【BugBounty】 2019年6月4日 活動日記【Honeypot】

f:id:NickShadows:20190605221837j:plain

※hackerone経由で公式にwebの調査をしています。

バグバウンティ

やろうとしたこと

  1. 実践
  2. グループ運用

やったこと

  1. グループ運用

1.グループ運用

想像以上のご連絡!!
とても感謝しています!

www.nicksecuritylog.com

言い訳じゃないですが、DMガン見していたらすごい疲れたのでもう寝ます(言い訳)

次やりたいこと

  1. 実践
  2. グループ運用

ハニーポット

トップ画面

f:id:NickShadows:20190605222108p:plain:w600


直近1ヶ月折れ線グラフ

f:id:NickShadows:20190605222143p:plain:w600


GETリクエスト

no uri Co
1 /wp-login.php 296
2 /manager/html 149
3 / 54
4 /?author=1 4
5 /wp-json/wp/v2/users/ 4
6 /wp-includes/wlwmanifest.xml 4
7 /wp-json/oembed/1.0/embed?url=http[:]//onlinedocumentsite.com 3
8 /robots.txt 2
9 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root 1
10 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=letmein 1
11 /HNAP1/ 1
12 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=monkey 1
13 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password= 1
14 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qazwsx 1
15 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345 1
16 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2012 1
17 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2018 1
18 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=freedom 1
19 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=NAS 1
20 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dbs 1
21 /phpmyadmin/index.php?lang=en&pma_username=shopdb&pma_password=shopdb 1
22 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=databases 1
23 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=password 1
24 /phpmyadmin/index.php?lang=en&pma_username=money&pma_password=money 1
25 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=wordpres 1
26 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password 1
27 /pma/scripts/setup.php 1
28 /phpmyadmin/scripts/setup.php 1
29 /phpMyAdmin/scripts/setup.php 1
30 /phpmyadmin/index.php?lang=en 1
31 /myadmin/scripts/setup.php 1
32 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root1234 1
33 /MyAdmin/scripts/setup.php 1
34 /mysql/sqlmanager/index.php?lang=en 1
35 /mysql/admin/index.php?lang=en 1
36 /mysql/dbadmin/index.php?lang=en 1
37 /mysql/mysqlmanager/index.php?lang=en 1
38 /w00tw00t.at.blackhats.romanian.anti-sec:) 1
39 /favicon.ico 1
40 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trustno1 1
41 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=princess 1
42 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor123 1
43 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=football 1
44 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=administrator 1
45 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root123 1
46 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2019 1
47 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password123 1
48 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor 1
49 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=senha 1
50 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=access123 1
51 /phpmyadmin/index.php?lang=en&pma_username=web&pma_password=web 1
52 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=user 1
53 /phpmyadmin/index.php?lang=en&pma_username=ueer&pma_password=pass 1
54 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=bitcoin 1
55 /phpmyadmin/index.php?lang=en&pma_username=popa3d&pma_password=popa3d 1
56 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=pass 1
57 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=web 1
58 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qweasd 1
59 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=oracle 1
60 /index.php?lang=en 1
61 /phpmyadmin/index.php?lang=en&pma_username=sql&pma_password=sql 1
62 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=secure 1
63 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2014 1
64 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=passw0rd 1
65 /phpmyadmin/index.php?lang=en&pma_username=blog&pma_password=blog 1
66 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=crypto 1
67 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=db 1
68 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qwerty 1
69 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=ROOT 1
70 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=blog 1
71 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acces 1
72 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2011 1
73 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567 1
74 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=gameserver 1
75 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=queen 1
76 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass1234 1
77 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=developer 1
78 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=mysql 1
79 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupserver 1
80 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=pass 1
81 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupdb 1
82 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=usa 1
83 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=music 1
84 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2019 1
85 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backup 1
86 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dragon 1
87 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=root 1
88 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567890 1
89 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=master 1
90 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=access 1
91 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webs 1
92 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=host 1
93 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=michael 1
94 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=windows 1
95 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass123 1
96 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=abc123 1
97 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test 1
98 /phpmyadmin/index.php?lang=en&pma_username=http&pma_password=http 1


POSTリクエスト

※多すぎるため省略。すべてwordpress。


pypmyadminユーザー

no user Co
1 root 63
2 wordpress 3
3 admin 2
4 shopdb 1
5 money 1
6 ueer 1
7 web 1
8 sql 1
9 blog 1
10 popa3d 1
11 http 1


pypmyadminパスワード

no pwd Co
1 pass 3
2 blog 2
3 web 2
4 password 2
5 root 2
6 wordpres 1
7 princess 1
8 money 1
9 databases 1
10 shopdb 1
11 dbs 1
12 monkey 1
13 qazwsx 1
14 12345 1
15 2012 1
16 2018 1
17 freedom 1
18 NAS 1
19 letmein 1
20 football 1
21 access123 1
22 trustno1 1
23 passw0rd 1
24 root1234 1
25 administrator 1
26 root123 1
27 pass2019 1
28 password123 1
29 toor 1
30 senha 1
31 user 1
32 toor123 1
33 qwerty 1
34 123qweasd 1
35 oracle 1
36 sql 1
37 secure 1
38 queen 1
39 bitcoin 1
40 db 1
41 pass1234 1
42 ROOT 1
43 acces 1
44 2011 1
45 usa 1
46 gameserver 1
47 2014 1
48 null 1
49 developer 1
50 1234567890 1
51 mysql 1
52 backupserver 1
53 backupdb 1
54 1234567 1
55 pass123 1
56 abc123 1
57 music 1
58 crypto 1
59 2019 1
60 backup 1
61 dragon 1
62 popa3d 1
63 http 1
64 master 1
65 access 1
66 test 1
67 webs 1
68 host 1
69 michael 1
70 windows 1


wordpressユーザー

no user Co
1 admin 1280
2 wadmin 208


wordpressパスワード

no pwd Co
1 Admin!@#$%^ 6
2 admin123456 6
3 admin1234 6
4 onlinedocumentsite!@#$%^ 6
5 admin1 6
6 admin!@#$%^ 6
7 admin321 5
8 admin123 5
9 admin12 5
10 adminadmin 5
11 admin12345 5
12 admin@123 4
13 1234 4
14 1 4
15 admin@1234 4
16 123 4
17 password123 4
18 password1 4
19 12345 4
20 pass123 4
21 admin@321 4
22 1234567890 4
23 qwerty 4
24 password 4
25 admin54321 4
26 111 3
27 asd 3
28 987654321 3
29 admin2014 3
30 admin2015 3
31 159753 3
32 admin123456789 3
33 pass 3
34 test 3
35 admin_123 3
36 admindemo 3
37 admin12345678 3
38 admin 3
39 12 3
40 a 3
41 pass@123 3
42 123456 3
43 admin654321 3
44 123321 3
45 pass12345 3
46 121212 3
47 112233 3
48 pass1234 3
49 1q2w3e 3
50 102030 3
51 admin1234567890 3
52 admin1234567 3
53 1qaz2wsx 3
54 zxcvbnm 3
55 654321 3
56 joomla 3
57 qwerty123 3
58 q1w2e3 3
59 qazwsx 3
60 admin! 3
61 12345678 3
62 abc123 3
63 12qwaszx 3
64 1qazxsw2 3
65 1234567 3
66 password1234 3
67 admin888 3
68 asdf 3
69 administrator 3
70 password12345 3
71 adminadmin123 3
72 adminadminadmin 3
73 admin007 3
74 admin!@# 3
75 adminpass 3
76 admin01 3
77 admin!@ 3
78 demo123 3
79 90909 2
80 0 2
81 teste 2
82 test1 2
83 nimda 2
84 maker 2
85 hello 2
86 guest 2
87 123123123 2
88 @dm1n 2
89 4dm1n 2
90 111111 2
91 123123 2
92 123450 2
93 123654 2
94 abcd1234 2
95 p@$$w0rd 2
96 p4ssw0rd 2
97 opencart 2
98 logitech 2
99 hello123 2
100 haha1234 2

※トップ100を抜粋


tomcatユーザー

no user Co
1 admin 49
2 tomcat 49
3 root 49
4 1


tomcatパスワード

no pwd Co
1 123 6
2 masterkey 6
3 admin 6
4 asdfgh 3
5 mypassword 3
6 1234 3
7 666666 3
8 4321 3
9 tomcat 3
10 123456 3
11 7890 3
12 qwerty 3
13 1 3
14 abcd 3
15 qazqaz 3
16 mysql 3
17 sa 3
18 123321 3
19 abc123 3
20 0 3
21 5 3
22 123123 3
23 12345678 3
24 123qwe 3
25 1234567 3
26 1qaz2wsx 3
27 111 3
28 test 3
29 !@#$ 3
30 root 3
31 kdc 3
32 123456789 3
33 admin123 3
34 password 3
35 520 3
36 789 3
37 7654321 3
38 111111 3
39 888 3
40 master 3
41 p@ssw0rd 3
42 78 3
43 pass 3
44 12345 3
45 qazwsx 3
46 1234abcd 3
47 1


直近24時間新着アクセス

なし


まとめ

ピークその2

気になったニュースなど

追えませんでした。。。