【BugBounty】 2019年6月5日 活動日記【Honeypot】

f:id:NickShadows:20190605224650j:plain

※hackerone経由で公式にwebの調査をしています。

バグバウンティ

やろうとしたこと

  1. 実践
  2. グループ運用

やったこと

  1. グループ運用

1.グループ運用

60人超えました。
f:id:NickShadows:20190605224753p:plain



本当に集まって10人くらいだと思っていたので、運用をちゃんと考えなきゃです。
募集時のメッセージを見たり、TLを見たりしている限りまだ取り組んでいない方が多いイメージ。
プラットフォーム登録から、とりあえず使うツールまでまとめたほうが良いんですかね?


Burpのpro購入に関しては、私が非常に困ったのでまとめておこうと思います。
とりあえず、プラットフォームには各自登録はしておいてほしい!

www.nicksecuritylog.com

次やりたいこと

  1. クリックジャッキング、CORS仕組み確認
  2. グループ運用検討

ハニーポット

トップ画面

f:id:NickShadows:20190605225404p:plain:w600


直近1ヶ月折れ線グラフ

f:id:NickShadows:20190605225429p:plain:w600


GETリクエスト

no uri Co
1 / 52
2 /login.do 7
3 /main.asp 5
4 /phpmyadmin/index.php?lang=en 3
5 /mysql/admin/index.php?lang=en 3
6 /mysql/sqlmanager/index.php?lang=en 3
7 /phpmyadmin/index.php?lang=en&pma_username=popa3d&pma_password=popa3d 3
8 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qwerty 3
9 /mysql/mysqlmanager/index.php?lang=en 3
10 /index.php?lang=en 3
11 /mysql/dbadmin/index.php?lang=en 3
12 /phpmyadmin/index.php?lang=en&pma_username=project&pma_password=project 3
13 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password1 3
14 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123123 3
15 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2016 3
16 /phpmyadmin/index.php?lang=en&pma_username=sql&pma_password=sql 3
17 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password 3
18 /phpmyadmin/index.php?lang=en&pma_username=apache&pma_password=apache 3
19 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=files 2
20 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=access123 2
21 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12qwaszx 2
22 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=admin123 2
23 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root123 2
24 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2011 2
25 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password2019 2
26 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2013 2
27 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=monkey 2
28 /phpmyadmin/index.php?lang=en&pma_username=web&pma_password=web 2
29 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123456789 2
30 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567 2
31 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass123 2
32 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=666666 2
33 /robots.txt 2
34 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blog 2
35 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2018 2
36 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor123 2
37 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=database 2
38 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=wordpres 2
39 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password 2
40 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=abc123 2
41 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password123 2
42 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=iloveyou 2
43 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=ROOT 2
44 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=mysql 2
45 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=whatever 2
46 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=usa 2
47 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=rock 2
48 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=letmein 2
49 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=music 2
50 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=users 2
51 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345678 2
52 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=databases 2
53 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2012 2
54 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=football 2
55 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=host 2
56 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=aa123456 1
57 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=pass 1
58 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test123 1
59 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=crypto 1
60 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=senha 1
61 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2019 1
62 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backups 1
63 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=secure 1
64 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dollars 1
65 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=rootadmin 1
66 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=r00t 1
67 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=windows 1
68 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=shop 1
69 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupdbs 1
70 /phpmyadmin/index.php?lang=en&pma_username=joomla&pma_password=joomla 1
71 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor321 1
72 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=admin 1
73 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password1 1
74 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2018 1
75 /phpmyadmin/index.php?lang=en&pma_username=nginx&pma_password=nginx 1
76 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=access 1
77 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=wordpress 1
78 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=pass 1
79 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567890 1
80 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acceso 1
81 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=login 1
82 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2015 1
83 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2017 1
84 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blogs 1
85 /phpmyadmin/index.php?lang=en&pma_username=nas&pma_password=nas 1
86 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=welcome 1
87 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qweasdzxc 1
88 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=oracle 1
89 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=developer 1
90 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=server 1
91 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password2018 1
92 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123456 1
93 /phpmyadmin/index.php?lang=en&pma_username=http&pma_password=http 1
94 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=hello 1
95 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=admin 1
96 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=user 1
97 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root 1
98 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass 1
99 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupdb 1
100 /phpmyadmin/index.php?lang=en&pma_username=blog&pma_password=blog 1
101 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=princess 1
102 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webs 1
103 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass1234 1
104 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qwe 1
105 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=654321 1
106 /phpmyadmin/index.php?lang=en&pma_username=pma&pma_password=pma 1
107 /TP/public/index.php 1
108 /wordpress/ 1
109 /blog/robots.txt 1
110 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=54321 1
111 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trump 1
112 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qweasd 1
113 /xmlrpc.php?rsd 1
114 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=starwars 1
115 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=donald 1
116 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2014 1
117 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=passwords 1
118 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2019 1
119 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=password 1
120 /xxbb 1
121 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test 1
122 /wp-json/wp/v2/users/ 1
123 /phpmyadmin/index.php?lang=en&pma_username=db&pma_password=db 1
124 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=NAS 1
125 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=administrator 1
126 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webadmin 1
127 /wp/ 1
128 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=wordpress 1
129 /blog/ 1
130 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=gameserver 1
131 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=bitcoin 1
132 /wp-includes/wlwmanifest.xml 1
133 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=sunshine 1
134 /?author=1 1
135 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123 1
136 /manager/html 1
137 /admin/connection/ 1
138 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=db 1
139 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345 1
140 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=unix 1
141 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=sqlaccess 1
142 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=123 1
143 /phpmyadmin/index.php?lang=en&pma_username=wp&pma_password=wp 1


POSTリクエスト

※パラメータが多いため省略。wordpressです。


pypmyadminユーザー

no user Co
1 root 147
2 popa3d 3
3 apache 3
4 project 3
5 sql 3
6 admin 3
7 wordpress 3
8 web 2
9 http 1
10 pma 1
11 nginx 1
12 nas 1
13 blog 1
14 wp 1
15 joomla 1
16 db 1


pypmyadminパスワード

no pwd Co
1 password 4
2 2016 3
3 apache 3
4 pass 3
5 popa3d 3
6 123123 3
7 project 3
8 qwerty 3
9 Password1 3
10 sql 3
11 blog 3
12 letmein 2
13 wordpres 2
14 ROOT 2
15 host 2
16 password123 2
17 files 2
18 monkey 2
19 web 2
20 football 2
21 database 2
22 access123 2
23 iloveyou 2
24 usa 2
25 toor123 2
26 2011 2
27 2012 2
28 2018 2
29 pass123 2
30 666666 2
31 db 2
32 whatever 2
33 music 2
34 password2019 2
35 12qwaszx 2
36 users 2
37 databases 2
38 2013 2
39 123456789 2
40 mysql 2
41 123 2
42 abc123 2
43 admin123 2
44 root123 2
45 admin 2
46 rock 2
47 Password 2
48 12345678 2
49 wordpress 2
50 1234567 2
51 shop 1
52 pass2019 1
53 sqlaccess 1
54 login 1
55 unix 1
56 bitcoin 1
57 dollars 1
58 secure 1
59 senha 1
60 donald 1
61 crypto 1
62 test123 1
63 test 1
64 windows 1
65 sunshine 1
66 pma 1
67 nginx 1
68 backupdbs 1
69 1234567890 1
70 blogs 1
71 nas 1
72 oracle 1
73 r00t 1
74 54321 1
75 hello 1
76 developer 1
77 2015 1
78 12345 1
79 root 1
80 backupdb 1
81 passwords 1
82 webs 1
83 2019 1
84 princess 1
85 wp 1
86 2014 1
87 654321 1
88 123456 1
89 server 1
90 123qwe 1
91 pass1234 1
92 webadmin 1
93 administrator 1
94 gameserver 1
95 123qweasd 1
96 welcome 1
97 starwars 1
98 toor321 1
99 trump 1
100 user 1
101 backups 1
102 http 1
103 aa123456 1
104 NAS 1
105 joomla 1
106 password1 1
107 pass2018 1
108 access 1
109 rootadmin 1
110 acceso 1
111 2017 1
112 123qweasdzxc 1
113 password2018 1


wordpressユーザー

アクセスなし


wordpressパスワード

アクセスなし


tomcatユーザー

空ユーザのみ


tomcatパスワード

空パスワードのみ


直近24時間新着アクセス

なし


まとめ

落ち着きました。

気になったニュースなど

追えませんでした。。。