kk的blog

2019/01/05

貼一下昨天有趣的log

2019-01-04T18:57:11+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abc123456&server=1
2019-01-04T18:57:06+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qq123456&server=1
2019-01-04T18:56:33+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123&server=1
2019-01-04T18:56:51+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123321&server=1
2019-01-04T18:57:10+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=asdasdasd&server=1
2019-01-04T18:56:37+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=4321&server=1
2019-01-04T18:56:39+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=000000&server=1
2019-01-04T18:57:10+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12121212&server=1
2019-01-04T18:56:31+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=3rjs1la7qe&server=1
2019-01-04T18:56:37+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=54321&server=1
2019-01-04T18:56:38+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=987654&server=1
2019-01-04T18:57:00+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=7777777&server=1
2019-01-04T18:56:53+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=222222&server=1
2019-01-04T18:56:54+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=223456&server=1
2019-01-04T18:57:01+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=88888888&server=1
2019-01-04T18:57:08+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=QAZWSXEDC&server=1
2019-01-04T18:56:32+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=0&server=1
2019-01-04T18:56:18+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=angel&server=1
2019-01-04T18:56:50+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123123123&server=1
2019-01-04T18:56:53+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=147258369&server=1
2019-01-04T18:57:02+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1991&server=1
2019-01-04T18:57:01+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1990&server=1
2019-01-04T18:56:26+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=charlie&server=1
2019-01-04T18:56:25+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=thomas&server=1
2019-01-04T18:56:35+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12345678&server=1
2019-01-04T18:57:05+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=789456123&server=1
2019-01-04T18:56:40+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=0000000000&server=1
2019-01-04T18:56:23+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Summer&server=1
2019-01-04T18:56:25+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=george&server=1
2019-01-04T18:56:36+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=87654321&server=1
2019-01-04T18:57:02+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1992&server=1
2019-01-04T18:56:39+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=000000000&server=1
2019-01-04T18:56:52+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12341234&server=1
2019-01-04T18:57:06+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qqqqqqqq&server=1
2019-01-04T18:56:32+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1&server=1
2019-01-04T18:57:05+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=xiazhili&server=1
2019-01-04T18:56:27+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ninja&server=1
2019-01-04T18:56:36+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=987654321&server=1
2019-01-04T18:56:31+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=q0tsrbv488&server=1
2019-01-04T18:56:46+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1111111111&server=1
2019-01-04T18:56:20+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Ashley&server=1
2019-01-04T18:56:34+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12345&server=1
2019-01-04T18:56:59+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=66668888&server=1
2019-01-04T18:56:19+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ashley&server=1
2019-01-04T18:56:34+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234&server=1
2019-01-04T18:56:26+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Jesus&server=1
2019-01-04T18:56:36+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=7654321&server=1
2019-01-04T18:56:48+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=112233&server=1
2019-01-04T18:56:57+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=66666666&server=1
2019-01-04T18:56:39+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=00000000&server=1
2019-01-04T18:56:58+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=696969&server=1
2019-01-04T18:56:28+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=mustang&server=1
2019-01-04T18:56:22+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Maggie&server=1
2019-01-04T18:56:38+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=0000&server=1
2019-01-04T18:56:35+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234567890&server=1
2019-01-04T18:56:43+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=11111111&server=1
2019-01-04T18:56:56+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=555555&server=1
2019-01-04T18:56:33+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12&server=1
2019-01-04T18:56:41+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=111111&server=1
2019-01-04T18:56:55+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=55555&server=1
2019-01-04T18:57:04+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a123456789&server=1
2019-01-04T18:56:21+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Jordan&server=1
2019-01-04T18:56:23+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=summer&server=1
2019-01-04T18:56:34+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456&server=1
2019-01-04T18:56:30+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=18atcskd2w&server=1
2019-01-04T18:57:08+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456abc&server=1
2019-01-04T18:56:25+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=George&server=1
2019-01-04T18:56:46+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=121212&server=1
2019-01-04T18:56:47+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=131313&server=1
2019-01-04T18:56:35+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234567&server=1
2019-01-04T18:56:38+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=321&server=1
2019-01-04T18:56:50+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=11223344&server=1
2019-01-04T18:56:57+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=666666&server=1
2019-01-04T18:57:00+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=888888&server=1
2019-01-04T18:56:20+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=michael&server=1
2019-01-04T18:56:26+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=arsenal&server=1
2019-01-04T18:56:24+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Taylor&server=1
2019-01-04T18:56:29+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=madison&server=1
2019-01-04T18:56:22+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Ginger&server=1
2019-01-04T18:56:29+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ashleymadison&server=1
2019-01-04T18:56:38+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=21&server=1
2019-01-04T18:56:26+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=liverpool&server=1
2019-01-04T18:56:37+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=654321&server=1
2019-01-04T18:56:21+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=jordan&server=1
2019-01-04T18:56:19+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Angel&server=1
2019-01-04T18:56:24+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Bosco&server=1
2019-01-04T18:56:35+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456789&server=1
2019-01-04T18:56:20+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Michael&server=1
2019-01-04T18:56:30+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=indya123&server=1
2019-01-04T18:56:30+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=india123&server=1
2019-01-04T18:57:07+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=31415926&server=1
2019-01-04T18:57:11+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=110110110&server=1
2019-01-04T18:56:36+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=0987654321&server=1
2019-01-04T18:56:44+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=111111111&server=1
2019-01-04T18:57:03+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=aaaaaaaa&server=1
2019-01-04T18:57:09+0800 106.12.206.4 55322 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123654789&server=1
2019-01-04T18:57:42+0800 106.12.206.4 10986 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456*a&server=1
2019-01-04T18:57:43+0800 106.12.206.4 10986 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=654321*a&server=1
2019-01-04T18:57:43+0800 106.12.206.4 10986 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Aa123456&server=1
2019-01-04T18:57:44+0800 106.12.206.4 10986 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ABCabc123&server=1
2019-01-04T18:57:44+0800 106.12.206.4 10986 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ABCD123!@#&server=1
2019-01-04T18:57:45+0800 106.12.206.4 11698 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qwe!@#&server=1
2019-01-04T18:57:45+0800 106.12.206.4 11852 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qwe123!@#&server=1
2019-01-04T18:57:27+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456789.&server=1
2019-01-04T18:57:12+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=aa123456&server=1
2019-01-04T18:57:41+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=admin888&server=1
2019-01-04T18:57:33+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=PMA&server=1
2019-01-04T18:57:34+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=test123&server=1
2019-01-04T18:57:22+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qweasd&server=1
2019-01-04T18:57:33+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=caonima123&server=1
2019-01-04T18:57:34+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=phpmyadmin&server=1
2019-01-04T18:57:42+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=administrator!@#&server=1
2019-01-04T18:57:24+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abcdef&server=1
2019-01-04T18:57:14+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qwertyui&server=1
2019-01-04T18:57:41+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=admin88&server=1
2019-01-04T18:57:42+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=admin9999&server=1
2019-01-04T18:57:19+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=woaini521&server=1
2019-01-04T18:57:19+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=woaini520&server=1
2019-01-04T18:57:13+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=22222222&server=1
2019-01-04T18:57:30+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=135792468&server=1
2019-01-04T18:57:36+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=postgres&server=1
2019-01-04T18:57:18+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1314520&server=1
2019-01-04T18:57:18+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=woaini&server=1
2019-01-04T18:57:31+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1111111111111111&server=1
2019-01-04T18:57:35+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=okmnji&server=1
2019-01-04T18:57:41+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=admin1234&server=1
2019-01-04T18:57:25+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abcabc&server=1
2019-01-04T18:57:20+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qwe123&server=1
2019-01-04T18:57:31+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=zxcvbnm123&server=1
2019-01-04T18:57:23+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a1b2c3&server=1
2019-01-04T18:57:38+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=sqladmin&server=1
2019-01-04T18:57:15+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a123456&server=1
2019-01-04T18:57:28+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=q123456&server=1
2019-01-04T18:57:15+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=from91&server=1
2019-01-04T18:57:28+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12345678910&server=1
2019-01-04T18:57:20+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=7758521&server=1
2019-01-04T18:57:32+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=w123456&server=1
2019-01-04T18:57:40+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=root3306&server=1
2019-01-04T18:57:35+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123.com&server=1
2019-01-04T18:57:20+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=100200&server=1
2019-01-04T18:57:17+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=5201314&server=1
2019-01-04T18:57:30+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abc123456789&server=1
2019-01-04T18:57:34+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=test&server=1
2019-01-04T18:57:38+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=sa&server=1
2019-01-04T18:57:25+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=aaa111&server=1
2019-01-04T18:57:37+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=homelesspa&server=1
2019-01-04T18:57:17+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=fill.com&server=1
2019-01-04T18:57:17+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=5201314520&server=1
2019-01-04T18:57:29+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=q123456789&server=1
2019-01-04T18:57:21+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=zhang123&server=1
2019-01-04T18:57:19+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=woaini123&server=1
2019-01-04T18:57:39+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=root123&server=1
2019-01-04T18:57:39+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=root123456&server=1
2019-01-04T18:57:29+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1233211234567&server=1
2019-01-04T18:57:33+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pmapass&server=1
2019-01-04T18:57:40+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=rootroot&server=1
2019-01-04T18:57:16+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456a&server=1
2019-01-04T18:57:19+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=woaini1314&server=1
2019-01-04T18:57:18+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1314520520&server=1
2019-01-04T18:57:20+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=770880&server=1
2019-01-04T18:57:17+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=5211314&server=1
2019-01-04T18:57:21+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=asd123&server=1
2019-01-04T18:57:34+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=phpMyAdmin&server=1
2019-01-04T18:57:19+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=aini1314&server=1
2019-01-04T18:57:13+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a1234567&server=1
2019-01-04T18:57:32+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=caonima&server=1
2019-01-04T18:57:16+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=163.com&server=1
2019-01-04T18:57:15+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456123&server=1
2019-01-04T18:57:18+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a5201314&server=1
2019-01-04T18:57:14+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123321123&server=1
2019-01-04T18:57:30+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abcd123456&server=1
2019-01-04T18:57:16+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456aa&server=1
2019-01-04T18:57:21+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=asd123456&server=1
2019-01-04T18:57:21+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=z123456&server=1
2019-01-04T18:57:12+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a12345678&server=1
2019-01-04T18:57:30+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12345678900&server=1
2019-01-04T18:57:38+0800 106.12.206.4 3839 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=sql&server=1
2019-01-04T18:57:49+0800 106.12.206.4 12050 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123qweqwe&server=1
2019-01-04T18:57:50+0800 106.12.206.4 12050 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!@#123&server=1
2019-01-04T18:57:53+0800 106.12.206.4 12900 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!@#qwe&server=1
2019-01-04T18:58:04+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!@#$&server=1
2019-01-04T18:57:58+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abcdefg&server=1
2019-01-04T18:58:01+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=cisco&server=1
2019-01-04T18:58:04+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=private&server=1
2019-01-04T18:58:00+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=rootpassword&server=1
2019-01-04T18:58:02+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=manager&server=1
2019-01-04T18:57:57+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1111&server=1
2019-01-04T18:58:01+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=0123456789&server=1
2019-01-04T18:58:02+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=PASSWD&server=1
2019-01-04T18:57:57+0800 106.12.206.4 13514 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=abc&server=1
2019-01-04T18:58:12+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=zaq12wsx&server=1
2019-01-04T18:58:14+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Password1&server=1
2019-01-04T18:58:23+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123.123&server=1
2019-01-04T18:58:19+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Passw0rd&server=1
2019-01-04T18:58:16+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=147852369&server=1
2019-01-04T18:58:24+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!@!#$%^&*()1&server=1
2019-01-04T18:58:06+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=asd123..&server=1
2019-01-04T18:58:13+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=leo&server=1
2019-01-04T18:58:09+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=changeme&server=1
2019-01-04T18:58:11+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=cw6578345&server=1
2019-01-04T18:58:12+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123..f&server=1
2019-01-04T18:58:23+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=P@ssw0rd&server=1
2019-01-04T18:58:18+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=test1234&server=1
2019-01-04T18:58:17+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=3.1415926&server=1
2019-01-04T18:58:13+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=P@ssw0rd1&server=1
2019-01-04T18:58:15+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=7758258&server=1
2019-01-04T18:58:21+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=exchange&server=1
2019-01-04T18:58:08+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Abcd@1234&server=1
2019-01-04T18:58:16+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234qwerasdf&server=1
2019-01-04T18:58:15+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=5555&server=1
2019-01-04T18:58:17+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!@qwaszx&server=1
2019-01-04T18:58:10+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=dtx2011&server=1
2019-01-04T18:58:05+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=7890&server=1
2019-01-04T18:58:09+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=root62070&server=1
2019-01-04T18:58:10+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=androidhive&server=1
2019-01-04T18:58:05+0800 106.12.206.4 14996 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=102030&server=1
2019-01-04T18:58:52+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=tursadmin&server=1
2019-01-04T18:58:25+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123@qwe&server=1
2019-01-04T18:59:07+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz!!!&server=1
2019-01-04T18:58:56+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=l3k0m&server=1
2019-01-04T18:58:57+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=jotop53@mysql&server=1
2019-01-04T18:58:51+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=eve@realmedia@123&server=1
2019-01-04T18:58:56+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p12sw02s&server=1
2019-01-04T18:58:57+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=wgj&server=1
2019-01-04T18:58:52+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=yhnmkiu&server=1
2019-01-04T18:58:32+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123321abc*&server=1
2019-01-04T18:59:06+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz&server=1
2019-01-04T18:58:45+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=rlovet&server=1
2019-01-04T18:58:45+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=09160810&server=1
2019-01-04T18:58:28+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=111aaa...&server=1
2019-01-04T18:58:54+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=nybwww&server=1
2019-01-04T18:59:00+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=marcus&server=1
2019-01-04T18:58:41+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=kyict&server=1
2019-01-04T18:58:43+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=@))^ttx8431&server=1
2019-01-04T18:58:55+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ek2@eten&server=1
2019-01-04T18:58:59+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=lh1234&server=1
2019-01-04T18:59:08+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz!@#&server=1
2019-01-04T18:58:52+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=nwadmin_192168198&server=1
2019-01-04T18:58:47+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=singharvest&server=1
2019-01-04T18:58:55+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ek2test@&server=1
2019-01-04T18:58:51+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=33375909mis&server=1
2019-01-04T18:59:02+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=lubtek&server=1
2019-01-04T18:58:34+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=308&server=1
2019-01-04T18:58:53+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=shadowgroup&server=1
2019-01-04T18:58:33+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=122606697&server=1
2019-01-04T18:58:53+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=soclab&server=1
2019-01-04T18:58:47+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=kiroro&server=1
2019-01-04T18:58:55+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=Eten123456&server=1
2019-01-04T18:59:05+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=zxcvb&server=1
2019-01-04T18:58:57+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=steve2020&server=1
2019-01-04T18:58:48+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=10g10g10g&server=1
2019-01-04T18:58:38+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=agex123&server=1
2019-01-04T18:58:54+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=shakespeare&server=1
2019-01-04T18:58:57+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=stc13&server=1
2019-01-04T18:59:01+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ccic&server=1
2019-01-04T18:58:52+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=otis&server=1
2019-01-04T18:59:01+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=110911&server=1
2019-01-04T18:58:37+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=kim&server=1
2019-01-04T18:58:40+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=dbapw2005&server=1
2019-01-04T18:58:53+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=eelab513&server=1
2019-01-04T18:58:50+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=srv110&server=1
2019-01-04T18:58:44+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=chen8819&server=1
2019-01-04T18:59:03+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=lubtek999&server=1
2019-01-04T18:59:04+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=q1w2e3r4&server=1
2019-01-04T18:58:53+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=jp694xu;6'&server=1
2019-01-04T18:58:56+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=cool5124&server=1
2019-01-04T18:58:24+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1122&server=1
2019-01-04T18:59:06+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=zxcvbn&server=1
2019-01-04T18:58:34+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=725126&server=1
2019-01-04T18:58:46+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=queen&server=1
2019-01-04T18:58:42+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=askyib88&server=1
2019-01-04T18:58:49+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ipdasw&server=1
2019-01-04T18:58:39+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=agex33664411&server=1
2019-01-04T18:58:49+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=netbu&server=1
2019-01-04T18:58:56+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=calvin&server=1
2019-01-04T18:58:46+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123gwg456&server=1
2019-01-04T18:58:29+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1116&server=1
2019-01-04T18:58:55+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=650329&server=1
2019-01-04T18:58:36+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=double22&server=1
2019-01-04T18:58:33+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=12344321&server=1
2019-01-04T18:58:42+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ezlms&server=1
2019-01-04T18:58:32+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1001&server=1
2019-01-04T18:58:54+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=samil3131&server=1
2019-01-04T18:58:36+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=780313&server=1
2019-01-04T18:58:50+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=st1225&server=1
2019-01-04T18:58:50+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=jacksoftdb&server=1
2019-01-04T18:58:27+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=a111111&server=1
2019-01-04T18:58:54+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ansheng&server=1
2019-01-04T18:59:02+0800 106.12.206.4 19881 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=ccic999&server=1
2019-01-04T18:59:13+0800 106.12.206.4 29642 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazedc&server=1
2019-01-04T18:59:17+0800 106.12.206.4 30644 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx123&server=1
2019-01-04T18:59:12+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz@wsx&server=1
2019-01-04T18:59:10+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz123.com&server=1
2019-01-04T18:59:11+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz123456&server=1
2019-01-04T18:59:12+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz7272&server=1
2019-01-04T18:59:13+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz@wsx#edc&server=1
2019-01-04T18:59:10+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz12345&server=1
2019-01-04T18:59:11+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz130.com&server=1
2019-01-04T18:59:09+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz123&server=1
2019-01-04T18:59:11+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz12345678&server=1
2019-01-04T18:59:12+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz14789&server=1
2019-01-04T18:59:09+0800 106.12.206.4 28628 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qaz123.0&server=1
2019-01-04T18:59:18+0800 106.12.206.4 30644 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx123456&server=1
2019-01-04T18:59:18+0800 106.12.206.4 30644 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx123@#&server=1
2019-01-04T18:59:19+0800 106.12.206.4 31225 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx159&server=1
2019-01-04T18:59:15+0800 106.12.206.4 29642 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazqaz&server=1
2019-01-04T18:59:16+0800 106.12.206.4 29642 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx!@#123&server=1
2019-01-04T18:59:15+0800 106.12.206.4 29642 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazqazqaz&server=1
2019-01-04T18:59:14+0800 106.12.206.4 29642 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazokm&server=1
2019-01-04T18:59:22+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazxsw&server=1
2019-01-04T18:59:22+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazxswedc&server=1
2019-01-04T18:59:23+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazxswedcvfr&server=1
2019-01-04T18:59:20+0800 106.12.206.4 31225 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx@#$&server=1
2019-01-04T18:59:20+0800 106.12.206.4 31225 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsx888&server=1
2019-01-04T18:59:25+0800 106.12.206.4 33039 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123456qwerty&server=1
2019-01-04T18:59:26+0800 106.12.206.4 33039 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=!QAZ@wsx&server=1
2019-01-04T18:59:21+0800 106.12.206.4 31815 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazwsxedc&server=1
2019-01-04T18:59:21+0800 106.12.206.4 31815 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazxcv!@#&server=1
2019-01-04T18:59:27+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e*&server=1
2019-01-04T18:59:28+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4&server=1
2019-01-04T18:59:28+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r&server=1
2019-01-04T18:59:29+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r5t6y&server=1
2019-01-04T18:59:29+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r5t6y7u&server=1
2019-01-04T18:59:24+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazZAQ!&server=1
2019-01-04T18:59:23+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=qazzaq&server=1
2019-01-04T18:59:24+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234qwer&server=1
2019-01-04T18:59:24+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=123qaz&server=1
2019-01-04T18:59:25+0800 106.12.206.4 32131 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1234qwer!@#$&server=1
2019-01-04T18:59:30+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r5t6y7u8i&server=1
2019-01-04T18:59:30+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r5t6y7u8i9o&server=1
2019-01-04T18:59:26+0800 106.12.206.4 33039 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e!@#&server=1
2019-01-04T18:59:31+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qa2ws3ed&server=1
2019-01-04T18:59:32+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz0okm&server=1
2019-01-04T18:59:33+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz2wsx!@#123&server=1
2019-01-04T18:59:32+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz&server=1
2019-01-04T18:59:31+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qa2ws&server=1
2019-01-04T18:59:32+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaZ2wsx&server=1
2019-01-04T18:59:32+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz!QAZ&server=1
2019-01-04T18:59:33+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz1qaz&server=1
2019-01-04T18:59:33+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz2wsX&server=1
2019-01-04T18:59:31+0800 106.12.206.4 33476 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1q2w3e4r5t6y7u8i9o0p&server=1
2019-01-04T18:59:39+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazse4&server=1
2019-01-04T18:59:42+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxcvbnml&server=1
2019-01-04T18:59:49+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1z2x3c4v&server=1
2019-01-04T18:59:45+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxsw23&server=1
2019-01-04T18:59:35+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz3edc5tgb&server=1
2019-01-04T18:59:41+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazsedc&server=1
2019-01-04T18:59:36+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz@2wsx&server=1
2019-01-04T18:59:37+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazXSW@&server=1
2019-01-04T18:59:40+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazse4rfv&server=1
2019-01-04T18:59:50+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass#word&server=1
2019-01-04T18:59:48+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1z2x3c&server=1
2019-01-04T18:59:46+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxsw@&server=1
2019-01-04T18:59:41+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxcvbnm&server=1
2019-01-04T18:59:44+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxcvbnmlpoiuytrew&server=1
2019-01-04T18:59:50+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass&server=1
2019-01-04T18:59:35+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz@123&server=1
2019-01-04T18:59:45+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxsw23edc&server=1
2019-01-04T18:59:44+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qazxsw2&server=1
2019-01-04T18:59:47+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qw23er45ty67u&server=1
2019-01-04T18:59:37+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz@WSX3edc&server=1
2019-01-04T18:59:33+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz2wsx3edc&server=1
2019-01-04T18:59:36+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz@WSX&server=1
2019-01-04T18:59:37+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz@wsx&server=1
2019-01-04T18:59:34+0800 106.12.206.4 35083 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=1qaz2wsx3edc4rfv&server=1
2019-01-04T19:00:02+0800 106.12.206.4 41518 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd1&server=1
2019-01-04T18:59:56+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passw0rd12&server=1
2019-01-04T18:59:58+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=password1&server=1
2019-01-04T19:00:01+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd!&server=1
2019-01-04T19:00:00+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@$$w0rd123&server=1
2019-01-04T18:59:59+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=password123456&server=1
2019-01-04T19:00:01+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd!@&server=1
2019-01-04T18:59:53+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass1234&server=1
2019-01-04T18:59:57+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passwd&server=1
2019-01-04T18:59:54+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass8027&server=1
2019-01-04T18:59:56+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passw0rd1&server=1
2019-01-04T18:59:57+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passw0rd123&server=1
2019-01-04T19:00:01+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd&server=1
2019-01-04T19:00:00+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@$$w0rd12&server=1
2019-01-04T18:59:59+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@$$w0rd&server=1
2019-01-04T18:59:58+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=password01&server=1
2019-01-04T18:59:58+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=password12&server=1
2019-01-04T19:00:01+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ss1234&server=1
2019-01-04T18:59:53+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass75wd&server=1
2019-01-04T18:59:59+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passwords&server=1
2019-01-04T19:00:02+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd!@#&server=1
2019-01-04T18:59:59+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=password123&server=1
2019-01-04T19:00:00+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@$$w0rd1&server=1
2019-01-04T18:59:55+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passe&server=1
2019-01-04T18:59:51+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass0rd&server=1
2019-01-04T18:59:54+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass@18&server=1
2019-01-04T18:59:55+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=passw&server=1
2019-01-04T18:59:52+0800 106.12.206.4 38581 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=pass123&server=1
2019-01-04T19:00:03+0800 106.12.206.4 41518 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd123&server=1
2019-01-04T19:00:03+0800 106.12.206.4 41518 192.168.52.10 80 /phpmyadmin/index.php?pma_username=root&pma_password=p@ssw0rd12&server=1

2018/12/29

之前就一直想從http的log裡找出一些不正常的網路行為
但實行上有點麻煩
要麼就要在每台上去解析log再把資料收回來處理
要麼就是在每台 web server 設定把log丟到一台log server 再來處理這些log
但以上都會碰到相同的問題
就是log格式都不同
處理起來相當不方便
bro ids 解決了這個問題
因為她把http的訊息存成 http.log
由於是port mirror的資料
所以不用管是用什麼web server 沒有格式的問題
以下是收到的部分相關log

"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057222.232953 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 78 GET 10.10.10.10 /phpmyadmin1/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057225.584942 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 97 GET 10.10.10.10 /phpMyAdmin__/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057223.108940 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 83 GET 10.10.10.10 /xampp/phpmyadmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057214.432996 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 47 POST 10.10.10.10 /mm.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 33 0 - - - - (empty) - - - FtjKnE4d9dGZ1eTimg - text/plain - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057223.824968 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 87 GET 10.10.10.10 /phpmyadmin-old/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057217.248956 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 63 GET 10.10.10.10 /dbadmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057210.580951 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 26 POST 10.10.10.10 /xiaohei.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 28 0 - - - - (empty) - - - F2YNwr3qgj6VkZiouf - text/plain - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057215.136950 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 51 GET 10.10.10.10 /index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057216.020960 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 56 GET 10.10.10.10 /PMA/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057218.484938 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 70 GET 10.10.10.10 /admin/phpMyAdmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057218.308939 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 69 GET 10.10.10.10 /admin/phpmyadmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057223.648956 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 86 GET 10.10.10.10 /tools/phpMyAdmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057216.196985 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 57 GET 10.10.10.10 /PMA2/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057222.937003 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 82 GET 10.10.10.10 /myadmin2/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057213.724938 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 43 POST 10.10.10.10 /test123.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 21 0 - - - - (empty) - - - FIDl5w1kIO2VHsjo8a - text/plain - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057221.163288 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 72 GET 10.10.10.10 /mysqladmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057221.704931 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 75 GET 10.10.10.10 /phpadmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057224.528944 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 91 GET 10.10.10.10 /claroline/phpMyAdmin/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057217.776981 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 66 GET 10.10.10.10 /admin/PMA/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057211.996955 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 34 POST 10.10.10.10 /zxc2.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 27 0 - - - - (empty) - - - Ft1eC04yYKwCWhrTPi - text/plain - - -"
"2018-12-29T04:20:32.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057224.884950 CMitkC4cDzyAFEKkR7 103.13.222.104 58845 10.10.10.10 80 93 GET 10.10.10.10 /phpma/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:41.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057229.508999 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 17 GET 10.10.10.10 /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:41.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057227.352989 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 5 GET 10.10.10.10 /phpMyAdmin1/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:41.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057229.144976 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 15 GET 10.10.10.10 /mysql/sqlmanager/index.php - - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:41.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057229.681003 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 18 GET 10.10.10.10 /manager/html - - Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0 0 0 - - - - (empty) - - - - - - - - -"
"2018-12-29T04:20:28.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057227.000982 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 3 GET 10.10.10.10 /phpMyAdmion/index.php - 1.1 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 159 404 Not Found - - (empty) - - - - - - F3YCn01Lompw5GiAdh - text/plain"
"2018-12-29T04:20:28.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057226.644633 C95B7c0UxBS1gw2Yg 103.13.222.104 64912 10.10.10.10 80 1 GET 10.10.10.10 /shaAdmin/index.php - 1.1 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) 0 159 404 Not Found - - (empty) - - - - - - F6zWHY3ZersNuWiVX2 - text/plain"
"2018-12-29T04:20:11.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057189.296983 CTOH8U3JKYGtswHTJe 103.13.222.104 52431 10.10.10.10 80 30 POST 10.10.10.10 /1hou.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 24 0 - - - - (empty) - - - FFzi3l4NQmxiu0bsfg - text/plain - - -"
"2018-12-29T04:20:11.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057194.068951 CTOH8U3JKYGtswHTJe 103.13.222.104 52431 10.10.10.10 80 50 POST 10.10.10.10 /sha.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 24 0 - - - - (empty) - - - FjR3jA2532rlkSNbEf - text/plain - - -"
"2018-12-29T04:20:11.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057202.900966 CTOH8U3JKYGtswHTJe 103.13.222.104 52431 10.10.10.10 80 88 POST 10.10.10.10 /2.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 24 0 - - - - (empty) - - - F3ewddDCWbrsByyN8 - text/plain - - -"
"2018-12-29T04:20:11.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057193.716947 CTOH8U3JKYGtswHTJe 103.13.222.104 52431 10.10.10.10 80 48 POST 10.10.10.10 /core.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 25 0 - - - - (empty) - - - FMBWxFbha0axdctTj - text/plain - - -"
"2018-12-29T04:20:11.000Z","bro-ids-centos7-lxc","bro-ids-centos7-lxc bro_http: 1546057185.908958 CTOH8U3JKYGtswHTJe 103.13.222.104 52431 10.10.10.10 80 11 POST 10.10.10.10 /aaaa.php - - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Safari/537.36 25 0 - - - - (empty) - - - Fsbkfe4RxpY2HRVpkg - text/plain FGwnQrbAvp4Iov629 - -"

除了偽裝成不同OS跟不同browser之外

再來就是一直try各種預設管理軟体的路徑及檔案

封包丟過來不一定會等回應

所以不一定會有 404 的回應碼

可以用搜尋關鍵字的方式

找出有問題的 ip 來處理

2018/12/26

proxmox中如果guest的vm file是放在local disk
從web介面是沒有辦法online live migration的

會出現

2018-12-26 12:52:46 starting migration of VM 701 to node 'proxmox2'
2018-12-26 12:52:47 found local disk 'local-zfs:vm-701-disk-0' (in current VM config)
2018-12-26 12:52:47 can't migrate local disk 'local-zfs:vm-701-disk-0': can't live migrate attached local disks without with-local-disks option
2018-12-26 12:52:47 ERROR: Failed to sync data - can't migrate VM - check log
2018-12-26 12:52:47 aborting phase 1 - cleanup resources
2018-12-26 12:52:47 ERROR: migration aborted (duration 00:00:01): Failed to sync data - can't migrate VM - check log
TASK ERROR: migration aborted

要手動下指令

qm migrate vmid nodename --with-local-disks --online

例如
qm migrate 701 proxmox2 --with-local-disks --online

2018/12/08

前不久才寫過安裝bro ids 的文章
最近 2018/11/29 更新版 2.6

今天測試安裝完成
記錄一下過程

make 的時間比之上一版更久了

先修改

/usr/local/bro/etc/node.cfg
interface=eth1 (監聽的mirror port)

make install後先使用 broctl 進行 start 發現無法啟動

先安裝sendmail
yum -y install sendmail

再來有二個檔案要修改

/usr/local/bro/share/bro/broctl/standalone.bro

#@load standalone-layout

/usr/local/bro/share/bro/broctl/auto.bro

#@load local-networks
#@load broctl-config

改完後啟動就沒問題了

接下來在 /etc/rc.local加入

/sbin/ifconfig eth1 promisc
/usr/local/bro/bin/broctl start

然後log的預設路徑變了

/usr/local/bro/spool/bro

接下來就可以把所需的log吐出去了

vi /etc/rsyslog.d/bro.conf

input(type="imfile"
File="/usr/local/bro/spool/bro/sip.log"
Tag="bro_sip:"
Severity="debug"
Facility="user"
)

user.debug @2.3.4.5:514

Sverity 使用 debug 才不會寫到 /var/log/messages

2018/12/04

之前反應過的proxmox lxc無法mount nfs的問題
在5.3版解決了

2018/12/02

這二天從m$官網下載了iso回來安裝測試

https://www.microsoft.com/zh-tw/software-download/windows10ISO

裝的時候選的是教育版
但沒有辦法使用KMS試証

google了一下
發現要先把key換成 GVLK

https://it.cornell.edu/software-licensing/updating-kms-mak-installation

https://it.cornell.edu/software-licensing/product-keys-updating-kms-mak-activation

win10的換key指令如下
slmgr.vbs /ipk NW6C2-QMPVW-D7KKK-3GKT6-VCFB2

換完後再次執行KMS認証就OK了

2018/11/26

這二天測試了一下zbackup
一個可以去重複的備份軟体
感覺還不錯
記錄一下
在ubuntu直接 sudo apt install zbackup就可以了
安裝後的第一件事就是建立所需使用的目錄

zbackup init --non-encrypted /my/backup/repo

再來就是備分還原

單檔時備分

cat file_to_backup | zbackup backup /tmp/zbackup/backups/file_to_backup -`date '+%Y-%m-%d'` --non-encrypted

單檔時還原

zbackup restore /my/backup/repo/backups/file_to_backup-`date '+%Y-%m-%d'` --non-encrypted > /my/precious/file_to_backup

備分目錄

tar c /my/precious/data | zbackup backup /my/backup/repo/backups/backup-`date '+%Y-%m-%d'` --non-encrypted

還原目錄

zbackup restore /my/backup/repo/backups/backup-`date '+%Y-%m-%d'` --non-encrypted > /my/precious/backup-restored.tar

測試時有個問題
要把tar解開時會出現

tar: .：無法 utime: 此項操作並不被允許
tar: .：無法變更模式為 rwxrwxr-t: 此項操作並不被允許
tar: 由於先前錯誤而以失敗狀態離開

所以要解開tar時要使用 sudo

zbackup會把備分的檔案切割成許多小檔放在 my/backup/repo/bundles這個目錄內
之後再備分的檔案一樣會再切割然後跟已存在的小檔比對
如果有不同才會再另存別的小檔
以達到重複資料刪除的目的

2018/11/17

之前有寫到 security onion

裡面有個好用的 bro ids 可以獨立安裝

已經裝起來跑了一段時間了

效果不錯

做個記錄

首先安裝

https://www.bro.org/sphinx/install/install.html#prerequisites

我是裝在centos 7上按照文件把該補的rpm補一下

make 時要花一點時間

裝好後修改

/usr/local/bro/etc/node.cfg

裡的監聽interface (使用port mirror)

然後在/etc/rc.local加上

/usr/local/bro/bin/broctl start 開几啟動

所有的相關記錄會放在

/usr/local/bro/logs/current

歷史資料會按日期分開

分門別類　相當完整　可以依照個自的需求針對某個檔案進行解析

capture_loss.log files.log pe.log software.log stderr.log weird.log

conn.log http.log radius.log ssh.log stdout.log x509.log

dns.log known_hosts.log smtp.log ssl.log syslog.log

dpd.log notice.log snmp.log stats.log tunnel.log

我是利用rsyslog把需要的資料丟出來到graylog

建立/etc/rsyslog.d/bro.conf

範例如下

$InputFileName /usr/local/bro/logs/current/sip.log

$InputFileTag bro_sip:

$InputFileStateFile stat-bro_sip

$InputFileSeverity info

$InputFileFacility local7

$InputRunFileMonitor

# check for new lines every second

$InputFilePollingInterval 1

# To the ELSA test server!:

local7.info @1.2.3.4:514

目前graylog的marketplace只有一個Content Pack 是解析從security onion丟來的log

所以如果要統計一下來源 ip要自己再寫一下extractor

而且因為每個log檔的格式不盡相同

所以要依需求產生不同的extractor

2018/11/13

fortiOS 5.2的REST有問題不要用

最近有個朋友問我有沒有用過fortiget rest的功能 5.2之後提供
其實之前就有再找
只是後來程式都直接用 ssh或telnet去下指令
既然有人問了
就再來找找

一閞始找到的這二個資料
可以查可以刪但不能新增也不能update
所以不要再浪費時間了

https://aimless.jp/blog/archives/2017-04-01-manageing-fortigate-by-rest-api/

https://pypi.org/project/PyFortiAPI/

直到後來找到這個完全沒問題啊而且也不用自己去寫jason格式而且反應速度相當快

https://github.com/DavidChayla/FortigateApi/blob/master/README.md

記錄一下用法

首先要下載回來後要先 import

import sys
sys.path.append('PATH TO FortigateApi.py')

再來依照文件說明

import FortigateApi

fg = FortigateApi.Fortigate('10.20.30.40', 'root', 'admin', 'mypasswd')

fg.AddFwAddress('srv-A','10.1.1.1/32')

200

fg.GetFwAddress('srv-A')

u'{\n "http_method":"GET",\n "results":[\n {\n "name":"srv-A",\n "q_origin_key":"srv-A",\n "uuid":"2103d064-d520-51e6-de84-16e9ab03b8ae",\n "subnet":"10.1.1.1 255.255.255.255",\n "type":"ipmask",\n "start-ip":"10.1.1.1",\n "end-ip":"255.255.255.255",\n "fqdn":"",\n "country":"",\n "url":"",\n "cache-ttl":0,\n "wildcard":"10.1.1.1 255.255.255.255",\n "comment":"",\n "visibility":"enable",\n "associated-interface":"",\n "color":0,\n "tags":[\n ]\n }\n ],\n "vdom":"dc2",\n "path":"firewall",\n "name":"address",\n "mkey":"srv-A",\n "status":"success",\n "http_status":200,\n "serial":"FWF90D3Z13003141",\n "version":"v5.2.9",\n "build":736\n}'

fg.SetFwAddress('srv-A','10.2.2.2/32')

200

fg.DelFwAddress('srv-A')

200

2018/11/07

SECURITY ONION

一套不錯的網路異常行為偵測系統
包含了很多的工具
直接下載iso就可以安裝完成
試裝了一下滿方便好裝的
不過要注意硬碟空間及cpu ram
如果資源不夠
跑起來會很辛苦

2018/11/02

之前寫過一篇用obs + nginx 來進行串流
最近找到另一個srs 看來也方便的
記錄一下
以下是官方的安裝步驟

Step 1: get SRS
git clone https://github.com/ossrs/srs && cd srs/trunk

Step 2: build SRS, Requires Centos6.x/Ubuntu12 32/64bits, others see Build(CN,EN).

./configure && make

Step 3: start SRS
./objs/srs -c conf/srs.conf

srs.conf 可依需求進行修改

測試的結果在 linux mint 19 x64 上無法編譯成功
在ubuntu 16.04 x64 及 centos 7 x64 是ok的
ubuntu 18.04 沒試

如果要在centos 7上安裝要補一下 rpm

yum install -y gcc gcc-c++ make patch unzip sudo

再來依上述的步驟執行即可
不過要注意的是
執行後會在几器上開三個port 1935 1985 8080
記得用iptables 限制一下
尤其是8080 是web介面

執行完後利用obs把視訊串流上來
步驟參考之前的po文要改的是串流的url如下圖
改一下server的ip及相關設定

再來使用vlc觀看

vlc rtmp://1.2.3.4/live/livestream

live及livestream對照上面進行修改

目前測試起來 server 上 srs 的 cpu 吃不到 1 %

但obs的串流相當吃cpu 尤其是解析度高的時候

2018/10/26

https://www.nedi.ch/

這個工具看起來不錯
不過操作有點小複雜
官網上的 https://www.nedi.ch/pub/nebuntu.sh 安裝程序沒用
不要浪費時間
建議直接捉ova回來用
測了一下
真的可以捉到很多資訊
不過有一點
她竟然不是用ip當做唯一值

NeDi requires unique device names, since this is the primary key in the database

目前一堆設備都是用相同的名字
如果為了跑這個還要全部去改
算了

不過nedi真的是好東西
有需求的可以玩玩

2018/10/21

利用windows 本身的工具取得diskstatus 並傳回log server

wmic diskdrive get model, status > diskstatus.txt

type diskstatus.txt | nc -w 2 -u 1.2.3.4 514

也可以寫成

wmic diskdrive get model, status | nc -w 2 -u 1.2.3.4 514

不過傳到log server的值會分成二行

2018/10/17

記錄一下這二天測試 open-audit的測試結果

安裝在centos 7 x64 上基本上沒啥問題

從官網下載 OAE-Linux-x86_64-release_2.2.7.run

chmod 700 後直接執行

會自動把需要的rpm全部裝好

安裝完登入時會一直出珼找不到nmap的訊息

因為程式的預設路徑是 /usr/local/bin

可是cenos 7 nmap的預設路徑是 /usr/bin

記得要做個link 解決問題

官方是說可以收網路設備的資料不過我試了半天

就是收不進來

再來說pc

server裝好後直接下載vbs

有各種os可以用這個比ocs好一點

下載回來改一下server的ip 就可以直接用了很方便

不過vbs的執行速度真的是有..........夠..........慢

撈的資料跟ocs比

好像也差不多

為什麼這麼慢呢？

而且要砍個device還要舞弄半天

看來還是繼續用ocs好了

目前沒有換的打算

https://www.open-audit.org/

2018/10/16

昨天測了一下proxmox的LXC
開關几速度超快
果然是container
不過在guset要mount nfs時出現了以下的錯誤

mount -t nfs 1.2.3.4:/volume1/abc /mnt/abc/
mount.nfs: access denied by server while mounting 1.2.3.4:/volume1/abc

明明網路都有通權限也都有給
查了一下才知道proxmox因為安全的關係把這個功能關掉了
而管理這個功能的是
apparmor
這個daemon
再來就是找如何處理
有改config或是把apparmor直接關了
試過這二種都沒用
官方forum有提到這個地方會修改但沒有提到時間表
最後成功的方法是先在host把要用的 nfs 先 mount 進來
之後再到這個LXC的resource add一個mount point
但因為add時無法選目錄
所以必須在加完後再直接到 /etc/pve/lxc 改config
例如是 222.conf
找到以下這行

mp0: local-zfs:subvol-222-disk-2,mp=/mnt/abc,size=8G

改成

mp0: /host/mount/point,mp=/mnt/abc

container再重開
就會直接看到所需的目錄已經mount在 /mnt/abc 了

不過改完之後會在zfs殘留一個剛建立的檔
記得要去砍掉

zfs destroy rpool/data/subvol-222-disk-1

https://www.facebook.com/groups/pve.tw/permalink/827877674047462/

LXC目前的优缺點如下

佈建快
開關几快
占用資源少

無法live migration
無法放在nfs
無法直接clone (要clone之前要先建立snapshot)

2018/09/18

librenms 自動更新三不五時要debug好像已經變成日常了

今天打開頁面又是一片空白

先跑一下 /opt/librenms/validate.php

./validate.php
====================================
Component | Version
--------- | -------
LibreNMS | 1.43-82-gcf31776
DB Schema | 267
PHP | 7.0.31
MySQL | 5.5.60-MariaDB
RRDTool | 1.4.8
SNMP | NET-SNMP 5.7.2
====================================

[OK] Composer Version: 1.7.2
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database schema correct
[FAIL] Missing PHP extension: mysqlnd
[FIX] Please install mysqlnd
[WARN] Some devices have not been polled in the last 5 minutes. You may have performance issues.
[FIX] Check your poll log and see: http://docs.librenms.org/Support/Performance/
Devices:
192.168.0.1
192.168.0.2
192.168.15.254
192.168.19.254
and 22 more...
[WARN] Your install is over 24 hours out of date, last update: Sun, 16 Sep 2018 17:23:12 +0000
[FIX] Make sure your daily.sh cron is running and run ./daily.sh by hand to see if there are any errors.

說我沒有安裝mysqlnd 補一下吧

但發現因為我已經安裝 php70w-mysql 所以不能再裝

Processing Conflict: php70w-mysql-7.0.31-1.w7.x86_64 conflicts php70w-mysqlnd
--> Finished Dependency Resolution
Error: php70w-mysql conflicts with php70w-mysqlnd-7.0.31-1.w7.x86_64

google到以下的文章

https://community.librenms.org/t/fail-missing-php-extension-mysqlnd-fix-please-install-mysqlnd/5130/5

yum swap php70w-mysql php70w-mysqlnd

裝好後再跑一次

./validate.php
====================================
Component | Version
--------- | -------
LibreNMS | 1.43-82-gcf31776
DB Schema | ?
PHP | 7.0.31
MySQL | ?
RRDTool | 1.4.8
SNMP | NET-SNMP 5.7.2
====================================

[FAIL] Missing dependencies! [FIX] ./scripts/composer_wrapper.php install --no-dev
fideloper/proxy
[FAIL] Outdated dependencies [FIX] ./scripts/composer_wrapper.php install --no-dev
psy/psysh
[OK] Composer Version: 1.7.2
[FAIL] Missing dependencies!
[FIX] composer install --no-dev
Dependencies:
fideloper/proxy

照他說的再執行

./scripts/composer_wrapper.php install --no-dev

再跑一次

./daily.sh
Updating to latest codebase OK
Updating Composer packages OK
Updated from cf31776 to 8f89cd5 OK
Updating SQL-Schema OK
Updating submodules OK
Cleaning up DB OK
Fetching notifications OK
Caching PeeringDB data OK

以上
ok了

2018/09/09

最近電腦開不了機
之前就有幾次
ram重插拔後又可以
不過這次看來是完全ＧＧ了
所以上網買了 cpu ram 主機板的套裝
cpu 配的是 AMD A4-6300 APU with Radeon(tm) HD Graphics

要開始裝os　 linux mint 19 就碰到無法開機的問題
到linux mint的網站看到以下的解法
在開機時要選擇　Compatibility mode

可是裝好後開機還是有問題

還有一個地方要改

/boot/grub/grub.conf裡

Replace quiet splash with nomodeset and press Enter to boot.

可是另一個問題又來了

醬我每次更新kernel又要再重改一次

所以來改一下預設值

/etc/default/grub

#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

GRUB_CMDLINE_LINUX_DEFAULT="nomodeset"

醬開機就沒問題了
再來是開進os後
開youtube
1080P竟然很lag

再來裝一下vga的driver
ubuntu有直接提供
sudo apt install fglrx-pxpress

順了

另外就是輸入法　linux mint 19預設是使用fcitx

我還是比較習慣用ibus 所以改了一下

https://linuxmint-installation-guide.readthedocs.io/en/latest/boot_options.html

https://launchpad.net/ubuntu/bionic/+package/fglrx-pxpress

2018/09/06

之前提到ocs升級的問題
早上找到下面這一篇
有時間再來試試

https://blog.adsl2meg.fr/installer-ocs-inventory-ng-2-5-sous-centos-7/

2018/08/23

今天早上 6：00收到cisco server發出的告警 OS 也當了

Server HostName:C240-
Severity: major
Fault Code: F0174

Problem Cause: equipment-inoperable
Entity DN: sys/rack-unit-1/board/cpu-2
Description: P2_PROCHOT: Processor 2 is operating at a high temperature: Check cooling

PLATFORM: UCS C240 M4S
CIMC Ver: 3.0(3a)
BIOS Ver: C240M4.3.0.3a.0.0321172111

嚇了我一大跳以為機房的冷氣又壞掉了

進環控去看溫度是正常的
接下來進CIMC
看到

直覺是風扇壞了
先重開機看看還能不能開
還好可以開
先把guest全部搬走
因為前幾天storage壞了把guest 全搬到肚子
連絡廠商後把上面的擷圖跟收log
等到下午
代理商連絡說有個東西要調

預設的風扇策略是低功率　有可能會造成溫度過高
建議調整如下

還問我是不是跑vm cpu有沒有吃很多

現在買server 99%都跑vm了吧
這個還要問
風扇策略竟然還會預設低轉速
欠罵

2018/08/21

最近 librenms 發生 alert 通知不見的情況
爬了一下文原來是更新到1.42版之後
官方建議alert通知使用新的方法

Alert Transports

但 alert template跟之前的語法不同
而且如果直接使用網頁介面上的convert來轉換
出來的語法也是錯的
最後的解法方使用直接到官網全部複制
再貼到管理網頁上
目前是恢復正常了

https://docs.librenms.org/#Alerting/Templates/

順便說一下新的alert設定方法
先到alert transports 設定一個新的

之後再到alert rules 重新設定

2018/08/17

今天升級ocs 2.5 版的

升級的時候沒有發生什麼問題

但升完後

只要點search 畫面就是一片空白

查一下log 發現

Can't use method return value in write context in /usr/share/ocsinventory-reports/ocsreports/require/search/TranslationSearch.php on line 224, referer: http://1.2.3.4/ocsreports/index.php?first

爬了一下

果然有人問到

https://github.com/OCSInventory-NG/OCSInventory-ocsreports/issues/528

有人回答了

The multi-criteria search uses tables that need the minimum php 5.5 version. I advise you to update your php version to 5.5 or higher.

centos 7 官方的php只出到5.4 而且也不想去升

而且有人升完後還要再安裝php-xml 才能用

把昨天的備分倒回去

等官方升到 php 5.5 再說吧

2018/08/01

最近借了一台 synology fs2017來測試
8顆 240G SSD

測試環境

cisco UCS C240 M4S

Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz *2
RAM 32G
HD 300G SAS *5
NIC 10G

proxmox 5.2 環境
guest HD 32G

使用指令如下
time qm clone 123 456

===========================
fs2017 iscsi

real 1m41.039s
user 0m4.945s
sys 0m55.628s
===========================
fs2017 nfs

real 0m47.445s
user 0m3.224s
sys 0m36.446s
===========================
cisco local zfs

real 10m3.973s
user 0m4.739s
sys 0m5.394s
===========================

cisco local lvm

real 4m28.070s
user 0m5.645s
sys 0m54.285s
===========================

hp virtual store 4300

real 4m39.839s
user 0m4.612s
sys 0m49.002s

===========================

2018/07/19

今天登入librenms時出現以下的訊息

看起是因為自動更新導致某些depcndy出了問題
先跑一下
/opt/librenms/validate.php
出現以下問題

再來就依照提示跑一下
/opt/librenms/scripts/composer_wrapper.php install --no-dev
跑完後在文字介面再執行一次/opt/librenms/validate.php
已經沒有錯誤了
可是web介面再登入
還是會出現第一張圖的錯誤訊息
此時執行網頁介面右上的齒輪裡的validate config
出現以下的錯誤訊息

可是看了一下權限並沒有問題
google了一下

https://community.librenms.org/t/validate-config-page-report-wrong-issue/4085/3

把檔案砍了

目前看來是正常

2018/07/02

synology建議定期執行 data scrubbing
以檢查資料是不有不一致的問題
但碰到了二次只要執行
机器就當機
這次更嚴重直接把一個SSD cache 踢掉
目前的做法是先把這個排程拿掉
猜測是不是因為做的時候會造成大量SSD IO的結果

2018/06/11

graylog預設會捉取log的第一個欄位來當成source

最近碰到 Cisco的ASA 吐出來log的第一個欄位是月分的英文
導致每個月都會換一次source
如下

May 09 2018 15:00:40 context-admin : %ASA-4-106023: Deny tcp src inside:172.16.213.212/52854 dst outside:192.168.213.203/445 by access-group "inside_access_in" [0x0, 0x0]
May 09 2018 15:00:40 context-admin : %ASA-4-106023: Deny tcp src inside:172.16.213.212/52855 dst outside:192.168.213.203/445 by access-group "inside_access_in" [0x0, 0x0]

查到二個解決方法

一個是讓ASA吐出來的log不要帶timestamp 不過因為是別廠商維護的
他們也不太想改

再來就是加個extractor
直接更換source這個欄位

2018/06/10

最近裝了二台proxmox 5.2
都沒有收到crontab的信
本來以之是之前的問題
但查了一下並不是
再來看一下mail log
出現這個

Jun 10 06:11:34 proxmox postfix/local[21213]: error: open database /etc/aliases.db: No such file or directory

手動產生一下

newaliases

再觀察看看

2018/06/02

昨天晚上又發生ilo 當掉撈不到資料的情況
解決方法如下 reset ilo

2018/06/01

有台qnap的nas
已經好几天web進不去了
但可以ping的到
今天連nfs都死了
昨天的備分沒做
不重開不行
又不想直接關電
用ssh進去看看
竟然可以
進去後直接下reboot 完全沒反應
再help一下
好像要加command
command reboot
醬就可以重開了

訂閱：文章 (Atom)