不了阁

才开了一天的服务器,就收到很多异常的访问请求,也不知道这个Z-Blog的程序代码是否有漏洞!

郑鹏飞4年前本站建设/Z-BlogPHP992

我的网站刚开,都还没正式的向外人公布访问的域名,并且访问时绑定了域名的,为什么这些IP一来就直接向网站的需要登录授权的模块发起访问?

是不是Z-Blog早就已经存在了很多未授权可以直接访问后台的漏洞?


101.89.19.197     7/31/2022     18:00:43     /zb_system/cmd.php     act=ArticlePst&csrfToken=c602d9a74f53059e014313a4022cff29    
101.89.239.245     7/31/2022     16:36:17     /zb_system/cmd.php     act=ArticlePst&csrfToken=acec4ff415133604bbe4f01282fbc73f    
101.89.239.245     7/31/2022     21:51:24     /zb_system/cmd.php     act=MemberMng    
101.89.29.78     7/31/2022     15:23:30     /zb_system/admin/index.php     act=admin    
101.89.29.78     7/31/2022     15:26:49     /zb_system/cmd.php     act=CategoryMng    
101.89.29.78     7/31/2022     15:27:45     /zb_users/plugin/LinksManage/main.php     edit=navbar    
101.89.29.78     7/31/2022     15:35:51     /zb_users/plugin/Totoro/save_setting.php     -    
101.89.29.78     7/31/2022     18:25:38     /zb_system/admin/index.php     act=MemberMng    
101.89.29.78     7/31/2022     19:32:37     /zb_users/plugin/STACentre/list.php     -    
101.91.60.12     7/31/2022     15:38:28     /zb_system/cmd.php     act=SettingSav&csrfToken=a8543280d1984a59c2268184b3e5bdb1    
101.91.60.12     7/31/2022     15:47:03     /zb_system/cmd.php     act=ModuleMng    
101.91.60.12     7/31/2022     15:47:21     /zb_system/cmd.php     act=UploadMng    
180.101.244.11     7/31/2022     19:43:40     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659267433103    
180.101.244.13     7/31/2022     15:24:11     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659251724435    
180.101.244.13     7/31/2022     20:17:55     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659269331359    
180.101.244.14     7/31/2022     13:09:20     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659243268903    
180.101.244.14     7/31/2022     16:59:13     /zb_system/cmd.php     act=TagDel&id=7&csrfToken=acec4ff415133604bbe4f01282fbc73f    
180.101.244.14     7/31/2022     19:59:43     /zb_system/cmd.php     act=ArticlePst&csrfToken=a32c09e643ee5dcc44d7d9eab3c60f3c    
180.101.244.15     7/31/2022     16:13:03     /zb_system/cmd.php     act=PageEdt&id=11    
180.101.244.15     7/31/2022     21:27:21     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659273740854    
180.101.244.16     7/31/2022     12:23:17     /zb_install/index.php     -    
180.101.244.16     7/31/2022     14:14:16     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659247680021    
180.101.245.247     7/31/2022     15:34:41     /zb_system/admin/category_edit.php     act=CategoryEdt    
180.101.245.247     7/31/2022     22:43:32     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659278278242    
180.101.245.249     7/31/2022     15:57:48     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659253954609    
180.101.245.249     7/31/2022     19:08:35     /zb_system/cmd.php     act=PagePst&csrfToken=c602d9a74f53059e014313a4022cff29    
180.101.245.250     7/31/2022     12:23:58     /zb_users/plugin/UEditor/php/controller.php     action=uploadimage    
180.101.245.250     7/31/2022     17:48:33     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659260071348    
180.101.245.250     7/31/2022     19:33:41     /zb_users/plugin/STACentre/main.php     -    
180.101.245.251     7/31/2022     12:24:01     /zb_users/plugin/AdminColor/css.php     id=0&hash=63aeb73a&v=2021-11-30    
180.101.245.251     7/31/2022     18:13:45     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659261903303    
180.101.245.252     7/31/2022     18:18:13     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659262297440    
220.196.160.124     7/31/2022     17:54:18     /zb_system/cmd.php     act=SettingSav&csrfToken=c602d9a74f53059e014313a4022cff29    
220.196.160.124     7/31/2022     19:16:28     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659265796371    
220.196.160.125     7/31/2022     14:53:51     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659250277266    
220.196.160.125     7/31/2022     20:14:13     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659269331360    
220.196.160.144     7/31/2022     16:43:34     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659256816737    
220.196.160.146     7/31/2022     15:39:29     /zb_system/cmd.php     act=cmt&postid=10&key=8c1ada48df5bb2655045dc1f55cec589    
220.196.160.151     7/31/2022     12:27:02     /zb_system/admin/edit.php     act=ArticleEdt&id=10    
220.196.160.154     7/31/2022     13:53:23     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659246463355    
220.196.160.154     7/31/2022     16:49:30     /zb_system/cmd.php     act=ArticlePst&csrfToken=acec4ff415133604bbe4f01282fbc73f    
220.196.160.154     7/31/2022     18:14:34     /zb_system/cmd.php     act=PagePst&csrfToken=70b9fccaff8bab735d29725e6555eab2    
220.196.160.154     7/31/2022     19:13:54     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659265763530    
220.196.160.51     7/31/2022     19:57:55     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659267777894    
220.196.160.61     7/31/2022     17:43:59     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659260071347    
220.196.160.61     7/31/2022     17:58:56     /zb_system/cmd.php     act=PageEdt&id=9    
220.196.160.65     7/31/2022     14:38:31     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659249136590    
220.196.160.73     7/31/2022     15:34:47     /zb_system/cmd.php     act=CategoryMng    
220.196.160.73     7/31/2022     15:44:11     /zb_users/plugin/AppCentre/security.php     -    
220.196.160.73     7/31/2022     15:47:23     /zb_system/cmd.php     act=CommentMng    
220.196.160.73     7/31/2022     16:12:11     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659254229249    
220.196.160.73     7/31/2022     17:54:50     /zb_system/admin/edit.php     act=PageEdt&id=9    
220.196.160.73     7/31/2022     21:37:57     /zb_users/plugin/UEditor/php/controller.php     action=uploadimage&encode=utf-8    
220.196.160.75     7/31/2022     12:28:29     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659241199416    
220.196.160.75     7/31/2022     14:14:28     /zb_system/cmd.php     act=admin    
220.196.160.75     7/31/2022     14:59:11     /zb_system/cmd.php     act=ArticlePst&csrfToken=f1d384dfdcf533f6e238f08bb363c261    
220.196.160.75     7/31/2022     15:43:35     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659253188353    
220.196.160.83     7/31/2022     12:38:36     /zb_system/cmd.php     act=ArticlePst&csrfToken=5cfacd99a9ae1680d36b84ce853cfc75    
220.196.160.84     7/31/2022     15:43:17     /zb_users/plugin/Totoro/save_setting.php     -    
220.196.160.84     7/31/2022     15:47:29     /zb_users/plugin/AppCentre/main.php     -    
220.196.160.84     7/31/2022     15:48:34     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659253188354    
220.196.160.95     7/31/2022     16:14:29     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659255123878    
220.196.160.96     7/31/2022     12:58:47     /zb_system/cmd.php     act=ArticleEdt&id=10    
220.196.160.96     7/31/2022     21:56:16     /zb_system/admin/member_edit.php     act=MemberEdt&id=1    
59.83.208.103     7/31/2022     17:34:13     /zb_system/cmd.php     act=misc&type=vrs    
59.83.208.104     7/31/2022     19:33:11     /zb_users/plugin/STACentre/list.php     -    
59.83.208.105     7/31/2022     12:37:32     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659241821962    
59.83.208.105     7/31/2022     12:53:37     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659243104102    
59.83.208.106     7/31/2022     14:33:40     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659249136591    
59.83.208.106     7/31/2022     15:34:00     /zb_users/plugin/Totoro/main.php     -    
59.83.208.106     7/31/2022     18:24:12     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659262417410    
59.83.208.107     7/31/2022     12:28:58     /zb_system/cmd.php     act=verify    
59.83.208.107     7/31/2022     16:49:43     /zb_system/admin/edit.php     act=ArticleEdt&id=12    
59.83.208.107     7/31/2022     17:23:50     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659259349560    
59.83.208.107     7/31/2022     17:54:06     /zb_users/plugin/UEditor/php/controller.php     action=config&&noCache=1659261130056    
61.151.206.14     7/31/2022     15:47:09     /zb_system/cmd.php     act=ThemeMng    
61.151.206.14     7/31/2022     16:11:17     /zb_system/cmd.php     act=ArticlePst&csrfToken=f1d384dfdcf533f6e238f08bb363c261    
61.151.206.14     7/31/2022     18:24:20     /zb_system/cmd.php     act=SettingSav&csrfToken=c602d9a74f53059e014313a4022cff29    
61.151.207.111     7/31/2022     12:58:38     /zb_system/cmd.php     act=ArticleEdt&id=10    
61.151.207.111     7/31/2022     15:43:12     /zb_users/plugin/AppCentre/main.php     -    
61.151.207.115     7/31/2022     14:44:14     /zb_system/admin/edit.php     act=ArticleEdt    
61.151.207.115     7/31/2022     15:58:16     /zb_system/cmd.php     act=PageEdt&id=11    
61.151.207.116     7/31/2022     15:43:28     /zb_users/plugin/AppCentre/security.php     -    
61.151.207.116     7/31/2022     15:54:35     /zb_system/cmd.php     act=ArticlePst&csrfToken=a8543280d1984a59c2268184b3e5bdb1    
61.151.207.116     7/31/2022     17:14:02     /zb_system/cmd.php     act=admin    
61.151.207.116     7/31/2022     20:27:26     /zb_users/plugin/STACentre/main.php     -    
61.151.207.117     7/31/2022     12:21:01     /zb_system/cmd.php     act=ArticleMng    
61.151.207.117     7/31/2022     16:38:26     /zb_system/cmd.php     act=CategoryDel&id=1&csrfToken=a8543280d1984a59c2268184b3e5bdb1    
61.151.207.117     7/31/2022     16:42:21     /zb_system/cmd.php     act=TagDel&id=7&csrfToken=acec4ff415133604bbe4f01282fbc73f    
61.151.207.117     7/31/2022     18:07:16     /zb_system/cmd.php     act=PagePst&csrfToken=70b9fccaff8bab735d29725e6555eab2    
61.151.207.117     7/31/2022     18:57:43     /zb_system/cmd.php     act=PagePst&csrfToken=c602d9a74f53059e014313a4022cff29    
61.151.207.117     7/31/2022     20:18:42     /zb_users/theme/tpure/main.php     act=color    
61.151.207.117     7/31/2022     21:07:24     /zb_users/plugin/LinksManage/main.php     act=save&csrfToken=1c5791b0bd52b6ce8f8ff8137f049b07


标签: 异常未授权访问漏洞Bug
我是郑鹏飞。 如果您觉得我的文章对您有帮助,可以点击站点上的 关于站点/支持和帮助
转载请注明 : 文章转载自不了阁-飞哥 blog.forbs.cn
本站文章除注明转载/出处外,均为本站原创或翻译。若要转载请务必注明出处,尊重他人劳动成果共创和谐网络环境。
返回列表

上一篇:服务器正在遭受Syn_Received攻击!

下一篇:安全的Windows 3389远程连接维护服务器,我是如何做到的?-引言

相关文章

本站在采用Z-Blog PHP建设期间做的一些设置

本站在采用Z-Blog PHP建设期间做的一些设置

本章内容:1、在IIS下部署本站:Z-Blog PHP (1.7.2.3050 (Tenet); AppCentre2.79) + MySQL 5.72、安装完成后的一些可能是必要的设置(可能涉及安全...

这什么情况?还没开始就结束了?是腾讯云还是Z-Blog有问题?

这什么情况?还没开始就结束了?是腾讯云还是Z-Blog有问题?

早一分钟之前还是好好的,刷新了一下,就一直出现这个错误,css都不能正常打开了?我的网站被攻击了????2022.8.1 确认是IIS的web.config有问题。不明白的是在我没手动改web.con...

本站建设:Z-BlogPHP刚刚有出点小问题,点所有文章都无效,界面只显示主页的内容

本站建设:Z-BlogPHP刚刚有出点小问题,点所有文章都无效,界面只显示主页的内容

回想了一下这之前我做了什么。。。刚在试着换了下主题,主要是想看看是不是有什么更好的,可以不用咱自己改的主题,结果还是没有,只好又换回来了。想着。。。是不是换了主题造成的伪静态的功能出错了?进入插件中心...

评论列表

感谢感谢!
感谢感谢!
2022-10-14 21:14:19

哥们能加个联系方式吗 我想了解一下你被攻击的情况

回复该评论

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

版权所有:郑鹏飞 如果内容对您有帮助,希望能得到您的支持和帮助 琼ICP备2022007364号-1

Powered By Z-BlogPHP. Theme by TOYEAN.