2018年10月3日から5日のログから気になったもの
2018年10月3日から5日に「Tomcat 管理マネージャ画面へのログイン試行」を観測しました。
ログオン試行で使われたパスワードは非常に安易なものです。
次にパスワードを記載します。これらのモノや類似するパスワードを設定していないか点検する際の参考にしてください。
【リクエスト】
GET /manager/html HTTP/1.1
【ログイン試行回数】
2018年10月3日 8,066回
2018年10月4日 97回
2018年10月5日 49回
【認証情報】
ログイン試行で使われたユーザIDとパスワードは以下のとおりです
・2018年10月3日分
| 試行回数 | ユーザ名 | パスワード |
| 173 | root | 8888 |
| 172 | root | 123 |
| 172 | admin | 1qazxsw2 |
| 171 | tomcat | manager |
| 171 | tomcat | 1 |
| 170 | tomcat | password |
| 170 | tomcat | 12345 |
| 170 | admin | 1q2w3e4r |
| 169 | tomcat | 1qaz2wsx |
| 169 | root | 1 |
| 169 | admin | s3cret |
| 168 | root | 1qazxsw2 |
| 167 | tomcat | 1q2w3e4r |
| 167 | admin | 8888 |
| 167 | admin | 111111 |
| 167 | admin | 111 |
| 167 | admin | 1 |
| 166 | tomcat | 111111 |
| 165 | tomcat | secret |
| 165 | root | Passw0rd |
| 165 | manager | root |
| 165 | admin | 123qwe |
| 164 | tomcat | 4444 |
| 164 | root | admin |
| 164 | root | 4444 |
| 164 | root | 111 |
| 164 | admin | root |
| 164 | admin | nimda |
| 163 | admin | Passw0rd |
| 163 | admin | admin |
| 162 | tomcat | 321 |
| 162 | tomcat | 1234 |
| 162 | root | nimda |
| 162 | root | 1q2w3e4r |
| 161 | tomcat | admin123 |
| 161 | admin | 4444 |
| 160 | tomcat | pass |
| 160 | root | 111111 |
| 160 | manager | manager |
| 160 | admin | 123 |
| 160 | admin | 1111 |
| 159 | manager | secret |
| 158 | root | s3cret |
| 158 | root | 123qwe |
| 156 | tomcat | tomcat |
| 151 | root | root |
| 93 | root | 1111 |
| 92 | manager | 123456 |
| 84 | manager | password |
| 83 | tomcat | 123qwe |
| 63 | tomcat | 123456 |
| 13 | manager | 1qazxsw2 |
| 11 | manager | 1 |
| 7 | manager | 4444 |
| 2 | manager | 1q2w3e4r |
| 1 | tomcat | toor |
| 1 | tomcat | s3cret |
| 1 | tomcat | root |
| 1 | tomcat | Passw0rd |
| 1 | tomcat | nimda |
| 1 | tomcat | admin |
| 1 | tomcat | 8888 |
| 1 | tomcat | 1qazxsw2 |
| 1 | tomcat | 123 |
| 1 | tomcat | 1111 |
| 1 | tomcat | 111 |
| 1 | tomcat | 0 |
| 1 | tomcat | |
| 1 | root | toor |
| 1 | root | tomcat |
| 1 | root | secret |
| 1 | root | password |
| 1 | root | pass |
| 1 | root | manager |
| 1 | root | admin123 |
| 1 | root | 321 |
| 1 | root | 1qaz2wsx |
| 1 | root | 123456 |
| 1 | root | 12345 |
| 1 | root | 1234 |
| 1 | root | 0 |
| 1 | root | |
| 1 | manager | toor |
| 1 | manager | tomcat |
| 1 | manager | s3cret |
| 1 | manager | admin123 |
| 1 | manager | admin |
| 1 | manager | 123qwe |
| 1 | manager | 123 |
| 1 | manager | 111 |
| 1 | manager | 0 |
| 1 | admin | toor |
| 1 | admin | tomcat |
| 1 | admin | secret |
| 1 | admin | password |
| 1 | admin | pass |
| 1 | admin | manager |
| 1 | admin | admin123 |
| 1 | admin | 321 |
| 1 | admin | 1qaz2wsx |
| 1 | admin | 123456 |
| 1 | admin | 12345 |
| 1 | admin | 1234 |
| 1 | admin | 0 |
| 1 | admin |
・2018年10月4日分
| 試行回数 | ユーザ名 | パスワード |
| 2 | tomcat | tomcat |
| 2 | tomcat | s3cret |
| 2 | tomcat | root |
| 2 | tomcat | manager |
| 2 | tomcat | admin |
| 2 | root | tomcat |
| 2 | root | s3cret |
| 2 | root | root |
| 2 | root | manager |
| 2 | root | admin |
| 2 | manager | tomcat |
| 2 | manager | s3cret |
| 2 | manager | root |
| 2 | manager | manager |
| 2 | admin | tomcat |
| 2 | admin | s3cret |
| 2 | admin | root |
| 2 | admin | manager |
| 2 | admin | admin |
| 1 | user | user |
| 1 | user | tomcat123 |
| 1 | user | s3cret |
| 1 | user | root |
| 1 | user | password |
| 1 | user | pass |
| 1 | user | manager |
| 1 | user | admin |
| 1 | tomcat | user |
| 1 | tomcat | tomcat123 |
| 1 | tomcat | s3cret123 |
| 1 | tomcat | password |
| 1 | tomcat | administrator |
| 1 | tomcat | 1234567890 |
| 1 | tomcat | 123456789 |
| 1 | tomcat | 123456 |
| 1 | tomcat | 0123456789 |
| 1 | root | usere |
| 1 | root | tomcat123 |
| 1 | root | s3cret123 |
| 1 | root | password |
| 1 | root | pass |
| 1 | root | administrator |
| 1 | root | 1234567890 |
| 1 | root | 123456789 |
| 1 | root | 123456 |
| 1 | root | 0123456789 |
| 1 | manager | user |
| 1 | manager | tomcat123 |
| 1 | manager | s3cret123 |
| 1 | manager | password |
| 1 | manager | pass |
| 1 | manager | administrator |
| 1 | manager | admin |
| 1 | manager | 1234567890 |
| 1 | manager | 123456789 |
| 1 | manager | 123456 |
| 1 | manager | 0123456789 |
| 1 | admin | user |
| 1 | admin | tomcat123 |
| 1 | admin | s3cret123 |
| 1 | admin | password |
| 1 | admin | pass |
| 1 | administrator | tomcat |
| 1 | administrator | s3cret |
| 1 | administrator | root |
| 1 | administrator | manager |
| 1 | administrator | administrator |
| 1 | administrator | admin |
| 1 | administrator | 1234567890 |
| 1 | administrator | 123456789 |
| 1 | administrator | 123456 |
| 1 | administrator | 0123456789 |
| 1 | admin | administrator |
| 1 | admin | 1234567890 |
| 1 | admin | 123456789 |
| 1 | admin | 123456 |
| 1 | admin | 0123456789 |
・2018年10月5日分
| 試行回数 | ユーザ名 | パスワード |
| 1 | user | user |
| 1 | user | tomcat123 |
| 1 | user | tomcat |
| 1 | user | s3cret |
| 1 | user | root |
| 1 | user | password |
| 1 | user | pass |
| 1 | user | manager |
| 1 | user | admin |
| 1 | tomcat | user |
| 1 | tomcat | tomcat123 |
| 1 | tomcat | tomcat |
| 1 | tomcat | s3cret123 |
| 1 | tomcat | s3cret |
| 1 | tomcat | root |
| 1 | tomcat | password |
| 1 | tomcat | pass |
| 1 | tomcat | manager |
| 1 | tomcat | admin |
| 1 | root | user |
| 1 | root | tomcat123 |
| 1 | root | tomcat |
| 1 | root | s3cret123 |
| 1 | root | s3cret |
| 1 | root | root |
| 1 | root | password |
| 1 | root | pass |
| 1 | root | manager |
| 1 | root | admin |
| 1 | manager | user |
| 1 | manager | tomcat123 |
| 1 | manager | tomcat |
| 1 | manager | s3cret123 |
| 1 | manager | s3cret |
| 1 | manager | root |
| 1 | manager | password |
| 1 | manager | pass |
| 1 | manager | manager |
| 1 | manager | admin |
| 1 | admin | user |
| 1 | admin | tomcat123 |
| 1 | admin | tomcat |
| 1 | admin | s3cret123 |
| 1 | admin | s3cret |
| 1 | admin | password |
| 1 | admin | pass |
| 1 | admin | manager |
| 1 | admin | admin |
| 1 |
