安全问题,我最近装了app后发现被盗号,把日志发上来大侠们帮看看

guogu · 发表于 2014-2-9 17:49:19

本帖最后由 guogu 于 2014-2-9 18:15 编辑

211.148.131.69 - - [09/Feb/2014:14:35:01 +0800] "GET /api/mobile/index.php?charset=utf-8&version=3&mobile=no&module=check HTTP/1.1" 200 393 "-" "Dalvik/1.6.0 (Linux; U; Android 4.2.2; sdk Build/JB_MR1.1)"
211.148.131.69 - - [09/Feb/2014:14:35:02 +0800] "GET /api/mobile/index.php?charset=utf-8&version=3&secversion=3&mobile=no&debug=1&type=login&module=secure HTTP/1.1" 200 44 "-" "Dalvik/1.6.0 (Linux; U; Android 4.2.2; sdk Build/JB_MR1.1)"
211.148.131.69 - - [09/Feb/2014:14:35:02 +0800] "GET /member.php?mod=logging&action=login&infloat=yes&handlekey=login HTTP/1.1" 200 13484 "

http://www.地址隐藏.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like G
ecko) Chrome/28.0.1500.95 Safari/537.36"
211.148.131.69 - - [09/Feb/2014:15:01:30 +0800] "GET /api/mobile/index.php?charset=utf-8&version=3&mobile=no&module=check HTTP/1.1" 200 393 "-" "Dalvik/1.6.0 (Linux; U; Android 4.2.2; sdk Build/JB_MR1.1)"
211.148.131.69 - - [09/Feb/2014:15:01:30 +0800] "GET /api/mobile/index.php?charset=utf-8&version=3&secversion=3&mobile=no&debug=1&type=login&module=secure HTTP/1.1" 200 44 "-" "Dalvik/1.6.0 (Linux; U; Android 4.2.2; sdk Build/JB_MR1.1)"
211.148.131.69 - - [09/Feb/2014:15:01:31 +0800] "GET /member.php?mod=logging&action=login&infloat=yes&handlekey=login HTTP/1.1" 200 13484 "

http://www.地址隐藏.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like G
ecko) Chrome/28.0.1500.95 Safari/537.36"

从日志这里看
1、他用了浏览器伪装插件
2、他用了手机api
3、他成功登录了别人的账号
然后这2天看这个ip上了90多个账号,所有上的账号都是手机端开始在进桌面端的

		自动登录	找回密码
密码			立即注册

[BUG] 安全问题,我最近装了app后发现被盗号,把日志发上来大侠们帮看看