Attaque de l’IP : 193.106.191.48 (Russian Federation)

2 x served & 0 x viewed

Voici toutes les tentatives :

193.106.191.48 - - [25/May/2022:00:17:47 +0200] "GET /solr/admin/info/system?wt=json HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:00:17:52 +0200] "GET /user/auth/login HTTP/1.1" 200 8276 "http://80.15.48.50:80/solr/admin/info/system?wt=json" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:01:04:50 +0200] "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:01:04:52 +0200] "GET /user/auth/login HTTP/1.1" 200 8278 "http://80.15.48.50:80/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:01:47:43 +0200] "GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:01:47:43 +0200] "GET /user/auth/login HTTP/1.1" 200 8275 "http://80.15.48.50:80/?a=fetch&content=die(@md5(HelloThinkCMF))" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:02:38:44 +0200] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:02:38:57 +0200] "GET /user/auth/login HTTP/1.1" 200 8273 "http://80.15.48.50:80/?XDEBUG_SESSION_START=phpstorm" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:02:50:08 +0200] "GET /console/ HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:02:50:08 +0200] "GET /user/auth/login HTTP/1.1" 200 8277 "http://80.15.48.50:80/console/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:03:29:20 +0200] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 302 218 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:03:29:20 +0200] "GET /user/auth/login HTTP/1.1" 200 8280 "http://80.15.48.50:80/Autodiscover/Autodiscover.xml" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:04:07:48 +0200] "GET /_ignition/execute-solution HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:04:38:22 +0200] "GET / HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:04:38:24 +0200] "GET /user/auth/login HTTP/1.1" 200 8279 "http://80.15.48.50:80" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:05:17:51 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 485 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:05:52:38 +0200] "GET / HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:05:52:47 +0200] "GET /user/auth/login HTTP/1.1" 200 8278 "http://80.15.48.50:80/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:06:24:47 +0200] "GET /actuator/gateway/routes HTTP/1.1" 302 406 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:06:24:48 +0200] "GET /user/auth/login HTTP/1.1" 200 8277 "http://80.15.48.50:80/actuator/gateway/routes" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:07:41:34 +0200] "GET / HTTP/1.1" 302 5559 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:07:41:46 +0200] "GET /user/auth/login HTTP/1.1" 200 13475 "https://80.15.48.50:443" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:07:55:26 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 5371 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:07:55:28 +0200] "GET /user/auth/login HTTP/1.1" 200 13473 "https://80.15.48.50:443/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:08:40:07 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 5559 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:08:40:10 +0200] "GET /user/auth/login HTTP/1.1" 200 13471 "https://80.15.48.50:443/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:09:54:31 +0200] "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 302 5559 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
193.106.191.48 - - [25/May/2022:09:54:32 +0200] "GET /user/auth/login HTTP/1.1" 200 13470 "https://80.15.48.50:443/index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"

Et comme par hasard :

IP Address Country Region City
193.106.191.48 Russian Federation Moskva Moscow
ISP Organization Latitude Longitude
Kanzas LLC Not Available 55.7522 37.6156

Mon conseil :

# iptables -A INPUT -s 193.106.191.48 -j DROP
# /usr/sbin/iptables-save > /etc/iptables/rules.v4

 

Aurélien Barrau sur France Inter : à ecouter !

3 x served & 0 x viewed

Oracle Linux 8.3 : Module yaml error: Unexpected key in data: static_context [line 9 col 3]

8 x served & 0 x viewed

J’ai pu voir l’erreur suivante :

Module yaml error: Unexpected key in data: static_context [line 9 col 3]

Pour fixer le problème :

# yum update libmodulemd
rabbitmq_erlang                                                                                        315  B/s | 833  B     00:02    
rabbitmq_erlang-source                                                                                 489  B/s | 819  B     00:01    
#ff0000;">Module yaml error: Unexpected key in data: static_context [line 9 col 3]
Module yaml error: Unexpected key in data: static_context [line 9 col 3]
Dépendances résolues.
=======================================================================================================================================
 Paquet                         Architecture              Version                           Dépôt                                Taille
=======================================================================================================================================
Mise à jour:
 libmodulemd                    x86_64                    2.13.0-1.el8                      ol8_baseos_latest                    233 k

Résumé de la transaction
=======================================================================================================================================
Mettre à niveau  1 Paquet

Taille totale des téléchargements : 233 k
Voulez-vous continuer ? [o/N] : o
Téléchargement des paquets :
libmodulemd-2.13.0-1.el8.x86_64.rpm                                                                    3.4 MB/s | 233 kB     00:00    
---------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                  3.2 MB/s | 233 kB     00:00     
Test de la transaction
La vérification de la transaction a réussi.
Lancement de la transaction de test
Transaction de test réussie.
Exécution de la transaction
  Préparation           :                                                                                                          1/1 
  Mise à jour           : libmodulemd-2.13.0-1.el8.x86_64                                                                          1/2 
  Nettoyage de          : libmodulemd-2.9.4-2.el8.x86_64                                                                           2/2 
  Exécution du scriptlet: libmodulemd-2.9.4-2.el8.x86_64                                                                           2/2 
  Vérification de       : libmodulemd-2.13.0-1.el8.x86_64                                                                          1/2 
  Vérification de       : libmodulemd-2.9.4-2.el8.x86_64                                                                           2/2 

Mis à niveau:
  libmodulemd-2.13.0-1.el8.x86_64                                                                                                      

Terminé !

Ma version de Oracle Linux 8.3 :

# cat /etc/os-release 
NAME="Oracle Linux Server"
VERSION="8.3"
ID="ol"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="8.3"
PLATFORM_ID="platform:el8"
#ff0000;">PRETTY_NAME="Oracle Linux Server 8.3"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:oracle:linux:8:3:server"
HOME_URL="https://linux.oracle.com/"
BUG_REPORT_URL="https://bugzilla.oracle.com/"

ORACLE_BUGZILLA_PRODUCT="Oracle Linux 8"
ORACLE_BUGZILLA_PRODUCT_VERSION=8.3
ORACLE_SUPPORT_PRODUCT="Oracle Linux"
ORACLE_SUPPORT_PRODUCT_VERSION=8.3

WordPress : Upgrade 6.0

9 x served & 2 x viewed

Je viens de faire la mise à jours en version 6.0. Je n’ai pas vu de problème particulier.