2019/07/13 ハニーポット(仮) 観測記録 - コンニチハレバレトシタアオゾラ

ハニーポット(仮) 観測記録 2019/07/13分です。

APでは
Struts2の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
を確認しました。

USでは
ThinkPHPの脆弱性を狙うアクセス
を確認しました。

EUでは
ThinkPHPの脆弱性を狙うアクセス
を確認しました。

AP：総アクセス数：31 (前日比：-32)
US：総アクセス数：17 (前日比：+4)
EU：総アクセス数：40 (前日比：+20)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

送信元IPアドレス一覧

UserAgent一覧

件数	UserAgent
10	-
3	Go-http-client/1.1
3	Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
2	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
3	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)

リクエスト内容一覧

件数	Method	Request	Protocol
3	GET	/dana-na/jam/querymanifest.cgi?component=preConfiguration	HTTP/1.1
5	GET	http://110[.]249[.]212[.]46/testget?q=23333&port=80	HTTP/1.1
1	GET	http://169[.]254[.]169[.]254/latest/meta-data	HTTP/1.1
1	GET	/index.action	HTTP/1.1
1	GET	/index.do	HTTP/1.1
4	GET	/index_web1.php	HTTP/1.1
2	GET	/manager/html	HTTP/1.1
1	GET	/struts2-rest-showcase/orders.xhtml	HTTP/1.1
3	GET	/TP/index.php	HTTP/1.1
3	GET	/TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
3	GET	/TP/public/index.php	HTTP/1.1
3	POST	/TP/index.php?s=captcha	HTTP/1.1
1	SSH-2.0-libssh2_1.7.0

送信元IPアドレス一覧

UserAgent一覧

件数	UserAgent
5	-
1	Go-http-client/1.1
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)

リクエスト内容一覧

件数	Method	Request	Protocol
1	-
1	GET	/dana-na/jam/querymanifest.cgi?component=preConfiguration	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
3	GET	http://110[.]249[.]212[.]46/testget?q=23333&port=80	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=/index/	hink
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	POST	/index.php?s=captcha	HTTP/1.1

送信元IPアドレス一覧

UserAgent一覧

件数	UserAgent
13	-
2	Go-http-client/1.1
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
1	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
4	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36
1	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
18	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)

リクエスト内容一覧

件数	Method	Request	Protocol
1	GET	/7c372c06d457728e3fbe490e19de1b48.php	HTTP/1.1
1	GET	/ACE52D6F73CB607976B5645C0A441534.php	HTTP/1.1
1	GET	/dana-na/jam/querymanifest.cgi?component=preConfiguration	HTTP/1.1
2	GET	/elrekt.php	HTTP/1.1
2	GET	/html/public/index.php	HTTP/1.1
11	GET	http://110[.]249[.]212[.]46/testget?q=23333&port=80	HTTP/1.1
1	GET	http://169[.]254[.]169[.]254/latest/meta-data	HTTP/1.1
2	GET	/index.php	HTTP/1.1
2	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
1	GET	/index_web1.php	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/phpmyadmin/index.php	HTTP/1.1
1	GET	/phpMyAdmin/index.php	HTTP/1.1
2	GET	/public/index.php	HTTP/1.1
2	GET	/thinkphp/html/public/index.php	HTTP/1.1
2	GET	/TP/html/public/index.php	HTTP/1.1
2	GET	/TP/index.php	HTTP/1.1
2	GET	/TP/public/index.php	HTTP/1.1
1	HEAD	/robots.txt	HTTP/1.0
2	POST	/index.php?s=captcha	HTTP/1.1