针对恶意爆破本站的IP进行封禁处理

博主： zmx
发布时间：2023 年 01 月 06 日
570 次浏览
暂无评论
8062字数
分类：抵御

# 引言

我就知道可能有人进行爆破，但是它来的实在是太快了，这个模块我注入进来也就一个月左右吧，前期关注一阵子，没有记录就没在乎，今天突然心血来潮，看了一下，还真的有数据，还挺多。

# 注入点

此注入并非SQL注入，而是源码中错误登录的位置记录了一下IP和用户名密码。
比如typecho，笨一点的方法，就是你故意输入错一个密码，提示的文字进行全局代码搜索，找到之后，就是注入点，在这里可以加上自己的逻辑代码，进行记录，甚至是触发防火墙。

# 彩虹表

感觉这个人是使用了彩虹表进行爆破的，其实也没那么神奇，只是社工的一种手段，根据你的信息来猜解你的密码。
5.188.62.76	cnadmin	Gw888	2022-11-27 03:57:49
5.188.62.76	admin	123	2022-11-27 03:58:03
5.188.62.21	cnadmin	Gw88888	2022-11-27 03:58:18
5.188.62.21	admin	admin	2022-11-27 03:58:31
5.188.62.76	cnzunmx	Gw777777777	2022-11-27 03:59:06
5.188.62.76	zunmx	zunmx@123	2022-11-27 03:59:19
5.188.62.76	cnzunmx	Gw666666	2022-11-27 04:00:25
5.188.62.76	zunmx	123456	2022-11-27 04:00:39
5.188.62.21	cnadmin	Gw444444	2022-11-27 04:00:42
5.188.62.21	admin	123456	2022-11-27 04:00:55
5.188.62.76	cnadmin	Gw888888	2022-11-27 04:01:43
5.188.62.76	admin	123123	2022-11-27 04:02:02
5.188.62.21	cnadmin	Gw22222222	2022-11-27 04:03:05
5.188.62.76	cnadmin	Gw222222222	2022-11-27 04:03:10
5.188.62.21	admin	admin123	2022-11-27 04:03:18
5.188.62.76	admin	admin1234	2022-11-27 04:03:24
5.188.62.76	cnadmin	Gw11111111	2022-11-27 04:04:29
5.188.62.76	admin	12345678	2022-11-27 04:04:43
5.188.62.21	cnzunmx	Gw55555	2022-11-27 04:05:27
5.188.62.21	zunmx	zunmx	2022-11-27 04:05:41
5.188.62.76	cnadmin	Gw55555	2022-11-27 04:05:49
5.188.62.76	admin	zunmx	2022-11-27 04:06:03
5.188.62.76	cnadmin	Gw55555555	2022-11-27 04:07:09
5.188.62.76	admin	zunmx123	2022-11-27 04:07:22
5.188.62.21	cnadmin	Gw666666666	2022-11-27 04:07:50
5.188.62.21	admin	admin@123	2022-11-27 04:08:03
5.188.62.76	cnadmin	Gw5555555555	2022-11-27 04:08:28
5.188.62.76	admin	adminadmin	2022-11-27 04:08:41
5.188.62.76	cnadmin	Gw333333333	2022-11-27 04:09:48
5.188.62.76	admin	123456789	2022-11-27 04:10:02
5.188.62.21	cnadmin	Gw8888	2022-11-27 04:10:13
5.188.62.21	admin	pass	2022-11-27 04:10:27
5.188.62.76	cnadmin	Gw222222222	2022-11-27 04:11:03
5.188.62.76	admin	Admin@123	2022-11-27 04:11:17
5.188.62.76	cnadmin	Gw1111111	2022-11-27 04:12:23
5.188.62.21	cnadmin	Gw55555	2022-11-27 04:12:36
5.188.62.76	admin	admin88	2022-11-27 04:12:36
5.188.62.26	cnadmin	Gw777777	2022-11-27 04:12:42
5.188.62.21	admin	12345	2022-11-27 04:12:49
5.188.62.26	admin	123456	2022-11-27 04:12:57
5.188.62.76	cnzunmx	Gw555555555	2022-11-27 04:13:41
5.188.62.76	zunmx	zunmx2017	2022-11-27 04:13:55
5.188.62.21	cnadmin	Gw1111	2022-11-27 04:14:59
5.188.62.76	cnadmin	Gw8888	2022-11-27 04:14:59
5.188.62.76	admin	test	2022-11-27 04:15:13
5.188.62.21	admin	1234	2022-11-27 04:15:13
5.188.62.76	cnadmin	Gw77777777	2022-11-27 04:16:19
5.188.62.76	admin	admin888	2022-11-27 04:16:33
5.188.62.21	cnadmin	Gw77777777	2022-11-27 04:17:21
5.188.62.21	admin	password	2022-11-27 04:17:34
5.188.62.76	cnadmin	Gw66666666	2022-11-27 04:17:38
5.188.62.76	admin	FuckYou	2022-11-27 04:17:52
5.188.62.76	cnadmin	Gw3	2022-11-27 04:18:57
5.188.62.76	admin	1	2022-11-27 04:19:10
5.188.62.21	cnzunmx	Gw77777777	2022-11-27 04:19:44
5.188.62.21	zunmx	zunmx123	2022-11-27 04:19:57
5.188.62.26	cnadmin@zunmx.top	Gw111	2022-11-30 04:02:34
5.188.62.26	admin@zunmx.top	123	2022-11-30 04:02:49
5.188.62.26	cnadmin@zunmx.top	Gw55555	2022-11-30 13:37:01
5.188.62.26	admin@zunmx.top	12345	2022-11-30 13:37:16
5.188.62.26	cnadmin@zunmx.top	Gw33333333	2022-11-30 18:30:22
5.188.62.26	admin@zunmx.top	zunmx123	2022-11-30 18:30:37
5.188.62.26	cnadmin@zunmx.top	Gw66666666	2022-11-30 23:25:26
5.188.62.26	admin@zunmx.top	password	2022-11-30 23:25:40
5.188.62.26	cnadmin@zunmx.top	Gw2222	2022-12-01 04:19:39
5.188.62.26	admin@zunmx.top	pass	2022-12-01 04:19:53
5.188.62.26	cnadmin@zunmx.top	Gw333333333	2022-12-01 09:32:39
5.188.62.26	admin@zunmx.top	zunmx@123	2022-12-01 09:32:54
5.188.62.26	cnadmin@zunmx.top	Gw555555555	2022-12-01 14:34:26
5.188.62.26	admin@zunmx.top	zunmx.top	2022-12-01 14:34:40
5.188.62.140	cnadmin@zunmx.top	Gw666666666666666	2022-12-14 10:59:27
5.188.62.140	admin@zunmx.top	admin@zunmx.top	2022-12-14 10:59:37
5.188.62.26	cnadmin	Gw111111	2022-12-14 18:35:12
5.188.62.26	admin	123456	2022-12-14 18:35:26
5.188.62.140	cnadmin@zunmx.top	Gw777777	2022-12-14 21:19:13
5.188.62.140	admin@zunmx.top	123456	2022-12-14 21:19:23
5.188.62.140	cnadmin@zunmx.top	Gw333333333333333	2022-12-15 08:05:45
5.188.62.140	admin@zunmx.top	zunmx@zunmx.top	2022-12-15 08:05:54
5.188.62.140	cnzunmx@zunmx.top	Gw11111	2022-12-15 18:48:53
5.188.62.140	zunmx@zunmx.top	zunmx	2022-12-15 18:49:02
5.188.62.140	cnadmin@zunmx.top	Gw22222	2022-12-16 05:53:32
5.188.62.140	admin@zunmx.top	admin	2022-12-16 05:53:41
5.188.62.140	cntest	Gw5555	2022-12-19 10:49:50
5.188.62.140	test	test	2022-12-19 10:50:02
5.188.62.140	cnadmin	Gw4444	2022-12-19 22:09:11
5.188.62.140	admin	2022	2022-12-19 22:09:20
5.188.62.140	cnseo	Gw888	2022-12-20 09:56:52
5.188.62.140	seo	seo	2022-12-20 09:57:02
5.188.62.140	cnAdmin	Gw77777	2022-12-20 21:39:35
5.188.62.140	Admin	Admin	2022-12-20 21:39:45
5.188.62.140	cnadmin	Gw3333	2022-12-21 17:16:09
5.188.62.140	admin	@123	2022-12-21 17:16:20
5.188.62.140	cnroot	Gw1111	2022-12-22 14:33:08
5.188.62.140	root	root	2022-12-22 14:33:18
5.188.62.140	cnadmin	Gw3333	2022-12-23 03:10:53
5.188.62.140	admin	root	2022-12-23 03:11:03
5.188.62.140	cnadmin	Gw8888	2022-12-24 10:28:05
5.188.62.140	admin	8888	2022-12-24 10:28:21
5.188.62.21	cnadmin	Gw22222	2022-12-30 10:44:05
5.188.62.21	admin	admin	2022-12-30 10:44:18
5.188.62.21	cnadmin	Gw555555	2022-12-30 10:53:01
5.188.62.21	admin	123456	2022-12-30 10:53:14
5.188.62.21	cnadmin	Gw22222222	2022-12-30 11:02:33
5.188.62.21	admin	admin123	2022-12-30 11:02:46
5.188.62.21	cnzunmx	Gw44444	2022-12-30 11:11:23
5.188.62.21	zunmx	zunmx	2022-12-30 11:11:36
5.188.62.21	cnadmin	Gw666666666	2022-12-30 11:20:17
5.188.62.21	admin	admin@123	2022-12-30 11:20:30
5.188.62.21	cnadmin	Gw8888	2022-12-30 11:28:35
5.188.62.21	admin	pass	2022-12-30 11:28:48
5.188.62.21	cnadmin	Gw44444	2022-12-30 11:37:52
5.188.62.21	admin	12345	2022-12-30 11:38:05
5.188.62.21	cnadmin	Gw4444	2022-12-30 11:46:56
5.188.62.21	admin	1234	2022-12-30 11:47:09
5.188.62.21	cnadmin	Gw22222222	2022-12-30 11:55:12
5.188.62.76	cnadmin	Gw888	2022-12-30 11:55:13
5.188.62.21	admin	password	2022-12-30 11:55:25
5.188.62.76	admin	123	2022-12-30 11:55:27
5.188.62.76	cnzunmx	Gw777777777	2022-12-30 12:03:23
5.188.62.76	zunmx	zunmx@123	2022-12-30 12:03:37
5.188.62.21	cnzunmx	Gw22222222	2022-12-30 12:04:19
5.188.62.21	zunmx	zunmx123	2022-12-30 12:04:32
5.188.62.76	cnzunmx	Gw222222	2022-12-30 12:11:31
5.188.62.76	zunmx	123456	2022-12-30 12:11:45
5.188.62.76	cnadmin	Gw666666	2022-12-30 12:19:48
5.188.62.76	admin	123123	2022-12-30 12:20:01
5.188.62.76	cnadmin	Gw222222222	2022-12-30 12:27:59
5.188.62.76	admin	admin1234	2022-12-30 12:28:12
5.188.62.76	cnadmin	Gw77777777	2022-12-30 12:36:10
5.188.62.76	admin	12345678	2022-12-30 12:36:23
5.188.62.76	cnadmin	Gw33333	2022-12-30 12:44:24
5.188.62.76	admin	zunmx	2022-12-30 12:44:37
5.188.62.76	cnadmin	Gw66666666	2022-12-30 12:52:47
5.188.62.76	admin	zunmx123	2022-12-30 12:53:00
5.188.62.76	cnadmin	Gw7777777777	2022-12-30 13:00:56
5.188.62.76	admin	adminadmin	2022-12-30 13:01:09
5.188.62.76	cnadmin	Gw555555555	2022-12-30 13:09:12
5.188.62.76	admin	123456789	2022-12-30 13:09:25
5.188.62.76	cnadmin	Gw444444444	2022-12-30 13:17:29
5.188.62.76	admin	Admin@123	2022-12-30 13:17:42
5.188.62.76	cnadmin	Gw8888888	2022-12-30 13:25:36
5.188.62.76	admin	admin88	2022-12-30 13:25:49
5.188.62.76	cnzunmx	Gw444444444	2022-12-30 13:33:50
5.188.62.76	zunmx	zunmx2017	2022-12-30 13:34:03
5.188.62.76	cnadmin	Gw6666	2022-12-30 13:42:10
5.188.62.76	admin	test	2022-12-30 13:42:23
5.188.62.76	cnadmin	Gw11111111	2022-12-30 13:50:32
5.188.62.76	admin	admin888	2022-12-30 13:50:45
5.188.62.76	cnadmin	Gw22222222	2022-12-30 13:58:50
5.188.62.76	admin	FuckYou	2022-12-30 13:59:05
5.188.62.76	cnadmin	Gw1	2022-12-30 14:07:18
5.188.62.76	admin	1	2022-12-30 14:07:32

# IP段

看来这是一场有组织有预谋的爆破，根据IP来看，都是属于同一个C段的网路，大家也可以进行封禁处理，当然这些事拦截住的，我不排除有一些没有拦截并且成功入侵的，网络安全是一个非常重要的事情，有自己的业务系统的或者有自己的服务器的，一定要加以小心。