ハニーポット(仮) 観測記録 2019/10/01分です。
特徴
Region:AP
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuによるスキャン行為
を確認しました。
Region:US
phpMyAdminに対するスキャン行為
ZmEuによるスキャン行為
を確認しました。
Region:EU
ThinkPHPの脆弱性を狙うアクセス
を確認しました。
他
アクセス数推移
AP:総アクセス数:36 (前日比:+24)
US:総アクセス数:10 (前日比:-8)
EU:総アクセス数:22 (前日比:-151)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 109.128.59.201 | Belgium |
1 | 109.254.130.82 | Ukraine |
4 | 113.106.211.110 | China |
1 | 212.36.28.203 | Bulgaria |
13 | 221.126.40.214 | Hong Kong |
12 | 23.96.127.81 | United States |
1 | 37.193.131.206 | Russia |
1 | 54.36.148.139 | France |
1 | 80.15.206.87 | France |
1 | 89.248.174.216 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
1 | - |
1 | Go-http-client/1.1 |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) |
4 | Mozilla/5.0 |
1 | Mozilla/5.0 (compatible; AhrefsBot/6.1; +http://ahrefs.com/robot/) |
3 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
13 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:69.0) Gecko/20100101 Firefox/69.0 |
12 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | GET | /adminer.php | HTTP/1.1 |
1 | GET | ../../etc/passwd | HTTP/1.1 |
2 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
4 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
2 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
12 | HEAD | /category/1 | HTTP/1.1 |
1 | HEAD | / | HTTP/1.1 |
1 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
Region:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 103.70.159.27 | India |
1 | 172.104.242.173 | United States |
6 | 58.210.85.22 | China |
1 | 81.161.213.252 | Russia |
1 | 89.248.174.216 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
2 | - |
2 | Mozilla/5.0 |
6 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | ../../etc/passwd | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
2 | GET | /shell?busybox | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
Region:EU
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
10 | 106.13.85.197 | China |
3 | 123.206.176.235 | China |
1 | 172.104.242.173 | United States |
1 | 212.109.39.180 | Ukraine |
2 | 36.112.138.185 | China |
4 | 71.6.199.23 | United States |
1 | 89.248.174.216 | Netherlands |
UserAgent一覧
件数 | UserAgent |
---|---|
5 | - |
1 | Go-http-client/1.1 |
1 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) |
14 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
1 | python-requests/2.19.1 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /adminer.php | HTTP/1.1 |
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | ../../etc/passwd | HTTP/1.1 |
1 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
1 | GET | /sitemap.xml | HTTP/1.1 |
2 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
3 | GET | /TP/index.php | HTTP/1.1 |
3 | GET | /TP/public/index.php | HTTP/1.1 |
1 | GET | /.well-known/security.txt | HTTP/1.1 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |