wp-admin/edit.php" "Mozilla/5.0 (Windows NT 6.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"

完整日志:http://pastebin.com/2NLdc4uV

apache
wordpress
exploit
logging
EN

回答 2

Security用户

回答已采纳

发布于 2012-02-02 15:47:59

除了更改apache额外记录POST数据之外,确保您使用的是wordpress的最新版本,而不是使用已知功绩的任何插件。

此外,有关硬化的建议和被黑时应做什么(升级、更改密码、检查漏洞等),请参见wordpress。

票数 4
EN

Security用户

发布于 2012-02-02 14:40:48

我猜,无论出现什么问题,都会出现在POST /wp-login.php条目中。之后,攻击者的IP似乎可以访问。默认的Apache设置不记录POST数据,因此不可能在不修复实例和记录数据以查看是否再次发生的情况下恢复发出的请求。

票数 3
EN
页面原文内容由Security提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://security.stackexchange.com/questions/11309

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档