【BugBounty】 2019年6月7日活動日記【Honeypot】

f:id:NickShadows:20190607232259j:plain

※hackerone経由で公式にwebの調査をしています。

バグバウンティ
ハニーポット
気になったニュースなど

バグバウンティ

やろうとしたこと

実践
グループ運用

やったこと

グループ運用

1.グループ運用

需要がありそうなので、「バグバウンティの始め方の始め方」を作りました。
というか、グループの参加人数の半分くらいが「バグバウンティの始め方がわからない」方でした。

まぁ、身近じゃないですよね。バグバウンティ。

www.nicksecuritylog.com

次やりたいこと

実践

ハニーポット

トップ画面

f:id:NickShadows:20190607232757p:plain:w600

直近1ヶ月折れ線グラフ

f:id:NickShadows:20190607232828p:plain:w600

GETリクエスト

no	uri	Co
1	/	63
2	/wp-login.php	56
3	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=wordpres	3
4	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=aa123456	3
5	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=music	3
6	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=a123456	3
7	///?author=1	2
8	/manager/html	2
9	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=abc123	2
10	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qnap	2
11	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=rootadmin	2
12	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qwe	2
13	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123123	2
14	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12qwaszx	2
15	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=host	2
16	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=databases	2
17	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=donald	2
18	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2016	2
19	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=xampp	2
20	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=user	2
21	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=whatever	2
22	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor123	2
23	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password1	2
24	/phpmyadmin/index.php?lang=en&pma_username=money&pma_password=money	2
25	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=web	2
26	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=queen	2
27	/wp-json/wp/v2/users/	2
28	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backup	2
29	/phpmyadmin/index.php?lang=en&pma_username=shopdb&pma_password=shopdb	2
30	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=passw0rd	2
31	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123qweasdzxc	2
32	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=usa	2
33	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=freedom	2
34	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=onetwothree	2
35	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=mysql	2
36	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=solo	2
37	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=master	2
38	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test	2
39	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345678	2
40	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=charlie	2
41	///wp-json/wp/v2/users/	2
42	/phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=password	2
43	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=111111	2
44	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=4321	2
45	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=developer	2
46	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password	2
47	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass1234	2
48	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2018	2
49	/phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=root	2
50	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=shop	2
51	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=654321	1
52	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trustno1	1
53	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=confidential	1
54	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=database	1
55	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=hello	1
56	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=666666	1
57	/phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=pass	1
58	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupdbs	1
59	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qwerty	1
60	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=gameserver	1
61	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2020	1
62	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=qazwsx	1
63	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=princess	1
64	/phpmyadmin/index.php?lang=en&pma_username=nginx&pma_password=nginx	1
65	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acces	1
66	/phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=wordpress	1
67	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=12345	1
68	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=acceso	1
69	/phpmyadmin/index.php?lang=en&pma_username=popa3d&pma_password=popa3d	1
70	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=backupserver	1
71	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=letmein	1
72	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567890	1
73	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=123456789	1
74	/phpmyadmin/index.php?lang=en	1
75	/mysql/dbadmin/index.php?lang=en	1
76	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234	1
77	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=1234567	1
78	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=test123	1
79	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2010	1
80	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=administrator	1
81	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webs	1
82	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2019	1
83	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blog	1
84	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=crypto	1
85	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=bitcoin	1
86	/phpmyadmin/index.php?lang=en&pma_username=db&pma_password=db	1
87	/phpmyadmin/index.php?lang=en&pma_username=wp&pma_password=wp	1
88	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2013	1
89	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=webadmin	1
90	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dbs	1
91	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=321	1
92	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=2012	1
93	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=trump	1
94	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=password2019	1
95	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor	1
96	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=oracle	1
97	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=p455w0rd	1
98	/proxyjudge.php	1
99	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=michael	1
100	/phpmyadmin/index.php?lang=en&pma_username=apache&pma_password=apache	1
101	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=blogs	1
102	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=	1
103	/mysql/sqlmanager/index.php?lang=en	1
104	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=root	1
105	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=sunshine	1
106	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=secure	1
107	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=linux	1
108	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=welcome	1
109	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=db	1
110	/phpmyadmin/index.php?lang=en&pma_username=dbs&pma_password=dbs	1
111	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=Password1	1
112	/phpmyadmin/index.php?lang=en&pma_username=pma&pma_password=pma	1
113	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=users	1
114	/mysql/admin/index.php?lang=en	1
115	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=admin123	1
116	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass123	1
117	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=monkey	1
118	/phpmyadmin/index.php?lang=en&pma_username=http&pma_password=http	1
119	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=toor321	1
120	/phpmyadmin/index.php?lang=en&pma_username=admin&pma_password=123	1
121	/phpmyadmin/index.php?lang=en&pma_username=sql&pma_password=sql	1
122	/phpmyadmin/index.php?lang=en&pma_username=wordpress&pma_password=pass	1
123	/mysql/mysqlmanager/index.php?lang=en	1
124	/phpmyadmin/index.php?lang=en&pma_username=shop&pma_password=shop	1
125	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=pass2018	1
126	/phpmyadmin/index.php?lang=en&pma_username=joomla&pma_password=joomla	1
127	/phpmyadmin/index.php?lang=en&pma_username=root&pma_password=dragon	1

POSTリクエスト

※パラメータが多いため省略。wordpressです。

pypmyadminユーザー

no	user	Co
1	root	140
2	admin	4
3	wordpress	4
4	shopdb	2
5	money	2
6	pma	1
7	nginx	1
8	sql	1
9	shop	1
10	apache	1
11	popa3d	1
12	dbs	1
13	http	1
14	db	1
15	wp	1
16	joomla	1

pypmyadminパスワード

※ちょこまか大量にあるので割愛

wordpressユーザー

no	user	Co
1		53

wordpressパスワード

no	pwd	Co
1	admin@123	3
2	admin123	3
3	password	3
4	pass	3
5	123456	3
6	Admin	3
7	adminadmin	3
8	12345678	3
9	12345	3
10	123456789	3
11	Admin123	2
12	123	2
13	admin	2
14	@123	2
15	[Login]	2
16	Admin@123	2
17	onlinedocumentsite	2
18	1234	1
19	admin1234	1
20	admim	1
21	@1234	1
22	admin@1234	1
23	mars	1
24	hello	1
25	[Login]123	1
26	[Login]@123	1

tomcatユーザー

no	user	Co
1		2

tomcatパスワード

no	pwd	Co
1		2

直近24時間新着アクセス

なし

まとめ

落ち着きました。

気になったニュースなど

0verpwnさんのXSSペイロードが更新されました。1万超えってすごいですね。

Update: Added 3710 more XSS Payloads, now contains 12710 XSS Payloads, I believe this is the largest collection of XSS payloads available anywhere, Please correct me if I'm wrong! :) https://t.co/lIsM2y2NWt #BugBounty #BugBountyTips
— 0verpwn (@0verpwn) 2019年6月6日