Question

我在本地电脑上运行了一个Node JS服务器。这台电脑无法从外面访问。

我看到的是服务器日志中的虚假网址列表。这个URL请求来自哪里？这是什么样的攻击？

我的节点js包是否有恶意代码？

#data.csv is you data
import pandas as pd
df = pd.DataFrame.read_csv('data.csv')

#you want to perform this operation on column 1 that has a label 'A'
#make a function
def col_subtract(row):
    row['A'] = row['A'] - 2.5
    return row

#apply the function to the dataframe
df = df.apply(col_subtract, axis=1)

是否有可能增加GET / 200 453.427 ms - 517 OPTIONS / 200 0.901 ms - 8 PROPFIND / 404 57.119 ms - 1100 OPTIONS * 404 28.097 ms - 1082 GET /Rapid7/JBoss/version-check-UvBo5i.html 404 16.797 ms - 1100 GET /console/login/LoginForm.jsp 404 16.349 ms - 1100 GET /igsponsor 404 13.136 ms - 1100 GET / 200 14.813 ms - 517 GET /spiffymcgee.jsp 404 5.804 ms - 1100 GET / 200 6.166 ms - 517 GET / 200 10.456 ms - 517 GET /jbossws/ 404 9.220 ms - 1100 GET /invoker/ 404 8.065 ms - 1100 GET /jbossmq-httpil/ 404 9.178 ms - 1100 GET /status/ 404 8.007 ms - 1100 GET / 200 13.990 ms - 517 GET /reviews 404 8.054 ms - 1100 GET / 200 8.699 ms - 517 GET /login 404 5.635 ms - 1100 GET / 200 5.436 ms - 517 GET /login 404 6.158 ms - 1100 GET / 200 4.999 ms - 517 GET /login.action 404 4.050 ms - 1100 GET /login 404 4.466 ms - 1100 GET /login 404 6.062 ms - 1100 GET /owa/auth/logon.aspx 404 6.262 ms - 1100 GET /owa/auth/logon.aspx 404 5.838 ms - 1100 GET /owa/auth/logon.aspx 404 4.955 ms - 1100 GET /console/App.html 404 5.447 ms - 1100 GET / 200 6.892 ms - 517 GET /php/login.php 404 4.214 ms - 1100 GET / 200 7.227 ms - 517 GET /CHANGELOG.txt 404 5.242 ms - 1100 GET /wordpress/readme.html 404 4.887 ms - 1100 GET / 200 5.062 ms - 517 GET /wordpress 404 5.213 ms - 1100 GET /wordpress/wp-login.php 404 6.610 ms - 1100 GET /index.php/login 404 4.692 ms - 1100 GET /spiffymcgee.cfm 404 4.504 ms - 1100 GET /servlet/ 404 5.111 ms - 1100 GET / 200 7.511 ms - 517 GET /administrator/manifests/files/joomla.xml 404 4.363 ms - 1100 GET /administrator/language/en-GB/en-GB.xml 404 4.109 ms - 1100 GET /language/en-GB/en-GB.xml 404 5.029 ms - 1100 GET / 200 6.197 ms - 517 GET /xmldata?item=All 404 4.925 ms - 1100 GET / 200 7.789 ms - 517 GET /spiffymcgee.nsf 404 7.321 ms - 1100 GET /jira/secure/Dashboard.jspa 404 5.877 ms - 1100 GET /secure/Dashboard.jspa 404 4.130 ms - 1100 GET /login.jsp 404 3.840 ms - 1100 GET /console/faces/com_sun_web_ui/jsp/version/version_30.jsp 404 6.408 ms - 1100 GET /console/faces/com_sun_web_ui/jsp/version/version_4.jsp 404 6.395 ms - 1100 GET /phpmyadmin/ 404 5.518 ms - 1100 GET /cgi-bin/htsearch?Exclude=%60/etc/passwd%60 404 5.433 ms - 1100 GET /c99.php 404 6.251 ms - 1100 POST /cgi/login 404 47.299 ms - 1100 POST /data/login 404 53.409 ms - 1100 POST /xmlrpc.php 404 22.703 ms - 1100 POST /serendipity/serendipity_xmlrpc.php 404 10.856 ms - 1100 GET /jkstatus/ 404 14.917 ms - 1100 GET /conf/ssl/apache/integrity.key 404 10.338 ms - 1100 POST /serendipity/xmlrpc.php 404 8.799 ms - 1100 GET /conf/ssl/apache/integrity-smartcenter.key 404 5.615 ms - 1100 GET /CFIDE/scheduler/ 404 6.504 ms - 1100 POST /drupal/xmlrpc.php 404 5.956 ms - 1100 GET /CFIDE/servermanager/ 404 13.669 ms - 1100 GET /CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt 404 11.957 ms - 1100 POST /bblog/xmlrpc.php 404 5.526 ms - 1100 GET /CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html 404 10.053 ms - 1100 POST /CFIDE/adminapi/administrator.cfc? 404 11.261 ms - 1100 POST /blogs/xmlsrv/xmlrpc.php 404 9.342 ms - 1100 GET /CFIDE/adminapi/customtags/soft404validationcheck.cfm 404 4.703 ms - 1100 POST /xmlsrv/xmlrpc.php 404 5.444 ms - 1100 GET /CFIDE/soft404validationcheck.cfm 404 8.133 ms - 1100 GET /CFIDE/adminapi/customtags/fusebox.cfm 404 4.375 ms - 1100 POST /xmlrpc/xmlrpc.php 404 5.083 ms - 1100 GET /CFIDE/adminapi/customtags/adss.cfm 404 4.595 ms - 1100 POST /script/xmlrpc.php 404 4.009 ms - 1100 GET /CFIDE/AIR/ 404 5.960 ms - 1100 GET /CFIDE/h.cfm 404 4.604 ms - 1100 HEAD http://www.google.com:80/ 200 6.972 ms - 517 GET /CFIDE/wizards/common/ 404 4.086 ms - 1100 GET /CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en 404 7.514 ms - 1100 GET /cgi-bin/php.ini 404 5.903 ms - 1100 GET /CFIDE/h9.cfm 404 4.094 ms - 1100 GET /phpmyadmin/ 404 4.024 ms - 1100 POST /cgi-bin/home.tcl 404 5.114 ms - 1100 GET /~bin/true 404 5.430 ms - 1100 GET /CFIDE/help.cfm 404 5.527 ms - 1100 POST /cgi-bin/test-cgi 404 3.858 ms - 1100 GET /CFIDE/componentutils/ 404 3.889 ms - 1100 GET /scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:%5Ctemp%5Cxyz.mdb&newdb=CREATE_DB&attr= 404 4.677 ms - 1100 GET /AdvWorks/equipment/catalog_type.asp?ProductType=|shell(%22c:cmd.exe%22)| 404 4.392 ms - 1100 GET /CFIDE/i.cfm 404 4.823 ms - 1100 GET /ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=|shell(%22c:cmd.exe%22)| 404 3.932 ms - 1100 GET /CFIDE/orm/ 404 4.252 ms - 1100 GET /CFIDE/adminapi/base.cfc?wsdl 404 3.957 ms - 1100 POST / 404 5.537 ms - 1100 GET /CFIDE/r.cfm 404 4.286 ms - 1100 GET /cgi-bin/view-source?../../../../../../../etc/passwd 404 4.063 ms - 1100 GET /cgi-bin/awstats.pl?debug=1 404 7.055 ms - 1100 GET /crossdomain.xml 404 3.970 ms - 1100 GET /cgi-bin/faxsurvey?/bin/cat%20/etc/passwd 404 4.197 ms - 1100 GET /cgi-bin/awstats/awstats.pl?debug=1 404 4.098 ms - 1100 GET /README.txt 404 3.921 ms - 1100 GET /cgi-bin/faxquery?/bin/cat%20/etc/passwd 404 5.752 ms - 1100 GET /_vti_bin/_vti_aut/author.dll 404 11.194 ms - 1100 GET /CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test 404 6.015 ms - 1100 POST /index.htm 404 4.393 ms - 1100 TRACE / 404 4.289 ms - 1100 GET /bb/ 404 6.852 ms - 1100 GET /?Class.classLoader.resources.cacheObjectMaxSize=foo 200 6.563 ms - 517 GET /CFIDE/appdeployment/ 404 8.525 ms - 1100 GET /cgi-bin/htgrep/file=index.html&hdr=/etc/passwd 404 4.959 ms - 1100 GET /CFIDE/websocket/ 404 6.200 ms - 1100 GET /struts2-showcase/employee/save.action 404 4.984 ms - 1100 GET /CFIDE/portlets/ 404 6.358 ms - 1100 GET /common/index.jsf 404 4.763 ms - 1100 GET /CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test 404 4.718 ms - 1100 GET /CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json 404 4.245 ms - 1100 GET /CFIDE/adminiapi/ 404 6.210 ms - 1100 GET /CFIDE/services/ 404 5.988 ms - 1100 GET /CFIDE/administrator/ 404 4.210 ms - 1100 GET /CFIDE/administrator/enter.cfm 404 4.537 ms - 1100 GET /cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22; 404 3.929 ms - 1100 GET /struts2-blank/example/HelloWorld.action 404 3.957 ms - 1100 GET /?class.classLoader.resources.cacheObjectMaxSize=foo 200 6.800 ms - 517 GET /cgi-bin/htmlscript?../../../../../../../etc/passwd 404 4.158 ms - 1100 GET /cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22; 404 4.301 ms - 1100 POST /flex2gateway/http 404 5.857 ms - 1100 GET / 200 15.168 ms - 517 POST /flex2gateway/httpsecure 404 15.935 ms - 1100 POST /messagebroker/http 404 7.137 ms - 1100 POST /messagebroker/httpsecure 404 3.736 ms - 1100 POST /blazeds/messagebroker/http 404 3.765 ms - 1100 POST /blazeds/messagebroker/httpsecure 404 3.731 ms - 1100 POST /samples/messagebroker/http 404 3.869 ms - 1100 GET /r7.txt 404 4.059 ms - 1100 POST /samples/messagebroker/httpsecure 404 5.445 ms - 1100 POST /lcds/messagebroker/http 404 3.682 ms - 1100 POST /lcds/messagebroker/httpsecure 404 3.802 ms - 1100 POST /lcds-samples/messagebroker/http 404 3.731 ms - 1100 POST /lcds-samples/messagebroker/httpsecure 404 3.730 ms - 1100 PUT /r7.txt 404 3.707 ms - 1100 GET /r7.txt 404 3.786 ms - 1100 HEAD /index.php 404 6.588 ms - 1100 POST /cgi-bin/webcgi/login 404 4.221 ms - 1100 GET / 200 5.813 ms - 517 GET /portal/diag/index.jsp 404 3.786 ms - 1100 GET /miners 304 57.834 ms - - GET /stylesheets/style.css 304 15.845 ms - - GET /xmldata?item=All 404 85.536 ms - 1100调试级别？我想看看GET请求来源的源IP以及时间戳。

Answer 1

在您的应用程序中实施CORS，然后所有请求都将通过它，您可以限制来自不同域的请求。如果您使用的是expressJS，那么您可以通过以下方式进行操作。

var allowCrossDomain = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*'); // here you can restrict Origin
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
}
app.use(allowCrossDomain);

本地nodejs设置的假网址

1 个答案: