Sign in Sign up
Explore Enterprise Education Gitee Premium Gitee AI
Open Source > Enterprise App > Enterprise Application System &&
Scan WeChat QR to Pay
Cancel
Complete
Watch
Unwatch Watching Releases Only Ignoring
206 Star 1.1K Fork 414

zyx0814 / dzzoffice

Code Issues 81 Pull Requests 5 Wiki Insights Pipelines
Service
Issues
 / 详情

dzzoffice 2.02存在伪随机数攻击漏洞

Backlog
FengMx
Opened this issue  
2022-10-28 11:11

dzzoffice 2.02存在伪随机数攻击漏洞。我使用提开源版,网站日志被攻击后的日志。

119.39.103.100 - - [28/Oct/2022:09:43:13 +0800] "GET / HTTP/2.0" 200 579 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:43:14 +0800] "GET /user.php?mod=login HTTP/2.0" 200 2763 "https://gtd.mxlog.com/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:43:14 +0800] "GET /misc.php?mod=sendwx&rand=1666921393 HTTP/2.0" 200 20 "https://gtd.mxlog.com/user.php?mod=login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:43:14 +0800] "GET /misc.php?mod=sendmail&rand=1666921393 HTTP/2.0" 200 20 "https://gtd.mxlog.com/user.php?mod=login" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:44:36 +0800] "POST /core/api/wopi/index.php?access_token=1&action=contents&path=OTRkZkNuT0pLZnJkZ2ZaQnJxckRQWjNQTm5YT0tjSnZDU0lJTmMwRDFSYjBwaTJPYXdhTU9oUXMwSk1oUk9vczUzMFRCNTJGT29jczZDN3BmR3dw HTTP/2.0" 200 20 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:44:47 +0800] "GET /sharea.php?alfa=3123511 HTTP/2.0" 200 286 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
120.239.32.135 - - [28/Oct/2022:09:44:53 +0800] "GET /sharea.php HTTP/1.1" 301 162 "-" "antispam/1.0.0"
119.39.103.100 - - [28/Oct/2022:09:45:24 +0800] "POST /sharea.php?alfa=3123511 HTTP/2.0" 403 779 "https://gtd.mxlog.com/sharea.php?alfa=3123511" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:45:30 +0800] "GET /sharea.php?alfa=3123511 HTTP/2.0" 200 286 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:46:30 +0800] "POST /core/api/wopi/index.php?access_token=1&action=contents&path=OTRkZkNuT0pLZnJkZ2ZaQnJxckRQWjNQTm5YT0tjSnZDU0lJTmMwRDFSYjBwaTJPYXdhTU9oUXMwSk1oUk9vczUzMFRCNTJGT29jczZDN3BmR3dw HTTP/2.0" 404 146 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:46:39 +0800] "GET /core/api/wopi/index.php?access_token=1&action=contents&path=OTRkZkNuT0pLZnJkZ2ZaQnJxckRQWjNQTm5YT0tjSnZDU0lJTmMwRDFSYjBwaTJPYXdhTU9oUXMwSk1oUk9vczUzMFRCNTJGT29jczZDN3BmR3dw HTTP/2.0" 404 146 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:46:42 +0800] "GET / HTTP/2.0" 200 2732 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0"
119.39.103.100 - - [28/Oct/2022:09:47:43 +0800] "GET / HTTP/2.0" 200 2564 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:44 +0800] "GET /robots.txt?1666921658927 HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:44 +0800] "GET /favicon.ico HTTP/2.0" 404 131 "https://gtd.mxlog.com/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:47 +0800] "GET /robots.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:47 +0800] "GET /sitemap.xml HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:47 +0800] "GET /robots.txt HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:47:47 +0800] "GET /sitemap.xml HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
35.245.188.175 - - [28/Oct/2022:09:47:47 +0800] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
35.245.188.175 - - [28/Oct/2022:09:47:48 +0800] "GET / HTTP/1.1" 200 3460 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
59.83.208.107 - - [28/Oct/2022:09:51:42 +0800] "GET /sharea.php HTTP/1.1" 301 162 "-" "antispam/1.0.0"
220.196.160.75 - - [28/Oct/2022:09:51:43 +0800] "GET /sharea.php HTTP/1.1" 404 146 "http://gtd.mxlog.com/sharea.php" "antispam/1.0.0"
119.39.103.100 - - [28/Oct/2022:09:52:27 +0800] "GET / HTTP/2.0" 304 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:52:27 +0800] "GET /robots.txt?1666921942372 HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:52:28 +0800] "GET / HTTP/2.0" 304 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:09:52:28 +0800] "GET /robots.txt?1666921943406 HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:10:06:10 +0800] "GET / HTTP/2.0" 304 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
119.39.103.100 - - [28/Oct/2022:10:06:10 +0800] "GET /robots.txt?1666922765480 HTTP/2.0" 404 131 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"

百度搜:dzzoffice 2.02伪随机数攻击

Comments (0)

FengMx created任务
FengMx changed description
FengMx changed description
Expand operation logs

Sign in to comment

Status
Assignees
Labels
Not set
Label settings
Milestones
No related milestones
No related milestones
Pull Requests
None yet
None yet
Successfully merging a pull request will close this issue.
Branches
No related branch
Branches (2)
Tags (5)
master
docker
2.02.1
2.02
2.01
2.0beta
1.3.1
Planed to start   -   Planed to end
-
Top level
Not Top
Top Level: High
Top Level: Medium
Top Level: Low
Priority
Not specified
Serious
Main
Secondary
Unimportant
参与者(1)
PHP
1
https://gitee.com/zyx0814/dzzoffice.git
git@gitee.com:zyx0814/dzzoffice.git
zyx0814
dzzoffice
dzzoffice
Going to Help Center

Search

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
Comment
Repository Report
Back to the top