目次
公開している web サーバのログから通常のアクセスではない通信について分析しました。
多かったリクエスト
設定ファイルを見たがる通信
/.env
/.git/config
/admin/.env
WordPress関連
/wp-login.php
/wp-content/plugins/hellopress/wp_filemanager.php
/wp-content/uploads/
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/wp-includes/
/wp-content/admin.php
/wp-content/themes/
/wp-admin/includes/
/wp-content/themes/admin.php
PHPUnitのevalをリモート実行
PHPのユニットテストツールのPHPUnitの脆弱性を利用してのeval()を実行しようとする通信
最近減ってきました。
JVNDB-2017-005280 - JVN iPedia - 脆弱性対策情報データベース
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
/vendor/phpunit/src/Util/PHP/eval-stdin.php
/vendor/phpunit/Util/PHP/eval-stdin.php
/vendor/phpunit/phpunit/LICENSE/eval-stdin.php
/vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/phpunit/phpunit/Util/PHP/eval-stdin.php
/phpunit/src/Util/PHP/eval-stdin.php
/phpunit/Util/PHP/eval-stdin.php
/lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/lib/phpunit/phpunit/Util/PHP/eval-stdin.php
/lib/phpunit/src/Util/PHP/eval-stdin.php
/lib/phpunit/Util/PHP/eval-stdin.php
/lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Cisco 製 Cisco IOS XE などのネットワーク機器の Web UI の脆弱性
Cisco製のネットワーク機器のWeb UIの脆弱性
JVNDB-2026-004511 - JVN iPedia - 脆弱性対策情報データベース
/webui/
VS Codeの拡張機能「Live Server」の脆弱性
遠隔コード実行の脆弱性があるようです。
/livereload.js?mindelay=10&v=2&port=1313&path=livereload
geoserver における XML 外部エンティティの脆弱性
JVNDB-2025-020875 - JVN iPedia - 脆弱性対策情報データベース
/geoserver/
不審な通信の一覧
| アクセス数 | メソッド | リクエスト |
|---|---|---|
| 369 | GET | HTTP/1.1 /wp-login.php |
| 356 | GET | HTTP/1.1 /administrator/ |
| 324 | GET | HTTP/1.1 /.env |
| 228 | GET | HTTP/1.1 /.git/config |
| 188 | GET | HTTP/1.1 /app-ads.txt |
| 132 | GET | HTTP/1.1 /ioxi-o.php |
| 131 | GET | HTTP/1.1 /wp-content/plugins/hellopress/wp_filemanager.php |
| 121 | POST | HTTP/1.1 /xmlrpc.php |
| 120 | GET | HTTP/1.1 /wp-content/uploads/ |
| 113 | GET | HTTP/1.1 /admin.php |
| 113 | GET | HTTP/1.1 /info.php |
| 112 | GET | HTTP/1.1 /SDK/webLanguage |
| 111 | GET | HTTP/1.1 /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 110 | GET | HTTP/1.1 /222.php |
| 110 | GET | HTTP/1.1 /wp-includes/ |
| 108 | GET | HTTP/1.1 /wp-content/admin.php |
| 105 | GET | HTTP/1.1 /about.php |
| 100 | GET | HTTP/1.1 /ms-edit.php |
| 98 | POST | HTTP/1.1 /hello.world?M–d+allow_url_include=1+M–d+auto_prepend_file=php://input |
| 98 | GET | HTTP/1.1 /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php |
| 98 | GET | HTTP/1.1 /vendor/phpunit/src/Util/PHP/eval-stdin.php |
| 98 | GET | HTTP/1.1 /vendor/phpunit/Util/PHP/eval-stdin.php |
| 98 | GET | HTTP/1.1 /containers/json |
| 97 | GET | HTTP/1.1 /vendor/phpunit/phpunit/LICENSE/eval-stdin.php |
| 97 | GET | HTTP/1.1 /vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /phpunit/phpunit/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /phpunit/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /lib/phpunit/phpunit/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /lib/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /lib/phpunit/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /www/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /ws/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 97 | GET | HTTP/1.1 /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /ws/ec/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /V2/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /tests/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /test/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /testing/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /demo/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /cms/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /crm/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 96 | GET | HTTP/1.1 /backup/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /blog/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /panel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /public/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /apps/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php |
| 95 | GET | HTTP/1.1 /index.php?lang=../../../../../../../../tmp/index1 |
| 94 | GET | HTTP/1.1 /.well-known/security.txt |
| 94 | GET | HTTP/1.1 /as.php |
| 93 | GET | HTTP/1.0 /admin/config.php |
| 93 | GET | HTTP/1.1 /file.php |
| 91 | GET | HTTP/1.1 /goods.php |
| 89 | GET | HTTP/1.0 /robots.txt |
| 86 | GET | HTTP/1.1 /abcd.php |
| 84 | GET | HTTP/1.1 /login |
| 84 | GET | HTTP/1.1 /adminfuns.php |
| 83 | GET | HTTP/1.1 /livereload.js?mindelay=10&v=2&port=1313&path=livereload |
| 82 | GET | HTTP/1.1 /wp-good.php |
| 78 | GET | HTTP/1.1 /class-t.api.php |
| 77 | GET | HTTP/1.1 /wp-content/themes/ |
| 76 | GET | HTTP/1.1 /classwithtostring.php |
| 72 | GET | HTTP/1.1 /backup/ |
| 72 | GET | HTTP/1.1 /wp9.php |
| 70 | GET | HTTP/1.1 /uploads/ |
| 70 | GET | HTTP/1.1 /.well-known/traffic-advice |
| 69 | GET | HTTP/1.1 /geoserver/web/ |
| 67 | GET | HTTP/1.1 /bolt.php |
| 66 | GET | HTTP/1.1 /inputs.php |
| 66 | GET | HTTP/1.1 /xmlrpc.php |
| 65 | GET | HTTP/1.1 /wp-admin/css/bolt.php |
| 64 | GET | HTTP/1.1 /index/function.php |
| 62 | GET | HTTP/1.1 /admin/.env |
| 61 | GET | HTTP/1.1 /wp-admin/includes/ |
| 60 | GET | HTTP/1.1 /actuator/gateway/routes |
| 60 | GET | HTTP/1.1 /66.php |
| 59 | GET | HTTP/1.1 /.env.save |
| 59 | GET | HTTP/1.1 /Dr0v |
| 59 | GET | HTTP/1.1 /wp-content/themes/admin.php |
| 58 | GET | HTTP/1.1 /1.php |
| 58 | GET | HTTP/1.1 /webui/ |
| 58 | GET | HTTP/1.1 /wp-content/plugins/ |
| 58 | GET | HTTP/1.1 /wp-act.php |
