fskadi Posted February 25 Report Share Posted February 25 Buna seara, am facut un download url pentru serverul meu de cs 1.6 in xampp si tot se inchidea pc-ul neasteptat, am gasit astea in log-uri, am verificat ip-urile si sunt de prin china 185.224.128.55 - - [20/Feb/2024:15:11:04 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 109.205.213.198 - - [20/Feb/2024:15:12:46 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 89.190.156.150 - - [20/Feb/2024:15:52:25 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 403 301 "http://5.13.115.181:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 82.64.166.135 - - [20/Feb/2024:16:05:52 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 69.164.217.245 - - [20/Feb/2024:16:15:29 +0200] "GET / HTTP/1.0" 400 468 45.33.80.243 - - [20/Feb/2024:16:16:39 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:17 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:18 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:19 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:20 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:21 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:22 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:24 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:25 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:28 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:29 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:30 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 82.57.141.189 - - [20/Feb/2024:16:36:32 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:33 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:35 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:36 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:37 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:38 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:39 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:36:41 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:42 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:43 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:44 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:45 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:47 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:49 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:50 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /vF4l HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /bNfF HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:52 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:53 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:55 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:57 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:58 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:59 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:00 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:01 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:02 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:37:03 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:37:04 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:05 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:07 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:10 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:12 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:13 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:14 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:15 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:16 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:37:17 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:19 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:20 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:21 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:22 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:23 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:26 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:27 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /nPi5 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /86ww HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 45.79.168.172 - - [20/Feb/2024:17:09:09 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 zgrab/0.x" 172.105.128.12 - - [20/Feb/2024:17:09:17 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 185.224.128.55 - - [20/Feb/2024:17:18:37 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" Momentan imi este inchis pc-ul de tot, aveti idee ce s-a incercat? mentionez ca nu este securitate deloc setata de mine inafara de faptul ca fisierele cstrike sunt setate sa nu poate fi modificate ci doar descarcate. OS W10 64bit cu update-urile aproape la zi,antivirus avast, fara firewall pe router, firewall din windows Este posibil sa imi fie inchis pc-ul asa la misto? mi-e cam greu sa cred ca ar face asta o persoana din china, dupa mintea mea l-ar vrea deschis sa-si faca mersu Multumesc Quote Link to comment Share on other sites More sharing options...
Nytro Posted February 25 Report Share Posted February 25 Salut, par niste scanuri idioate care nu ar trebui sa afecteze cu nimic. Sigur e de la Wamp? Se inchide constant? Si nu se reproduce daca Wamp nu e pornit? Quote Link to comment Share on other sites More sharing options...
Massaro Posted February 28 Report Share Posted February 28 Ai MOTD descarcat? Era un exploit prin MOTD, poate mai functioneaza. Quote Link to comment Share on other sites More sharing options...