fskadi Posted February 25 Report Posted February 25 Buna seara, am facut un download url pentru serverul meu de cs 1.6 in xampp si tot se inchidea pc-ul neasteptat, am gasit astea in log-uri, am verificat ip-urile si sunt de prin china 185.224.128.55 - - [20/Feb/2024:15:11:04 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 109.205.213.198 - - [20/Feb/2024:15:12:46 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 89.190.156.150 - - [20/Feb/2024:15:52:25 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 403 301 "http://5.13.115.181:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 82.64.166.135 - - [20/Feb/2024:16:05:52 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 69.164.217.245 - - [20/Feb/2024:16:15:29 +0200] "GET / HTTP/1.0" 400 468 45.33.80.243 - - [20/Feb/2024:16:16:39 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:17 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:18 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:19 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:20 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:21 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:22 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:24 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:25 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:28 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:29 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:30 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 82.57.141.189 - - [20/Feb/2024:16:36:32 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:33 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:35 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:36 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:37 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:38 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:39 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:36:41 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:42 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:43 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:44 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:45 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:47 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:49 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:50 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /vF4l HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /bNfF HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:52 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:53 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:55 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:57 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:58 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:59 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:00 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:01 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:02 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:37:03 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:37:04 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:05 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:07 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:10 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:12 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:13 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:14 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:15 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:16 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:37:17 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:19 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:20 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:21 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:22 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:23 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:26 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:27 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /nPi5 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /86ww HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 45.79.168.172 - - [20/Feb/2024:17:09:09 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 zgrab/0.x" 172.105.128.12 - - [20/Feb/2024:17:09:17 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 185.224.128.55 - - [20/Feb/2024:17:18:37 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" Momentan imi este inchis pc-ul de tot, aveti idee ce s-a incercat? mentionez ca nu este securitate deloc setata de mine inafara de faptul ca fisierele cstrike sunt setate sa nu poate fi modificate ci doar descarcate. OS W10 64bit cu update-urile aproape la zi,antivirus avast, fara firewall pe router, firewall din windows Este posibil sa imi fie inchis pc-ul asa la misto? mi-e cam greu sa cred ca ar face asta o persoana din china, dupa mintea mea l-ar vrea deschis sa-si faca mersu Multumesc Quote
Nytro Posted February 25 Report Posted February 25 Salut, par niste scanuri idioate care nu ar trebui sa afecteze cu nimic. Sigur e de la Wamp? Se inchide constant? Si nu se reproduce daca Wamp nu e pornit? Quote
Massaro Posted February 28 Report Posted February 28 Ai MOTD descarcat? Era un exploit prin MOTD, poate mai functioneaza. Quote