ハニーポット(仮) 観測記録 2019/09/20分です。
特徴
Region:AP
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
zgrabによるスキャン行為
を確認しました。
Region:US
zgrabによるスキャン行為
を確認しました。
Region:EU
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
を確認しました。
他
アクセス数推移
AP:総アクセス数:35 (前日比:+13)
US:総アクセス数:4 (前日比:-1)
EU:総アクセス数:12 (前日比:+9)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 104.155.21.21 | United States |
| 3 | 106.12.8.66 | China |
| 4 | 113.106.211.110 | China |
| 1 | 113.186.197.136 | Vietnam |
| 1 | 122.227.22.228 | China |
| 4 | 124.251.44.162 | China |
| 1 | 14.161.27.79 | Vietnam |
| 1 | 171.67.70.96 | United States |
| 1 | 185.235.244.251 | Russia |
| 1 | 35.189.227.69 | United States |
| 1 | 35.205.154.183 | United States |
| 3 | 39.135.1.164 | China |
| 1 | 46.101.159.120 | Germany |
| 1 | 66.249.71.123 | United States |
| 4 | 71.6.158.166 | United States |
| 5 | 79.249.145.146 | Germany |
| 1 | 85.72.223.163 | Greece |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 9 | - |
| 2 | Go-http-client/1.1 |
| 1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
| 5 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
| 13 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
| 3 | Mozilla/5.0 zgrab/0.x |
| 1 | python-requests/2.10.0 |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 3 | GET | /cm/ | HTTP/1.1 |
| 1 | GET | /favicon.ico | HTTP/1.1 |
| 1 | GET | /login.cgi | HTTP/1.1 |
| 3 | GET | ../../mnt/custom/ProductDefinition | HTTP |
| 1 | GET | /mysql/admin/index.php?lang=en | HTTP/1.1 |
| 1 | GET | /mysql/dbadmin/index.php?lang=en | HTTP/1.1 |
| 1 | GET | /mysql/mysqlmanager/index.php?lang=en | HTTP/1.1 |
| 1 | GET | /mysql/sqlmanager/index.php?lang=en | HTTP/1.1 |
| 1 | GET | /phpmyadmin/ | HTTP/1.1 |
| 1 | GET | /phpmyadmin/index.php?lang=en | HTTP/1.1 |
| 2 | GET | /robots.txt | HTTP/1.1 |
| 1 | GET | /sitemap.xml | HTTP/1.1 |
| 4 | GET | /TP/index.php | HTTP/1.1 |
| 4 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
| 5 | GET | /TP/public/index.php | HTTP/1.1 |
| 1 | GET | /.well-known/security.txt | HTTP/1.1 |
| 1 | HEAD | /test?id=cmd | $ |
| 1 | \n | ||
| 2 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
Region:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 114.115.236.68 | China |
| 1 | 171.67.70.96 | United States |
| 1 | 216.245.217.2 | United States |
| 1 | 35.205.38.81 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 3 | - |
| 1 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - | ||
| 1 | GET | /cm/ | HTTP/1.1 |
| 1 | HEAD | / | HTTP/1.1 |
| 1 | HEAD | /robots.txt | HTTP/1.0 |
Region:EU
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 171.67.70.96 | United States |
| 10 | 183.235.222.44 | China |
| 1 | 35.240.49.63 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 1 | - |
| 1 | Go-http-client/1.1 |
| 9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
| 1 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | GET | /cm/ | HTTP/1.1 |
| 1 | GET | /elrekt.php | HTTP/1.1 |
| 1 | GET | /html/public/index.php | HTTP/1.1 |
| 1 | GET | /index.php | HTTP/1.1 |
| 1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
| 1 | GET | /public/index.php | HTTP/1.1 |
| 1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
| 1 | GET | /TP/html/public/index.php | HTTP/1.1 |
| 1 | GET | /TP/index.php | HTTP/1.1 |
| 1 | GET | /TP/public/index.php | HTTP/1.1 |
| 1 | \n | ||
| 1 | POST | /index.php?s=captcha | HTTP/1.1 |
