嗅探url路径

Posted on by No Comments ↓

新装一Nginx,刚申请完域名指向,啥项目还没上呢,就发现来自外网的扫描。查看均为请求一些Web软件缺省配置的url路径。既然有人想要嗅探这些地址,即表示有可利用处,特记录之,以示警惕。

GET //phpmyadmin/config/config.inc.php?p=phpinfo();
GET //pma/config/config.inc.php?p=phpinfo();
GET //admin/config/config.inc.php?p=phpinfo();
GET //dbadmin/config/config.inc.php?p=phpinfo();
GET //mysql/config/config.inc.php?p=phpinfo();
GET //php-my-admin/config/config.inc.php?p=phpinfo();
GET //myadmin/config/config.inc.php?p=phpinfo();
GET //PHPMYADMIN/config/config.inc.php?p=phpinfo();
GET //phpMyAdmin/config/config.inc.php?p=phpinfo();
GET //config/config.inc.php?p=phpinfo();
GET //phppgadmin/config.inc.php?p=phpinfo();
GET //phpmyadmin2/config.inc.php?p=phpinfo();
GET //phpMyAdmin2/config.inc.php?p=phpinfo();
GET //mail/config.inc.php?p=phpinfo();
GET //webmail/config.inc.php?p=phpinfo();
GET /roundcubemail/README
GET /rc/README
GET /webmail/README
GET /roundcube/README
GET /mail/README
GET /README
GET /manager/html
GET /user/soapCaller.bs

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

*