1. Problem description
- Analyze the web logs to find the login password. (The content of the log part is as follows)
192.168.23.1 - - [01/Oct/2021:11:28:10 + 0800] "GET /vulnerabilities/brute/?username=admin &password=123456 &Login=Login HTTP/1.1" 200 4237 "http://192.168.23.1/vulnerabilities/brute/?username=admin & amp; password=1111 & amp; Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko /20100101 Firefox/92.0" 192.168.23.1 - - [01/Oct/2021:11:28:10 + 0800] "GET /vulnerabilities/brute/?username=admin &password=584521 &Login=Login HTTP/1.1" 200 4237" http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:10 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=45189946 & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:10 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=hackersb & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:10 + 0800] "GET /vulnerabilities/brute/?username=admin &password=sb360 &Login=Login HTTP/1.1" 200 4237" http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin &password=360sb &Login=Login HTTP/1.1" 200 4237" http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=yushiwuzheng & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp;password=wuzheng & amp;Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=spider & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=angel & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=4ngel & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=yyswxws & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=lcx & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=nc & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=hackqingshu & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp;password=qingshu & amp;Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp;password=qingshu$ & amp;Login=Login HTTP/1.1" 200 4237 "http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=sz & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0" 192.168.23.1 - - [01/Oct/2021:11:28:11 + 0800] "GET /vulnerabilities/brute/?username=admin & amp; password=sunzi & amp; Login=Login HTTP/1.1" 200 4237 " http://192.168.23.1/vulnerabilities/brute/?username=admin & amp;password=1111 & amp;Login=Login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox /92.0"
2. Analysis process
Find relevant information on the Internet, analyze the format of Web log records and find methods for errors.
Query information:
method:
1. First import the data into excel
Then look for the one whose datagram length is different in the eighth column.
username=admin & password=kkdy8897665