Nick Security Log

securityを始めとしたNickのブログです

【BugBounty】 2019年6月7日 活動日記【Honeypot】

日記

f:id:NickShadows:20190607232259j:plain

※hackerone経由で公式にwebの調査をしています。

バグバウンティ

やろうとしたこと

  1. 実践
  2. グループ運用

やったこと

  1. グループ運用

1.グループ運用

需要がありそうなので、「バグバウンティの始め方の始め方」を作りました。
というか、グループの参加人数の半分くらいが「バグバウンティの始め方がわからない」方でした。


まぁ、身近じゃないですよね。バグバウンティ。

www.nicksecuritylog.com



次やりたいこと

  1. 実践

ハニーポット

トップ画面

f:id:NickShadows:20190607232757p:plain:w600


直近1ヶ月折れ線グラフ

f:id:NickShadows:20190607232828p:plain:w600


GETリクエスト

no uri Co
1 / 63
2 /wp-login.php 56
3 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=wordpres 3
4 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=aa123456 3
5 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=music 3
6 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=a123456 3
7 ///?author=1 2
8 /manager/html 2
9 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=abc123 2
10 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qnap 2
11 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=rootadmin 2
12 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qwe 2
13 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123123 2
14 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12qwaszx 2
15 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=host 2
16 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=databases 2
17 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=donald 2
18 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2016 2
19 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=xampp 2
20 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=user 2
21 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=whatever 2
22 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor123 2
23 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password1 2
24 /phpmyadmin/index.php?lang=en&pma_username=money&pma_password=money 2
25 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=web 2
26 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=queen 2
27 /wp-json/wp/v2/users/ 2
28 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backup 2
29 /phpmyadmin/index.php?lang=en&pma_username=shopdb&pma_password=shopdb 2
30 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=passw0rd 2
31 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qweasdzxc 2
32 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=usa 2
33 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=freedom 2
34 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=onetwothree 2
35 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=mysql 2
36 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=solo 2
37 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=master 2
38 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test 2
39 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345678 2
40 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=charlie 2
41 ///wp-json/wp/v2/users/ 2
42 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=password 2
43 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=111111 2
44 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=4321 2
45 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=developer 2
46 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password 2
47 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass1234 2
48 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2018 2
49 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=root 2
50 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=shop 2
51 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=654321 1
52 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trustno1 1
53 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=confidential 1
54 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=database 1
55 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=hello 1
56 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=666666 1
57 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=pass 1
58 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupdbs 1
59 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qwerty 1
60 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=gameserver 1
61 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2020 1
62 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qazwsx 1
63 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=princess 1
64 /phpmyadmin/index.php?lang=en&pma_username=nginx&pma_password=nginx 1
65 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acces 1
66 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=wordpress 1
67 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345 1
68 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acceso 1
69 /phpmyadmin/index.php?lang=en&pma_username=popa3d&pma_password=popa3d 1
70 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupserver 1
71 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=letmein 1
72 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567890 1
73 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123456789 1
74 /phpmyadmin/index.php?lang=en 1
75 /mysql/dbadmin/index.php?lang=en 1
76 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234 1
77 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567 1
78 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test123 1
79 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2010 1
80 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=administrator 1
81 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webs 1
82 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2019 1
83 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blog 1
84 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=crypto 1
85 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=bitcoin 1
86 /phpmyadmin/index.php?lang=en&pma_username=db&pma_password=db 1
87 /phpmyadmin/index.php?lang=en&pma_username=wp&pma_password=wp 1
88 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2013 1
89 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webadmin 1
90 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dbs 1
91 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=321 1
92 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2012 1
93 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trump 1
94 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password2019 1
95 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor 1
96 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=oracle 1
97 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=p455w0rd 1
98 /proxyjudge.php 1
99 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=michael 1
100 /phpmyadmin/index.php?lang=en&pma_username=apache&pma_password=apache 1
101 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blogs 1
102 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password= 1
103 /mysql/sqlmanager/index.php?lang=en 1
104 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root 1
105 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=sunshine 1
106 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=secure 1
107 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=linux 1
108 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=welcome 1
109 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=db 1
110 /phpmyadmin/index.php?lang=en&pma_username=dbs&pma_password=dbs 1
111 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password1 1
112 /phpmyadmin/index.php?lang=en&pma_username=pma&pma_password=pma 1
113 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=users 1
114 /mysql/admin/index.php?lang=en 1
115 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=admin123 1
116 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass123 1
117 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=monkey 1
118 /phpmyadmin/index.php?lang=en&pma_username=http&pma_password=http 1
119 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor321 1
120 /phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=123 1
121 /phpmyadmin/index.php?lang=en&pma_username=sql&pma_password=sql 1
122 /phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=pass 1
123 /mysql/mysqlmanager/index.php?lang=en 1
124 /phpmyadmin/index.php?lang=en&pma_username=shop&pma_password=shop 1
125 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2018 1
126 /phpmyadmin/index.php?lang=en&pma_username=joomla&pma_password=joomla 1
127 /phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dragon 1


POSTリクエスト

※パラメータが多いため省略。wordpressです。


pypmyadminユーザー

no user Co
1 root 140
2 admin 4
3 wordpress 4
4 shopdb 2
5 money 2
6 pma 1
7 nginx 1
8 sql 1
9 shop 1
10 apache 1
11 popa3d 1
12 dbs 1
13 http 1
14 db 1
15 wp 1
16 joomla 1


pypmyadminパスワード

※ちょこまか大量にあるので割愛


wordpressユーザー

no user Co
1 53


wordpressパスワード

no pwd Co
1 admin@123 3
2 admin123 3
3 password 3
4 pass 3
5 123456 3
6 Admin 3
7 adminadmin 3
8 12345678 3
9 12345 3
10 123456789 3
11 Admin123 2
12 123 2
13 admin 2
14 @123 2
15 [Login] 2
16 Admin@123 2
17 onlinedocumentsite 2
18 1234 1
19 admin1234 1
20 admim 1
21 @1234 1
22 admin@1234 1
23 mars 1
24 hello 1
25 [Login]123 1
26 [Login]@123 1


tomcatユーザー

no user Co
1 2


tomcatパスワード

no pwd Co
1 2


直近24時間新着アクセス

なし


まとめ

落ち着きました。

気になったニュースなど

0verpwnさんのXSSペイロードが更新されました。1万超えってすごいですね。