flyzy博客
有MJJ知道什么原理导致的吗?日常只是挂点梯子,没做别的事情。
登录也是用证书登录,ssh端口也改过了,运行用户都是nobody。
或者说这是什么新型攻击方式吗?
河南省网友说:想知道是啥原因
青海省网友说:说你io指向的一个域名里有泄露了日本人的地址和姓名等个人信息
青海省网友说:把原文和翻译贴上来,大伙瞧瞧
亲爱的员工,我希望您了解使用 f= ollowing IP 地址的服务器的站点。 [IP地址] 小鸡IP 经过我的调查,这个IP地址= ess的服务器似乎被以下域名的站点使用。 [域名] DAIHANREI.COM 这个域名网站发布了居住在=日本的人们的姓名和地址。正在实施违反日本个人信息保**的行为。该法律等同于欧盟通用数据保护条例。 “=E5=80=8B=E4=BA=BA=E6=83=85=E5=A0=B1=E4=BF=9D=E8=AD=B7=E5=A7=94=E5=93=下页描述的A1=E4=BC=9A=E4=BA=8B=E5=8B=99=E5=B1=80(个人信息保护委员会=委员会秘书处)”是组织=之后的第二个权限向违反日本个人信息保**的公司发出改善令的法院。 https://daihanrei.com/statement.php 具有此域名的站点通过 Cloudflare 公开,无法通过 DIG 命令检查。但是,由于可以推断它是我前几天报告滥用的域n = ame“HASANNEWS.ORG”的相关站点,因此我怀疑i = t存储在同一台服务器上。结果,我从具有上述 IP 地址的服务器收到了相同的数据。此电子邮件附有使用 curl 命令的证据材料。由于”F= ile3″ … “File6” 担心电子邮件大小,请从以下 URL 的页面获取 PDF 文件。 http://miwa850125.starfree.jp/daihanrei_com/ “文件2”是从上述IP地址的服务器接收到的数据和通信记录。 I=通过浏览器访问时等价的东西是“File1”。两份文件的第二页都有通讯记录。 “File1”连接的服务器如下: Info: Connected to daihanrei.com (172.67.170.96) port 443 (#0) “File2”连接的服务器如下: Info: Connected to daihanrei.com (小鸡IP) 端口 443 (#0) 连接的服务器不同,但接收到的数据不一样= .除了 robots.txt 以外,也以同样的方式接收数据。 “File3”和“File4”是首页的数据。 “File3”是从 = Cloudflare 接收的,“File4”是从具有上述 IP 地址 = ress 的服务器接收的。同样在这种情况下,连接的服务器不同,但接收到的 da=ta 没有不同。 “File5”和“File6”是他们在 to=p 处引入的 URL 的页面。 “File5”是从 Cloudflare 接收的,“File6”是从具有上述 IP 地址的 = 服务器接收的。在这种情况下,连接的 serve=rs 也是不同的,但接收到的数据并没有什么不同。从上面可以看出,上面IP地址的服务器正在被使用。如果该域名的站点使用上面显示的IP=地址的服务器,请取消服务器合同。最好的祝福。白崎美羽(女士)
Dear Staff, I would like you to find out about the sites that use the server with the f= ollowing IP address. [IP Address] 小鸡IP As a result of my investigation, it seems that the server with this IP addr= ess is used by the site with the following domain name. [Domain Name] DAIHANREI.COM This domain name site publishes the names and addresses of people living in= Japan. Acts that violate the Japanese Personal Information Protection Law are bein= g carried out. This law is equivalent to the EU General Data Protection Regulation. The “=E5=80=8B=E4=BA=BA=E6=83=85=E5=A0=B1=E4=BF=9D=E8=AD=B7=E5=A7=94=E5=93= =A1=E4=BC=9A=E4=BA=8B=E5=8B=99=E5=B1=80 (Personal Information Protection Co= mmission Secretariat)” described on the following page is the organization = with the second authority after the court that issues improvement orders to= companies that violate the Personal Information Protection Law of Japan. https://daihanrei.com/statement.php Sites with this domain name are exposed through Cloudflare and cannot be ex= amined by the DIG command. However, since it can be inferred that it is a related site of the domain n= ame “HASANNEWS.ORG” that I reported abuse the other day, I suspected that i= t was stored on the same server. As a result, I received the same data fro= m the server with the above IP address. Evidence materials using the curl command is attached for this email. As “F= ile3” … “File6” is anxious about email size, please obtain a PDF file fro= m the page of the following URLs. http://miwa850125.starfree.jp/daihanrei_com/ “File2” is data and the communications record that I received from the serv= er of the IP address mentioned above. The thing which is equivalent when I = access it by a browser is “File1”. Both documents have a communications rec= ord to the second page. The server connected in “File1” is as follows: Info: Connected to daihanrei.com (172.67.170.96) port 443 (#0) The server connected in “File2” is as follows: Info: Connected to daihanrei.com (小鸡IP) port 443 (#0) The connected servers are different, but the data received is not different= . Other than robots.txt received data in the same way, too. “File3” and “File4” are the data of the top page. “File3” was received from= Cloudflare, and “File4” was received from the server with the above IP add= ress. In this case as well, the connected servers are different, but the da= ta received is not different. “File5” and “File6” are the pages of the URL that they introduced at the to= p. “File5” was received from Cloudflare, and “File6” was received from the = server with the above IP address. In this case as well, the connected serve= rs are different, but the data received is not different. From the above, it is expected that the server with the above IP address is= being used. If the site with this domain name uses the server with the IP = address shown above, please cancel the server contract. Best regards. SHIRASAKI, Miwa (Ms.)
甘肃省网友说:是的,她是这个意思,但是怎么做到的呢?
邮件原文看楼下。
湖北省网友说:没遇到过,帮顶一下
