ハニーポット(仮) 観測記録 2019/10/27分です。
特徴
Region:AP
GPONルータの脆弱性(CVE-2018-10561)を狙うアクセス
HiSilicon DVR Devicesの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2019-2725)を狙うアクセス
phpMyAdminに対するスキャン行為
ZmEuによるスキャン行為
を確認しました。
Region:US
Barracudaの脆弱性(CVE-2005-2847)を狙うアクセス
ThinkPHPを探索するアクセス
を確認しました。
Region:EU
ThinkPHPの脆弱性を狙うアクセス
を確認しました。
他
アクセス数推移
AP:総アクセス数:58 (前日比:-13)
US:総アクセス数:10 (前日比:-81)
EU:総アクセス数:11 (前日比:-2)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Region:AP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 104.131.3.165 | United States |
1 | 104.244.74.98 | Luxembourg |
1 | 111.43.223.160 | China |
4 | 112.29.140.227 | China |
1 | 113.128.105.184 | China |
1 | 113.161.37.217 | Vietnam |
4 | 119.3.147.168 | China |
4 | 120.92.12.108 | China |
3 | 121.40.229.42 | China |
1 | 124.90.53.228 | China |
4 | 144.217.95.3 | Canada |
13 | 153.126.205.162 | Japan |
1 | 167.99.168.27 | United States |
2 | 197.232.1.182 | Kenya |
1 | 221.11.20.168 | China |
1 | 221.152.194.158 | South Korea |
1 | 5.26.65.121 | Turkey |
1 | 5.26.65.122 | Turkey |
1 | 61.219.11.153 | Taiwan |
5 | 66.183.18.219 | Canada |
1 | 66.249.71.121 | United States |
5 | 77.43.143.84 | Russia |
1 | 78.186.162.53 | Turkey |
UserAgent一覧
件数 | UserAgent |
---|---|
7 | - |
1 | ApiTool |
4 | Go-http-client/1.1 |
1 | Hello, World |
1 | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
2 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) |
1 | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
15 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0 |
12 | ZmEu |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | HTTP/1.1 | |
1 | GET | login.cgi | HTTP/1.0 |
3 | GET | /login.html | HTTP/1.1 |
2 | GET | /manager/html | HTTP/1.1 |
1 | GET | ../../mnt/custom/ProductDefinition | HTTP |
2 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /mysql/admin/index.php?lang=en | HTTP/1.1 |
2 | GET | /mysql/dbadmin/index.php?lang=en | HTTP/1.1 |
2 | GET | /mysql/mysqlmanager/index.php?lang=en | HTTP/1.1 |
2 | GET | /mysql/sqlmanager/index.php?lang=en | HTTP/1.1 |
2 | GET | /phpmyadmin/ | HTTP/1.1 |
2 | GET | /phpmyadmin/index.php?lang=en | HTTP/1.1 |
2 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
5 | GET | /TP/index.php | HTTP/1.1 |
5 | GET | /TP/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
5 | GET | /TP/public/index.php | HTTP/1.1 |
2 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
2 | GET | /wp-login.php | HTTP/1.1 |
1 | POST | /_async/AsyncResponseService | HTTP/1.1 |
1 | POST | /editBlackAndWhiteList | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
4 | POST | /TP/index.php?s=captcha | HTTP/1.1 |
Region:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
7 | 112.29.140.220 | China |
2 | 208.97.138.83 | United States |
1 | 61.219.11.153 | Taiwan |
UserAgent一覧
件数 | UserAgent |
---|---|
3 | - |
7 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
2 | GET | /cgi-bin/img.pl | HTTP/1.1 |
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
Region:EU
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
10 | 112.29.140.213 | China |
1 | 61.219.11.153 | Taiwan |
UserAgent一覧
件数 | UserAgent |
---|---|
1 | - |
1 | Go-http-client/1.1 |
9 | Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6) |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | GET | /elrekt.php | HTTP/1.1 |
1 | GET | /html/public/index.php | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 | HTTP/1.1 |
1 | GET | /public/index.php | HTTP/1.1 |
1 | GET | /thinkphp/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/html/public/index.php | HTTP/1.1 |
1 | GET | /TP/index.php | HTTP/1.1 |
1 | GET | /TP/public/index.php | HTTP/1.1 |
1 | POST | /index.php?s=captcha | HTTP/1.1 |