cNotes 検索 一覧 カテゴリ

最近のアクセスログ - phpMyAdminへの攻撃

Published: 2011/12/28

12月に入ってからのやられサーバーのhttp accessログ。

phpMyAdminへの攻撃が大量です。

関連:phpMyAdminへの攻撃

アクセスしようとしている先のバリエーションがかなりたくさんあります。

ブルートフォース的な感じで。

過去の成功例とかがフィードバックされてるんでしょうか?

気をつけましょう。

 //MyAdmin/
 //PMA/
 //admin/
 //admin/index.php
 //admin/phpmyadmin/index.php
 //admin/pma/index.php
 //db/index.php
 //dbadmin/
 //dbadmin/index.php
 //myadmin/
 //myadmin/index.php
 //mysql/index.php
 //mysqladmin/index.php
 //php-my-admin/index.php
 //phpMyAdmin-2.2.3/index.php
 //phpMyAdmin-2.2.6/index.php
 //phpMyAdmin-2.5.1/index.php
 //phpMyAdmin-2.5.4/index.php
 //phpMyAdmin-2.5.5-pl1/index.php
 //phpMyAdmin-2.5.5-rc1/index.php
 //phpMyAdmin-2.5.5-rc2/index.php
 //phpMyAdmin-2.5.5/index.php
 //phpMyAdmin-2.5.6-rc1/index.php
 //phpMyAdmin-2.5.6-rc2/index.php
 //phpMyAdmin-2.5.6/index.php
 //phpMyAdmin-2.5.7-pl1/index.php
 //phpMyAdmin-2.5.7/index.php
 //phpMyAdmin-2/index.php
 //phpMyAdmin/
 //phpMyAdmin/index.php
 //phpadmin/index.php
 //phpmyadmin/
 //phpmyadmin/index.php
 //phpmyadmin1/index.php
 //phpmyadmin2/index.php
 //phppgadmin/
 //pma/
 //pma/index.php
 //typo3/phpmyadmin/index.php
 //web/index.php
 //web/phpMyAdmin/index.php
 //websql/index.php
 //xampp/phpmyadmin/index.php
 /MyAdmin/scripts/setup.php
 /PMA2005/scripts/setup.php
 /admin/phpmyadmin/scripts/setup.php
 /admin/pma/scripts/setup.php
 /admin/scripts/setup.php
 /db/scripts/setup.php
 /dbadmin/scripts/setup.php
 /myadmin/scripts/setup.php
 /mysql-admin/scripts/setup.php
 /mysql/scripts/setup.php
 /mysqladmin/scripts/setup.php
 /mysqlmanager/scripts/setup.php
 /p/m/a/scripts/setup.php
 /php-my-admin/scripts/setup.php
 /php-myadmin/scripts/setup.php
 /phpMyAdmin-2.2.3/scripts/setup.php
 /phpMyAdmin-2.2.6/scripts/setup.php
 /phpMyAdmin-2.5.1/scripts/setup.php
 /phpMyAdmin-2.5.4/scripts/setup.php
 /phpMyAdmin-2.5.5-pl1/scripts/setup.php
 /phpMyAdmin-2.5.5-rc1/scripts/setup.php
 /phpMyAdmin-2.5.5-rc2/scripts/setup.php
 /phpMyAdmin-2.5.5/scripts/setup.php
 /phpMyAdmin-2.5.6-rc1/scripts/setup.php
 /phpMyAdmin-2.5.6-rc2/scripts/setup.php
 /phpMyAdmin-2.5.6/scripts/setup.php
 /phpMyAdmin-2.5.7-pl1/scripts/setup.php
 /phpMyAdmin-2.5.7/scripts/setup.php
 /phpMyAdmin-2.6.0-alpha/scripts/setup.php
 /phpMyAdmin-2.6.0-alpha2/scripts/setup.php
 /phpMyAdmin-2.6.0-beta1/scripts/setup.php
 /phpMyAdmin-2.6.0-beta2/scripts/setup.php
 /phpMyAdmin-2.6.0-pl1/scripts/setup.php
 /phpMyAdmin-2.6.0-pl2/scripts/setup.php
 /phpMyAdmin-2.6.0-pl3/scripts/setup.php
 /phpMyAdmin-2.6.0-rc1/scripts/setup.php
 /phpMyAdmin-2.6.0-rc2/scripts/setup.php
 /phpMyAdmin-2.6.0-rc3/scripts/setup.php
 /phpMyAdmin-2.6.0/scripts/setup.php
 /phpMyAdmin-2.6.1-pl1/scripts/setup.php
 /phpMyAdmin-2.6.1-pl2/scripts/setup.php
 /phpMyAdmin-2.6.1-pl3/scripts/setup.php
 /phpMyAdmin-2.6.1-rc1/scripts/setup.php
 /phpMyAdmin-2.6.1-rc2/scripts/setup.php
 /phpMyAdmin-2.6.2-beta1/scripts/setup.php
 /phpMyAdmin-2.6.2-pl1/scripts/setup.php
 /phpMyAdmin-2.6.2-rc1/scripts/setup.php
 /phpMyAdmin-2.6.2/scripts/setup.php
 /phpMyAdmin-2.6.3-pl1/scripts/setup.php
 /phpMyAdmin-2.6.3-rc1/scripts/setup.php
 /phpMyAdmin-2.6.3/scripts/setup.php
 /phpMyAdmin-2.6.4-pl1/scripts/setup.php
 /phpMyAdmin-2.6.4-pl2/scripts/setup.php
 /phpMyAdmin-2.6.4-pl4/scripts/setup.php
 /phpMyAdmin-2.6.4-rc1/scripts/setup.php
 /phpMyAdmin-2.6.4/scripts/setup.php
 /phpMyAdmin-2.7.0-beta1/scripts/setup.php
 /phpMyAdmin-2.7.0-pl1/scripts/setup.php
 /phpMyAdmin-2.7.0-pl2/scripts/setup.php
 /phpMyAdmin-2.7.0-rc1/scripts/setup.php
 /phpMyAdmin-2.7.0/scripts/setup.php
 /phpMyAdmin-2.8.0-beta1/scripts/setup.php
 /phpMyAdmin-2.8.0-rc1/scripts/setup.php
 /phpMyAdmin-2.8.0-rc2/scripts/setup.php
 /phpMyAdmin-2.8.0.1/scripts/setup.php
 /phpMyAdmin-2.8.0.2/scripts/setup.php
 /phpMyAdmin-2.8.0.3/scripts/setup.php
 /phpMyAdmin-2.8.0.4/scripts/setup.php
 /phpMyAdmin-2.8.0/scripts/setup.php
 /phpMyAdmin-2.8.1-rc1/scripts/setup.php
 /phpMyAdmin-2.8.1/scripts/setup.php
 /phpMyAdmin-2.8.2/scripts/setup.php
 /phpMyAdmin-2/scripts/setup.php
 /phpMyAdmin/scripts/setup.php
 /phpadmin/scripts/setup.php
 /phpmanager/scripts/setup.php
 /phpmy-admin/scripts/setup.php
 /phpmyadmin/scripts/setup.php
 /phpmyadmin1/scripts/setup.php
 /phpmyadmin2/scripts/setup.php
 /pma/scripts/setup.php
 /pma2005/scripts/setup.php
 /sqlmanager/scripts/setup.php
 /sqlweb/scripts/setup.php
 /typo3/phpmyadmin/scripts/setup.php
 /web/phpMyAdmin/scripts/setup.php
 /web/scripts/setup.php
 /webadmin/scripts/setup.php
 /webdb/scripts/setup.php
 /websql/scripts/setup.php
 /xampp/phpmyadmin/scripts/setup.php

攻撃元はアジアばっかり。

IPnameASAS name
115.146.120.142NONE38732CMCTELECOM-AS-VN_CMC_Telecommunications_Services_CompanyVN
118.144.81.36NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.CN
122.72.11.132NONE9394CRNET_CHINA_RAILWAY_Internet(CRNET)CN
202.100.80.21NONE4134CHINANET-BACKBONE_No.31Jin-rong_StreetCN
203.72.59.6NONE1659ERX-TANET-ASN1_Tiawan_Academic_Network_(TANet)_Information_CenterTW
211.215.17.156NONE9318HANARO-AS_Hanaro_Telecom_Inc.KR
213.150.176.174NONE2609TN-BB-AS_Tunisia_BackBone_ASTN
222.184.79.37NONE4134CHINANET-BACKBONE_No.31Jin-rong_StreetCN
59.108.108.100NONE4847CNIX-AP_China_Networks_Inter-ExchangeCN

[カテゴリ:botnet観察日記]

by jyake