【ハニーポット簡易分析】Honeypot簡易分析(382-392日目:8/7-9/17)
最近、なかなか更新できていないorz 反省しつつ、ハニーポットの簡易分析となります。
◾️Honeytrap
※80ポートは除く
<国別検知数および検知数>
209[.]58.143.46 からのポートスキャンがあり、9/11の検知数が増加していました。
https://www.abuseipdb.com/check/209.58.143.46
<ポート検知数>
|
ポート番号
|
サービス | 件数 |
| 3389 | rdp | 34223 |
| 21 | ftp | 33016 |
| 445 | smb | 30996 |
| 23 | telnet | 13763 |
| 1433 | ms-sql-s | 2848 |
| 5900 | vnc | 2163 |
| 2323 | telnet | 1658 |
| 81 | hosts2-ns | 1583 |
| 25 | smtp | 780 |
| 37777 | Unknown | 650 |
<新規マルウェアダウンロード>
| malware_url | VT_Link | Status_code | SHA1 | total | positives | scans |
| hxxp://35[.]195[.]111[.]236/zehir/z3hir[.]mips | https://www.virustotal.com/file/40ecaec792a18e4c85630ff7bd1b1312b0cde47edd816593910bde478045eada/analysis/1568723291/ | 200 | 6c846e2fe0ecb6ccf1598480fd2d1e9bf00d80ba | 57 | 25 | McAfee:GenericRXIA-VD!BA139CAE680F, Symantec:Linux.Mirai, ESET-NOD32:Linux/Mirai.AHI, Avast:Other:Malware-gen [Trj], ClamAV:Unix.Dropper.Mirai-7135899-0, Kaspersky:HEUR:Backdoor.Linux.Mirai.b, NANO-Antivirus:Trojan.Mirai.fzjwmw, F-Secure:Malware.LINUX/Mirai.xdjvu, DrWeb:Linux.Mirai.671, TrendMicro:Trojan.Linux.ZYX.USELVIE19, McAfee-GW-Edition:GenericRXIA-VD!BA139CAE680F, Sophos:Linux/DDoS-CI, Cyren:ELF/Trojan.KAGD-22, Jiangmin:Backdoor.Linux.byly, Avira:LINUX/Mirai.xdjvu, Fortinet:ELF/DDoS.CIA!tr, AegisLab:Trojan.Linux.Mirai.K!c, ZoneAlarm:HEUR:Backdoor.Linux.Mirai.b, Microsoft:Trojan:Win32/Ditertag.A, AhnLab-V3:Linux/Mirai.Gen10, Tencent:Backdoor.Linux.Mirai.wao, Ikarus:Trojan.Linux.Mirai, GData:Linux.Trojan.Agent.KOBW43, AVG:Other:Malware-gen [Trj], Qihoo-360:Win32/Backdoor.6f4 |
| hxxp://pm[.]cpuminerpool[.]com/pm[.]sh | https://www.virustotal.com/file/81de9fc33ab05928f9abca627435b3fa40a3470e01dc435dddae0e7bec640274/analysis/1568621852/ | 200 | cd3af8bc58dc26936a02e1598992dffe586b3475 | 55 | 0 | |
| hxxp://142[.]11[.]199[.]235/mips | https://www.virustotal.com/file/af18cd19287cdf764418b4212cbcd64e5bba8e8632a3990026f6f5c0b54f3fce/analysis/1567916002/ | 200 | 8bc0fcd0b5f456938cf6db535316146359ea02a8 | 56 | 19 | ESET-NOD32:a variant of Linux/Mirai.AEL, TrendMicro-HouseCall:Backdoor.Linux.MIRAI.SMMR1, Avast:ELF:Hajime-R [Trj], ClamAV:Unix.Trojan.Gafgyt-6748839-0, Kaspersky:HEUR:Backdoor.Linux.Mirai.ad, Rising:Backdoor.Mirai/Linux!1.BAF6 (CLASSIC), DrWeb:Linux.Mirai.1443, TrendMicro:Backdoor.Linux.MIRAI.SMMR1, McAfee-GW-Edition:Linux/Mirai-FDXO!249E607F736C, Sophos:Mal/Generic-S, Fortinet:ELF/Mirai.AE!tr, Microsoft:DDoS:Linux/Gafgyt.YA!MTB, ZoneAlarm:HEUR:Backdoor.Linux.Mirai.ad, Avast-Mobile:ELF:Mirai-UM [Trj], AhnLab-V3:Linux/Exploit.Gen2, McAfee:Linux/Mirai-FDXO!249E607F736C, Tencent:Backdoor.Linux.Mirai.wao, GData:Linux.Trojan.Mirai.E, AVG:ELF:Hajime-R [Trj] |
| hxxp://185[.]86[.]78[.]254 | https://www.virustotal.com/file/90ceefbef34000dd6f6dfe590ff30001865668512662a732de9f6aaccec1d273/analysis/1568815382/ | 200 | 9bb70338bfcfbfc354b04b95b4d42e72efb63297 | 58 | 0 | |
| hxxp://31[.]13[.]195[.]109/jaws[.]sh | https://www.virustotal.com/url/bdd12fe0171ecb51d25443c0c09f183b134a8271022b7e9651866e9742eca0c6/analysis/1568526339/ | 404 | ||||
| hxxp://45[.]35[.]0[.]213 | https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1568816313/ | 200 | da39a3ee5e6b4b0d3255bfef95601890afd80709 | 56 | 0 | |
| hxxp://185[.]244[.]25[.]122/a-r[.]m-6[.]SNOOPY | https://www.virustotal.com/file/43202079638f62e3b80fbdd42f608dd4e0b68f18c98a89c61d9e9fdf3575ffad/analysis/1568792674/ | 200 | bc591b9e9b0f1df836b3e557a3817654aa51e139 | 58 | 34 | MicroWorld-eScan:Gen:Variant.Trojan.Linux.Gafgyt.5, McAfee:GenericRXIP-NL!8970922EC21F, Arcabit:Trojan.Trojan.Linux.Gafgyt.5, Symantec:Trojan.Gen.MBT, ESET-NOD32:a variant of Linux/Gafgyt.ASH, TrendMicro-HouseCall:Backdoor.Linux.BASHLITE.SMJC11, Avast:ELF:DDoS-S [Trj], ClamAV:Unix.Dropper.Mirai-7138865-0, Kaspersky:HEUR:Backdoor.Linux.Gafgyt.a, BitDefender:Gen:Variant.Trojan.Linux.Gafgyt.5, NANO-Antivirus:Trojan.ElfArm32.Gafgyt.fztwsw, Ad-Aware:Gen:Variant.Trojan.Linux.Gafgyt.5, Emsisoft:Gen:Variant.Trojan.Linux.Gafgyt.5 (B), F-Secure:Malware.LINUX/Gafgyt.opnd, DrWeb:Linux.BackDoor.Fgt.209, TrendMicro:Backdoor.Linux.BASHLITE.SMJC11, FireEye:Gen:Variant.Trojan.Linux.Gafgyt.5, Sophos:Mal/Generic-S, Ikarus:Trojan.Linux.Fgt, Jiangmin:Backdoor.Linux.djzk, Avira:LINUX/Gafgyt.opnd, Fortinet:ELF/Gafgyt.WN!tr.bdr, Antiy-AVL:Trojan[Backdoor]/Linux.Gafgyt.a, Microsoft:Backdoor:Linux/DemonBot.YA!MTB, AegisLab:Trojan.Linux.Gafgyt.m!c, AhnLab-V3:Linux/Gafgyt.Gen28, ZoneAlarm:HEUR:Backdoor.Linux.Gafgyt.a, Avast-Mobile:ELF:DDoS-S [Trj], ALYac:Gen:Variant.Trojan.Linux.Gafgyt.5, MAX:malware (ai score=84), Rising:Backdoor.Gafgyt!8.56E (TFE:14:PFj1p252x6V), GData:Gen:Variant.Trojan.Linux.Gafgyt.5, AVG:ELF:DDoS-S [Trj], Qihoo-360:Win32/Backdoor.812 |
| hxxp://50[.]3[.]82[.]135/mips | https://www.virustotal.com/url/67fda5ce9e43f72de70279bf5b7a281867753667281c78444e8e388944800a57/analysis/1568815584/ | Unknown | ||||
| hxxp://188[.]241[.]73[.]110 | https://www.virustotal.com/file/d01984d5f581bbb2100fe65e5c677563a9150fe22edbdf875601d86c63862f3d/analysis/1568618881/ | 200 | 042f495f7f6adefc7b376f9d00f9e64f04cadcee | 50 | 0 | |
| hxxp://78[.]128[.]114[.]66/StableBins/x86 | https://www.virustotal.com/url/b6fb2e40678e3c7905a537f9953c4ff983afa9f30f60e1cee40f7dbabf20f526/analysis/1566352683/ | 404 | ||||
| hxxp://78[.]128[.]114[.]66/StableBins/mips | https://www.virustotal.com/url/f3d207a28100e93d79314f59f6f13d5a9a61feb839f6248bb55de8f8cd2dfbf1/analysis/1566210753/ | 404 | ||||
| hxxp://185[.]35[.]138[.]156/c | https://www.virustotal.com/url/43c2691ddea4cc59176e8bdadf79c46967439412806c4ba3bb143188ba3bd47e/analysis/1568565075/ | Unknown | ||||
| hxxp://185[.]172[.]110[.]237/mipsel | https://www.virustotal.com/file/cf843f69532c837fd02bb55357ea699d9ef59d7bd1ee3356875cc3f07a2a5ea0/analysis/1568815725/ | 200 | 2f1129911c0ff78a1c537ac901cc1c5306ed6d6f | 55 | 28 | MicroWorld-eScan:Gen:Variant.Trojan.Linux.Gafgyt.5, FireEye:Gen:Variant.Trojan.Linux.Gafgyt.5, McAfee:Linux/Mirai.g, ESET-NOD32:a variant of Linux/Mirai.AE, TrendMicro-HouseCall:Backdoor.Linux.BASHLITE.SMJC, Avast:ELF:DDoS-Y [Trj], ClamAV:Unix.Trojan.Gafgyt-6981154-0, Kaspersky:HEUR:Backdoor.Linux.Gafgyt.a, BitDefender:Gen:Variant.Trojan.Linux.Gafgyt.5, Rising:Backdoor.Mirai/Linux!1.BAF6 (CLASSIC), Ad-Aware:Gen:Variant.Trojan.Linux.Gafgyt.5, Sophos:Linux/DDoS-CIA, DrWeb:Linux.Mirai.1667, TrendMicro:Backdoor.Linux.BASHLITE.SMJC, McAfee-GW-Edition:Linux/Mirai.g, Emsisoft:Gen:Variant.Trojan.Linux.Gafgyt.5 (B), Fortinet:ELF/Mirai.BL!tr, Arcabit:Trojan.Trojan.Linux.Gafgyt.5, ZoneAlarm:HEUR:Backdoor.Linux.Gafgyt.a, Avast-Mobile:ELF:DDoS-S [Trj], Microsoft:DDoS:Linux/Gafgyt.YA!MTB, AhnLab-V3:Linux/Mirai.Gen6, ALYac:Gen:Variant.Trojan.Linux.Gafgyt.5, MAX:malware (ai score=88), Tencent:Backdoor.Linux.Gafgyt.ff, Ikarus:Trojan.Linux.Mirai, GData:Linux.Trojan.Gafgyt.A, AVG:ELF:DDoS-Y [Trj] |
| hxxp://anunna[.]club/x | https://www.virustotal.com/url/909fc6bee20704cbabf60e87015c40449ad952472d2bff376a1abffc9a699ec3/analysis/1568526488/ | Unknown | ||||
| hxxp://cb[.]fuckingmy[.]life/download[.]exe | https://www.virustotal.com/file/c4c2c9eb303c7a9bddbcff108376bb1e7cf827e721d1cf1ad8f2012d6235b861/analysis/1568585869/ | 200 | da20b13d4ef7524a7d9c3d6ad881ffca9f133e21 | 70 | 50 | MicroWorld-eScan:Gen:Trojan.Downloader.fmGfa0dhkAoj, FireEye:Generic.mg.6347d64e7a47a9e8, CAT-QuickHeal:Trojan.Mauvaise.SL1, ALYac:Gen:Trojan.Downloader.fmGfa0dhkAoj, K7AntiVirus:Trojan-Downloader ( 0054d9311 ), K7GW:Trojan-Downloader ( 0054d9311 ), Cybereason:malicious.e7a47a, Arcabit:Trojan.Downloader.fmGfa0dhkAoj, Invincea:heuristic, Symantec:ML.Attribute.HighConfidence, APEX:Malicious, Avast:Win32:Dh-A [Heur], ClamAV:Win.Trojan.BlackMoon-7136668-0, Kaspersky:Trojan.Win32.Siscos.wgv, BitDefender:Gen:Trojan.Downloader.fmGfa0dhkAoj, NANO-Antivirus:Trojan.Win32.Siscos.fwvpdc, Tencent:Win32.Trojan.Siscos.Wmix, Ad-Aware:Gen:Trojan.Downloader.fmGfa0dhkAoj, Emsisoft:Gen:Trojan.Downloader.fmGfa0dhkAoj (B), Comodo:Packed.Win32.MUPX.Gen@24tbus, F-Secure:Heuristic.HEUR/AGEN.1014775, DrWeb:Trojan.DownLoader25.10311, TrendMicro:Backdoor.Win32.ZEGOST.SMS, McAfee-GW-Edition:BehavesLike.Win32.Generic.nc, Sophos:Troj/Agent-AWJO, SentinelOne:DFI - Malicious PE, Jiangmin:Trojan.Siscos.mq, eGambit:Trojan.Generic, Avira:HEUR/AGEN.1014775, Fortinet:W32/Kryptik.FHSF!tr, Endgame:malicious (moderate confidence), Microsoft:Trojan:Win32/Wacatac.B!ml, ZoneAlarm:Trojan.Win32.Siscos.wgv, AhnLab-V3:Trojan/Win32.Kryptik.R265106, Acronis:suspicious, McAfee:GenericRXIA-LL!4C5CC101807B, MAX:malware (ai score=89), VBA32:BScope.Backdoor.BlackHole, Cylance:Unsafe, ESET-NOD32:a variant of Win32/TrojanDownloader.Tiny.NQG, TrendMicro-HouseCall:Backdoor.Win32.ZEGOST.SMS, Rising:Backdoor.Zegost!8.177 (TFE:5:GhyWtHWPdCV), Ikarus:Trojan-Ransom.HydraCrypt, MaxSecure:Trojan.Malware.300983.susgen, GData:Win32.Trojan.Agent.WP, Webroot:W32.Trojan.Gen, AVG:Win32:Dh-A [Heur], Panda:Trj/Genetic.gen, CrowdStrike:win/malicious_confidence_100% (D), Qihoo-360:Win32/Trojan.e04 |
| hxxp://switchnets[.]net/unstable | https://www.virustotal.com/url/aacd30e68a31b91742fbe5a9078ae0823f13255018ab65efe39a0e4a6c48f89b/analysis/1568526555/ | Unknown | ||||
| hxxp://89[.]34[.]26[.]190/mips | https://www.virustotal.com/file/1ef8a615c8320fbad1c4da7b88b3f31bba37451650b80918afbf5e72d2b3fb9c/analysis/1568526608/ | 200 | d16384f512d0c3eaa9834dfd05cbf41675bd7be9 | 57 | 31 | MicroWorld-eScan:Gen:Variant.Backdoor.Linux.Tsunami.1, McAfee:GenericRXIB-LW!7CB73F4732E5, Symantec:Linux.Backdoor.Kaiten, ESET-NOD32:a variant of Linux/Tsunami.NDJ, TrendMicro-HouseCall:Backdoor.Linux.BASHLITE.SMJC10, Avast:ELF:DDoS-Y [Trj], Kaspersky:HEUR:Backdoor.Linux.Tsunami.cb, BitDefender:Gen:Variant.Backdoor.Linux.Tsunami.1, Rising:Backdoor.Tsunami!1.A1B2 (CLASSIC), Ad-Aware:Gen:Variant.Backdoor.Linux.Tsunami.1, Sophos:Linux/Tsunami-A, DrWeb:Linux.BackDoor.Tsunami.239, Zillya:Backdoor.Tsunami.Linux.446, TrendMicro:Backdoor.Linux.BASHLITE.SMJC10, McAfee-GW-Edition:GenericRXIB-LW!7CB73F4732E5, FireEye:Gen:Variant.Backdoor.Linux.Tsunami.1, Emsisoft:Gen:Variant.Backdoor.Linux.Tsunami.1 (B), Ikarus:Trojan.Linux.Gafgyt, Jiangmin:Backdoor.Linux.pan, Fortinet:ELF/Tsunami.NDJ!tr, Antiy-AVL:Trojan[Backdoor]/Linux.Tsunami.cb, Arcabit:Trojan.Backdoor.Linux.Tsunami.1, ZoneAlarm:HEUR:Backdoor.Linux.Tsunami.cb, Avast-Mobile:ELF:Tsunami-EQ [Trj], AhnLab-V3:Linux/Tsunami.Gen3, ALYac:Gen:Variant.Backdoor.Linux.Tsunami.1, MAX:malware (ai score=84), Tencent:Backdoor.Linux.Tsunami.x, GData:Gen:Variant.Backdoor.Linux.Tsunami.1, AVG:ELF:DDoS-Y [Trj], Qihoo-360:virus.elf.tsunami.gen |
| hxxp://31[.]13[.]195[.]49/x | https://www.virustotal.com/url/65071584ab70a5353da1eeec090311e3fb8c2c1de103387b2c94cb29d32ac4b3/analysis/1568512414/ | Unknown | ||||
| hxxp://tronified[.]pw | https://www.virustotal.com/file/ec658c73467ac6251e6f8461bd31cf0497c982c18c9900c825d707cc7bca9425/analysis/1568816018/ | 200 | 5982254656b63ae8cf365a0e0474f34fcac1f61a | 58 | 0 | |
| hxxp://pm[.]ipfswallet[.]ml/pm[.]sh | https://www.virustotal.com/url/6e1cf8ccc48085ebefe925b6bc82003fe16ca07612c37ab12b8dd433ffc7df45/analysis/1568525843/ | Unknown | ||||
| hxxp://159[.]89[.]204[.]166/turbo[.]mips | https://www.virustotal.com/url/0b091e712f3203f15db254ecb9f0342f2e29cef04d82837a1837012c3507bd57/analysis/1568555083/ | Unknown | ||||
| hxxp://185[.]244[.]25[.]66/zuapleq[.]mips | https://www.virustotal.com/url/992efd789921d43c52aac651073d071db1fc321013e5ce6bc8334ff03a626fa6/analysis/1568526641/ | 404 | ||||
| hxxp://174[.]128[.]226[.]101/mips | https://www.virustotal.com/file/c51c776b3aff1533eaf680473d5292cee0fc6d7a8c2821971fc56a781ead56e6/analysis/1568738331/ | 200 | 81542728b7d0ed176f7e9e965880c661ebe72bb0 | 57 | 26 | MicroWorld-eScan:Gen:Variant.Backdoor.Linux.Tsunami.1, FireEye:Gen:Variant.Backdoor.Linux.Tsunami.1, Symantec:Linux.Backdoor.Kaiten, ESET-NOD32:a variant of Linux/Tsunami.NDJ, TrendMicro-HouseCall:Backdoor.Linux.BASHLITE.SMJC10, Avast:ELF:DDoS-Y [Trj], Kaspersky:HEUR:Backdoor.Linux.Tsunami.cb, BitDefender:Gen:Variant.Backdoor.Linux.Tsunami.1, Tencent:Backdoor.Linux.Tsunami.x, Ad-Aware:Gen:Variant.Backdoor.Linux.Tsunami.1, Emsisoft:Gen:Variant.Backdoor.Linux.Tsunami.1 (B), DrWeb:Linux.BackDoor.Tsunami.239, TrendMicro:Backdoor.Linux.BASHLITE.SMJC10, Sophos:Linux/Tsunami-A, Ikarus:Trojan.Linux.Gafgyt, Fortinet:ELF/Tsunami.NDJ!tr, Arcabit:Trojan.Backdoor.Linux.Tsunami.1, AhnLab-V3:Linux/Tsunami.Gen3, ZoneAlarm:HEUR:Backdoor.Linux.Tsunami.cb, Avast-Mobile:ELF:Tsunami-EQ [Trj], ALYac:Gen:Variant.Backdoor.Linux.Tsunami.1, MAX:malware (ai score=94), Rising:Backdoor.Tsunami!1.A1B2 (CLASSIC), GData:Gen:Variant.Backdoor.Linux.Tsunami.1, AVG:ELF:DDoS-Y [Trj], Qihoo-360:virus.elf.tsunami.gen |
| hxxp://89[.]248[.]174[.]219/bwget[.]sh | https://www.virustotal.com/url/493fdeb0f2cc8b4e06ff9389eb3d5494fbec35b770654b574e621a6ee7a0ff64/analysis/1568526749/ | Unknown | ||||
| hxxp://185[.]244[.]25[.]166/31337/Josho[.]mips | https://www.virustotal.com/url/1e7cdb56267d707bd288e5fa52c736e9bd5ecc1a31eb87cac88bfd66c5e086bf/analysis/1568526790/ | Unknown | ||||
| hxxp://31[.]13[.]195[.]109/bwget[.]sh | https://www.virustotal.com/file/c63b0531b853abf3cdd7ff6de25a281bdc9f728d420bafc21efb890cf3e51229/analysis/1567198303/ | 200 | 9487153425ce59f141a0dbb71b6eacd4fcbdfea2 | 56 | 4 | TrendMicro-HouseCall:Possible_MIRAIDLOD.SMLBR6, Kaspersky:HEUR:Trojan-Downloader.Shell.Agent.p, TrendMicro:Possible_MIRAIDLOD.SMLBR6, ZoneAlarm:HEUR:Trojan-Downloader.Shell.Agent.p |
| hxxp://45[.]77[.]112[.]216/ComputerScienceAnalGapeBigCancer | https://www.virustotal.com/url/a48c47c1c0bcac4007b2684c08310e9b39f531d251ee1ef124d77e9c193bc0a4/analysis/1568526914/ | 404 | ||||
| hxxp://45[.]77[.]112[.]216/fatniggers | https://www.virustotal.com/url/4abd9da696bc7a30f4d44bca34870c63bd909681c4355c937e16e1bf60a37e2b/analysis/1568527022/ | 404 | ||||
| hxxp://45[.]77[.]112[.]216/okbot | https://www.virustotal.com/url/90e7f4a36e64ad2eca2922f5d171391b6332ad365df2b21a848714a2ee97d19d/analysis/1568527063/ | 404 | ||||
| hxxp://45[.]77[.]112[.]216/memes[.]txt | https://www.virustotal.com/url/bc40ffc2e630036956b2d99d36ade16dba8999904c87212272b2ab1dcc0a4585/analysis/1568527104/ | 404 | ||||
| hxxp://pm[.]ipfswallet[.]tk/pm[.]sh | https://www.virustotal.com/url/64859937ff23baa7ee34b8ba567c56f5cb1203e4260e21327a741455c86dcee4/analysis/1568712578/ | Unknown | ||||
| hxxp://89[.]248[.]174[.]219/curl[.]sh | https://www.virustotal.com/url/b0d10471d652e52eac6632447e6c4cb438c8311d4e8e518c9b57b20e0034e6da/analysis/1568527212/ | Unknown |
◾️WoWHoneypot
<国別検知数および検知数>
※詳細はパス一覧を参照
検知はWordpress関連以外にもphpMyadmin系の通信も多めでした。
../../mnt/custom/ProductDefinition
| target | count |
| WordPress | 1477 |
| - | 345 |
| phpMyAdmin | 283 |
| FreePBX | 91 |
| ThinkPHP | 37 |
| cfg file | 11 |
| Unauthorized Relay | 7 |
| Tomcat | 5 |
| Admin config | 4 |
| Yealink | 4 |
| txt | 4 |
| DGN1000 Netgea Router | 3 |
| Login Page | 3 |
| nmap | 3 |
| Microsoft Sharepoint | 2 |
| AVTECH AVN801 DVR | 1 |
| AVTECH IP Camera / NVR / DVR Devices | 1 |
| Aastra | 1 |
| Adobe ColdFusion | 1 |
| D-Link DIR-850L | 1 |
| Dasan GPON home router | 1 |
| Discussion on UserPro | 1 |
| HiSilicon DVR Devices | 1 |
| IP camera | 1 |
| IPC | 1 |
| JIRA | 1 |
| Microsoft SharePoint | 1 |
| MikroTik | 1 |
| NETGEAR Genie | 1 |
| Netgear | 1 |
| Router | 1 |
| Trane Tracer SC | 1 |
| Twiki | 1 |
| UPnP | 1 |
| Vmware | 1 |
| Webshell | 1 |
| dahua camera | 1 |
| passwd | 1 |
| vtiger vtiger CRM 5.2.1 | 1 |
<マルウェアダウンロード>
なし
以上となります。
<検知パス一覧>
| wow_path_research | target | CVE | reference | count |
| /wp-login.php | WordPress | - | - | 1004 |
| /xmlrpc.php | WordPress | - | - | 471 |
| / | - | - | - | 321 |
| /admin/assets/js/views/login.js | FreePBX | - | https://git.freepbx.org/projects/FREEPBX/repos/framework/browse/amp_conf/htdocs/admin/assets/js/views/login.js?at=bfb36fa7ac70c2e642257dbcd99a1799e19ea743 | 82 |
| /TP/public/index.php | ThinkPHP | - | - | 37 |
| /index.php | - | - | - | 9 |
| /phpmyadmin/index.php | phpMyAdmin | - | - | 9 |
| hxxp://110.249.212.46/testget | Unauthorized Relay | - | - | 5 |
| /admin/config.php | Admin config | - | - | 4 |
| /admin/i18n/readme.txt | txt phpMyAdmin |
- - |
- - |
4 |
| /phpmyadmin/ | phpMyAdmin | - | - | 4 |
| /recordings/theme/main.css | FreePBX phpMyAdmin |
- - |
- - |
4 |
| aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa | FreePBX | - | https://github.com/crazedr0m/FreePBX/blob/master/upgrades/2.8.1.md5 | 4 |
| /setup.cgi | DGN1000 Netgea Router | - | - | 3 |
| /000000000000.cfg | cfg file | - | - | 2 |
| /aastra.cfg | Yealink | - | https://wiki.ipitomy.com/wiki/Yealink | 2 |
| /favicon.ico | - | - | - | 2 |
| /lang/en/html/index.html | - | - | - | 2 |
| /manager/html | Tomcat | - | - | 2 |
| /manager/text/list | Tomcat | - | https://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html | 2 |
| /phpMyAdmin-2/scripts/setup.php | phpMyAdmin | - | - | 2 |
| /y000000000000.cfg | phpMyAdmin | - | - | 2 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmanager/ | phpMyAdmin | - | - | 2 |
| ../../etc/passwd | passwd | - | - | 1 |
| ../../mnt/custom/ProductDefinition | HiSilicon DVR Devices | - | https://www.exploit-db.com/exploits/44004 | 1 |
| /// | - | - | - | 1 |
| ///wp-json/wp/v2/users/ | WordPress | - | - | 1 |
| //vtigercrm/vtigerservice.php | vtiger vtiger CRM 5.2.1 | - | https://www.securityfocus.com/bid/47267/info | 1 |
| /CFIDE/administrator/ | Adobe ColdFusion | - | https://www.exploit-db.com/exploits/14641 | 1 |
| /GponForm/diag_Form | Dasan GPON home router | CVE-2018-10561 | https://nvd.nist.gov/vuln/detail/CVE-2018-10561 | 1 |
| /HNAP1 | D-Link DIR-850L | CVE-2015-2051 | https://www.morihi-soc.net/?p=981 | 1 |
| /Lists/admin.php | - | - | - | 1 |
| /Nmap/folder/check1568097337 | nmap | - | - | 1 |
| /NmapUpperCheck1568097337 | nmap | - | - | 1 |
| /TEMPORARY_LISTEN_ADDRESSES/WSMAN | phpMyAdmin | - | - | 1 |
| /Temporary_Listen_Addresses/SMSSERVICE | Microsoft SharePoint | CVE-2019-0604 | https://www.alienvault.com/blogs/labs-research/sharepoint-vulnerability-exploited-in-the-wild | 1 |
| /WSMAN/ | Microsoft Sharepoint | CVE-2019-0604 | https://www.alienvault.com/blogs/labs-research/sharepoint-vulnerability-exploited-in-the-wild | 1 |
| /WebItemsLevel.cfg | Microsoft Sharepoint | CVE-2019-0604 | https://www.alienvault.com/blogs/labs-research/sharepoint-vulnerability-exploited-in-the-wild | 1 |
| /Yealink/WebItemsLevel.cfg | Yealink | - | http://forum.yealink.com/forum/showthread.php?tid=40318 | 1 |
| /Yealink/y000000000000.cfg | Yealink | - | https://wiki.ipitomy.com/wiki/Yealink | 1 |
| /_phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /acadmin.php | Webshell | - | - | 1 |
| /admin.php | WordPress | - | https://nskw-style.com/2014/diary/visualize-wp-admin-flow.html | 1 |
| /admin/phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /admin/pma/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /admin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /administrator/components/com_joommyadmin/phpmyadmin/scripts/setup.php | Aastra | - | https://wiki.freepbx.org/display/FOP/Aastra?src=contextnavpagetreemode | 1 |
| /apache-default/phpmyadmin/scripts/setup.php | - | - | - | 1 |
| /blog/phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /cgi-bin/luci | Router phpMyAdmin |
- - |
- - |
1 |
| /cgi-bin/nobody/Machine.cgi | phpMyAdmin | - | - | 1 |
| /cgi-bin/user/Config.cgi | AVTECH AVN801 DVR | CVE-2013-4981 | https://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006100.html | 1 |
| /cm/ | - phpMyAdmin |
- - |
- - |
1 |
| /console | phpMyAdmin | - | - | 1 |
| /cpanel | phpMyAdmin | - | - | 1 |
| /cpanelphpmyadmin/scripts/setup.php | Netgear | - | https://community.netgear.com/t5/Using-your-ReadyNAS-in-Business/Get-cgi-bin-luci-instead-of-admin-page/td-p/1117600 | 1 |
| /cpphpmyadmin/scripts/setup.php | AVTECH IP Camera / NVR / DVR Devices | - | https://www.exploit-db.com/exploits/40500 | 1 |
| /current_config/passwd | dahua camera | - | https://github.com/mcw0/PoC/blob/master/dahua-backdoor-PoC.py | 1 |
| /currentsetting.htm | NETGEAR Genie | - | https://qiita.com/comefigo/items/e9b1bce93c1b615e5934 | 1 |
| /db/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /dbadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /device_description.xml | UPnP | - | https://medium.com/@djboris/digging-into-upnp-by-searching-a-sonos-api-5e10e080a232 | 1 |
| /evox/about | Trane Tracer SC | - | https://mogu2itachi.hatenablog.com/entry/2019/03/10/173327 | 1 |
| /forum/phpmyadmin/scripts/setup.php | - | - | - | 1 |
| /ipc$ | IPC | - | https://thinline196.hatenablog.com/entry/2018/09/23/153019 | 1 |
| /kdsapi/system/deviceinfo | - | - | - | 1 |
| /lang_pack/EN.js | phpMyAdmin | - | - | 1 |
| /login.asp | Login Page | - | - | 1 |
| /login.cgi | Login Page | - | - | 1 |
| /login/login.html | Login Page | - | - | 1 |
| /manager | phpMyAdmin | - | - | 1 |
| /myadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /mysql/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /mysqladmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /nmaplowercheck1568097337 | phpMyAdmin | - | - | 1 |
| /php-my-admin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /php/phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.10.0.0/scripts/setup.php | - | - | - | 1 |
| /phpMyAdmin-2.10.0.1/scripts/setup.php | - | - | - | 1 |
| /phpMyAdmin-2.10.0.2/scripts/setup.php | - | - | - | 1 |
| /phpMyAdmin-2.10.0/scripts/setup.php | Tomcat | - | - | 1 |
| /phpMyAdmin-2.10.1.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.10.2.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.11.0.0/scripts/setup.php | nmap | - | - | 1 |
| /phpMyAdmin-2.11.1-all-languages/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.11.1.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.11.1.1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.11.1.2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.1-pl2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.1-pl3/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.4-pl3/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.4-pl4/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.4-rc1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.5/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.6/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.6.9/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.0-beta1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.0-pl1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.0-pl2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.0-rc1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.5/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.6/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.7.7/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.2.3/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.3/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.4/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.5/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.6/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.7/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.8/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.8.9/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.0-rc1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.0.1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.0.2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-2.9.2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.0.0-rc1-english/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.0.0.0-all-languages/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.0.1.0-english/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.0.1.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.0.1.1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.0.0-english/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.0.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.1.0-all-languages/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.2.0-all-languages/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.2.0-english/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.1.2.0/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin-3.4.3.1/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin2/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpMyAdmin3/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /phpmyadmin | phpMyAdmin | - | - | 1 |
| /phpmyadmin/scripts/setup.php | 1 | |||
| /pma/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /polycom/000000000000.cfg | phpMyAdmin | - | - | 1 |
| /provisioning/000000000000.cfg | phpMyAdmin | - | - | 1 |
| /provisioning/y000000000000.cfg | phpMyAdmin | - | - | 1 |
| /script | - | - | - | 1 |
| /scripts/setup.php | phpMyAdmin | - | - | 1 |
| /sdk | Vmware | - | https://github.com/nmap/nmap/blob/master/scripts/vmware-version.nse | 1 |
| /secure/ContactAdministrators!default.jspa | JIRA | - | https://ja.wikipedia.org/wiki/JIRA_(%E3%82%BD%E3%83%95%E3%83%88%E3%82%A6%E3%82%A7%E3%82%A2) | 1 |
| /tmpfs/auto.jpg | IP camera | - | - | 1 |
| /twiki/bin/configure | phpMyAdmin | - | - | 1 |
| /typo3/phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /w00tw00t.at.blackhats.romanian.anti-sec:) | phpMyAdmin | - | - | 1 |
| /web/phpMyAdmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /web/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /websql/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /winbox.png | MikroTik | - | https://sec-owl.hatenablog.com/entry/2018/10/12/160525 | 1 |
| /wp-content/plugins/userpro/scripts/scripts.min.js | phpMyAdmin | - | - | 1 |
| /xampp/phpmyadmin/scripts/setup.php | phpMyAdmin | - | - | 1 |
| /y000000000028.cfg | cfg file | - | - | 1 |
| /y000000000029.cfg | cfg file | - | - | 1 |
| /y000000000034.cfg | cfg file | - | - | 1 |
| /y000000000036.cfg | FreePBX | - | https://issues.freepbx.org/browse/FREEPBX-5845 | 1 |
| /y000000000054.cfg | Twiki | - | https://twiki.org/cgi-bin/view/TWiki/TWiki04x02WindowsInstallationGuide | 1 |
| hxxp://112.35.53.83:8088/index.php | Unauthorized Relay | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/1phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/2phpmyadmin/ | Discussion on UserPro | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/3phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/4phpmyadmin/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/MyAdmin/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2005/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2009/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2011/ | cfg file | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2012/ | - | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2013/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2014/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2015/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/PMA2016/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/db/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/pMA/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/phpMyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/sqladmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/sysadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/admin/web/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/PMA/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/db/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/phpMyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/pma/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/administrator/web/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/database/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/db-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/dbadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/dbweb/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/myadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/phpMyAdmin-3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/phpMyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/phpMyAdmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/phpmyadmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/webadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/webdb/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/db/websql/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/dbadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/host/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/localhost/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/myadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/myadminphp/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/db/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/dbadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/mysqlmanager/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/pMA/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/pma/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/sqlmanager/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysql/web/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysqladmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/mysqlmanager/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/p/m/a/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/php-my-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/php-myadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.5.1-all-languages/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.6-all-languages/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.7.1-all-languages-utf-8-only/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.7.1-all-languages/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.8.1-all-languages-utf-8-only/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.11.8.1-all-languages/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.2.3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.2.6/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5-rc2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.5/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.6-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.6-rc2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.6/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.7-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.5.7/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-alpha/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-alpha2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-beta1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-beta2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-pl2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-pl3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-rc2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0-rc3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.0/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1-pl2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1-pl3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1-rc2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.2-beta1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.2-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.2-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.3-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.3-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4-pl2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4-pl3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4-pl4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.6.4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.7.0-beta1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.7.0-pl1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.7.0-pl2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.7.0-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.7.0/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0-beta1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0-rc2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0.1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0.2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0.3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0.4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.0/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.1-rc1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2.8.2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-4.6.4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin-4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyAdmin4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpMyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmy-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmy/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin/admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin1/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phpmyadmin4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phppgadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/phppma/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2005/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2009/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2011/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2012/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2013/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2014/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2015/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/pma2016/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/program/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/shopdb/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/myadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/php-myadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpMyAdmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpMyAdmin2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpMyAdmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpMyAdmin4/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpmanager/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpmy-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpmyadmin2/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpmyadmin3/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/phpmyadmin4/ | Unauthorized Relay | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/sql-admin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/sql/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/sqladmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/sqlweb/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/webadmin/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/webdb/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sql/websql/ | phpMyAdmin | - | - | 1 |
| hxxp://xxx.xxx.xxx.xxx:80/sqlmanager/ | phpMyAdmin | - | - | 1 |
| hxxp://www.proxylists.net/proxyjudge.php | phpMyAdmin | - | - | 1 |
