gpt4 book ai didi

javascript - 本地 Nodejs 设置上的虚假网址

转载 作者:太空宇宙 更新时间:2023-11-04 02:46:07 27 4
gpt4 key购买 nike

我的本​​地电脑上运行着一个 Node JS 服务器。无法从外部访问此电脑。

我看到的是服务器日志中的虚假网址列表。这个 URL 请求来自哪里?这是什么攻击?

我的 Node js 包是否有恶意代码?

GET / 200 453.427 ms - 517
OPTIONS / 200 0.901 ms - 8
PROPFIND / 404 57.119 ms - 1100
OPTIONS * 404 28.097 ms - 1082
GET /Rapid7/JBoss/version-check-UvBo5i.html 404 16.797 ms - 1100
GET /console/login/LoginForm.jsp 404 16.349 ms - 1100
GET /igsponsor 404 13.136 ms - 1100
GET / 200 14.813 ms - 517
GET /spiffymcgee.jsp 404 5.804 ms - 1100
GET / 200 6.166 ms - 517
GET / 200 10.456 ms - 517
GET /jbossws/ 404 9.220 ms - 1100
GET /invoker/ 404 8.065 ms - 1100
GET /jbossmq-httpil/ 404 9.178 ms - 1100
GET /status/ 404 8.007 ms - 1100
GET / 200 13.990 ms - 517
GET /reviews 404 8.054 ms - 1100
GET / 200 8.699 ms - 517
GET /login 404 5.635 ms - 1100
GET / 200 5.436 ms - 517
GET /login 404 6.158 ms - 1100
GET / 200 4.999 ms - 517
GET /login.action 404 4.050 ms - 1100
GET /login 404 4.466 ms - 1100
GET /login 404 6.062 ms - 1100
GET /owa/auth/logon.aspx 404 6.262 ms - 1100
GET /owa/auth/logon.aspx 404 5.838 ms - 1100
GET /owa/auth/logon.aspx 404 4.955 ms - 1100
GET /console/App.html 404 5.447 ms - 1100
GET / 200 6.892 ms - 517
GET /php/login.php 404 4.214 ms - 1100
GET / 200 7.227 ms - 517
GET /CHANGELOG.txt 404 5.242 ms - 1100
GET /wordpress/readme.html 404 4.887 ms - 1100
GET / 200 5.062 ms - 517
GET /wordpress 404 5.213 ms - 1100
GET /wordpress/wp-login.php 404 6.610 ms - 1100
GET /index.php/login 404 4.692 ms - 1100
GET /spiffymcgee.cfm 404 4.504 ms - 1100
GET /servlet/ 404 5.111 ms - 1100
GET / 200 7.511 ms - 517
GET /administrator/manifests/files/joomla.xml 404 4.363 ms - 1100
GET /administrator/language/en-GB/en-GB.xml 404 4.109 ms - 1100
GET /language/en-GB/en-GB.xml 404 5.029 ms - 1100
GET / 200 6.197 ms - 517
GET /xmldata?item=All 404 4.925 ms - 1100
GET / 200 7.789 ms - 517
GET /spiffymcgee.nsf 404 7.321 ms - 1100
GET /jira/secure/Dashboard.jspa 404 5.877 ms - 1100
GET /secure/Dashboard.jspa 404 4.130 ms - 1100
GET /login.jsp 404 3.840 ms - 1100
GET /console/faces/com_sun_web_ui/jsp/version/version_30.jsp 404 6.408 ms - 1100
GET /console/faces/com_sun_web_ui/jsp/version/version_4.jsp 404 6.395 ms - 1100
GET /phpmyadmin/ 404 5.518 ms - 1100
GET /cgi-bin/htsearch?Exclude=%60/etc/passwd%60 404 5.433 ms - 1100
GET /c99.php 404 6.251 ms - 1100
POST /cgi/login 404 47.299 ms - 1100
POST /data/login 404 53.409 ms - 1100
POST /xmlrpc.php 404 22.703 ms - 1100
POST /serendipity/serendipity_xmlrpc.php 404 10.856 ms - 1100
GET /jkstatus/ 404 14.917 ms - 1100
GET /conf/ssl/apache/integrity.key 404 10.338 ms - 1100
POST /serendipity/xmlrpc.php 404 8.799 ms - 1100
GET /conf/ssl/apache/integrity-smartcenter.key 404 5.615 ms - 1100
GET /CFIDE/scheduler/ 404 6.504 ms - 1100
POST /drupal/xmlrpc.php 404 5.956 ms - 1100
GET /CFIDE/servermanager/ 404 13.669 ms - 1100
GET /CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt 404 11.957 ms - 1100
POST /bblog/xmlrpc.php 404 5.526 ms - 1100
GET /CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html 404 10.053 ms - 1100
POST /CFIDE/adminapi/administrator.cfc? 404 11.261 ms - 1100
POST /blogs/xmlsrv/xmlrpc.php 404 9.342 ms - 1100
GET /CFIDE/adminapi/customtags/soft404validationcheck.cfm 404 4.703 ms - 1100
POST /xmlsrv/xmlrpc.php 404 5.444 ms - 1100
GET /CFIDE/soft404validationcheck.cfm 404 8.133 ms - 1100
GET /CFIDE/adminapi/customtags/fusebox.cfm 404 4.375 ms - 1100
POST /xmlrpc/xmlrpc.php 404 5.083 ms - 1100
GET /CFIDE/adminapi/customtags/adss.cfm 404 4.595 ms - 1100
POST /script/xmlrpc.php 404 4.009 ms - 1100
GET /CFIDE/AIR/ 404 5.960 ms - 1100
GET /CFIDE/h.cfm 404 4.604 ms - 1100
HEAD http://www.google.com:80/ 200 6.972 ms - 517
GET /CFIDE/wizards/common/ 404 4.086 ms - 1100
GET /CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en 404 7.514 ms - 1100
GET /cgi-bin/php.ini 404 5.903 ms - 1100
GET /CFIDE/h9.cfm 404 4.094 ms - 1100
GET /phpmyadmin/ 404 4.024 ms - 1100
POST /cgi-bin/home.tcl 404 5.114 ms - 1100
GET /~bin/true 404 5.430 ms - 1100
GET /CFIDE/help.cfm 404 5.527 ms - 1100
POST /cgi-bin/test-cgi 404 3.858 ms - 1100
GET /CFIDE/componentutils/ 404 3.889 ms - 1100
GET /scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:%5Ctemp%5Cxyz.mdb&newdb=CREATE_DB&attr= 404 4.677 ms - 1100
GET /AdvWorks/equipment/catalog_type.asp?ProductType=|shell(%22c:cmd.exe%22)| 404 4.392 ms - 1100
GET /CFIDE/i.cfm 404 4.823 ms - 1100
GET /ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=|shell(%22c:cmd.exe%22)| 404 3.932 ms - 1100
GET /CFIDE/orm/ 404 4.252 ms - 1100
GET /CFIDE/adminapi/base.cfc?wsdl 404 3.957 ms - 1100
POST / 404 5.537 ms - 1100
GET /CFIDE/r.cfm 404 4.286 ms - 1100
GET /cgi-bin/view-source?../../../../../../../etc/passwd 404 4.063 ms - 1100
GET /cgi-bin/awstats.pl?debug=1 404 7.055 ms - 1100
GET /crossdomain.xml 404 3.970 ms - 1100
GET /cgi-bin/faxsurvey?/bin/cat%20/etc/passwd 404 4.197 ms - 1100
GET /cgi-bin/awstats/awstats.pl?debug=1 404 4.098 ms - 1100
GET /README.txt 404 3.921 ms - 1100
GET /cgi-bin/faxquery?/bin/cat%20/etc/passwd 404 5.752 ms - 1100
GET /_vti_bin/_vti_aut/author.dll 404 11.194 ms - 1100
GET /CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test 404 6.015 ms - 1100
POST /index.htm 404 4.393 ms - 1100
TRACE / 404 4.289 ms - 1100
GET /bb/ 404 6.852 ms - 1100
GET /?Class.classLoader.resources.cacheObjectMaxSize=foo 200 6.563 ms - 517
GET /CFIDE/appdeployment/ 404 8.525 ms - 1100
GET /cgi-bin/htgrep/file=index.html&hdr=/etc/passwd 404 4.959 ms - 1100
GET /CFIDE/websocket/ 404 6.200 ms - 1100
GET /struts2-showcase/employee/save.action 404 4.984 ms - 1100
GET /CFIDE/portlets/ 404 6.358 ms - 1100
GET /common/index.jsf 404 4.763 ms - 1100
GET /CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test 404 4.718 ms - 1100
GET /CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json 404 4.245 ms - 1100
GET /CFIDE/adminiapi/ 404 6.210 ms - 1100
GET /CFIDE/services/ 404 5.988 ms - 1100
GET /CFIDE/administrator/ 404 4.210 ms - 1100
GET /CFIDE/administrator/enter.cfm 404 4.537 ms - 1100
GET /cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22; 404 3.929 ms - 1100
GET /struts2-blank/example/HelloWorld.action 404 3.957 ms - 1100
GET /?class.classLoader.resources.cacheObjectMaxSize=foo 200 6.800 ms - 517
GET /cgi-bin/htmlscript?../../../../../../../etc/passwd 404 4.158 ms - 1100
GET /cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22; 404 4.301 ms - 1100
POST /flex2gateway/http 404 5.857 ms - 1100
GET / 200 15.168 ms - 517
POST /flex2gateway/httpsecure 404 15.935 ms - 1100
POST /messagebroker/http 404 7.137 ms - 1100
POST /messagebroker/httpsecure 404 3.736 ms - 1100
POST /blazeds/messagebroker/http 404 3.765 ms - 1100
POST /blazeds/messagebroker/httpsecure 404 3.731 ms - 1100
POST /samples/messagebroker/http 404 3.869 ms - 1100
GET /r7.txt 404 4.059 ms - 1100
POST /samples/messagebroker/httpsecure 404 5.445 ms - 1100
POST /lcds/messagebroker/http 404 3.682 ms - 1100
POST /lcds/messagebroker/httpsecure 404 3.802 ms - 1100
POST /lcds-samples/messagebroker/http 404 3.731 ms - 1100
POST /lcds-samples/messagebroker/httpsecure 404 3.730 ms - 1100
PUT /r7.txt 404 3.707 ms - 1100
GET /r7.txt 404 3.786 ms - 1100
HEAD /index.php 404 6.588 ms - 1100
POST /cgi-bin/webcgi/login 404 4.221 ms - 1100
GET / 200 5.813 ms - 517
GET /portal/diag/index.jsp 404 3.786 ms - 1100
GET /miners 304 57.834 ms - -
GET /stylesheets/style.css 304 15.845 ms - -
GET /xmldata?item=All 404 85.536 ms - 1100

是否有可能提高npm start调试级别?我想查看 GET 请求的来源 IP 以及时间戳。

最佳答案

在您的应用程序中实现 CORS,那么所有请求都将通过它,您可以限制来自不同域的请求。如果您使用的是expressJS,那么您可以按照以下方式进行操作。

var allowCrossDomain = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*'); // here you can restrict Origin
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
}
app.use(allowCrossDomain);

关于javascript - 本地 Nodejs 设置上的虚假网址,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46690600/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com