Report of Attack 221.160.29.254 (254.29.160.221.in-addr.arpa) telnet observation

Header

Time	2024/03/25, 11:56:03 (GMT)
Transaction ID	IL3URS5685DLIHBZ
Service	telnet
Location	KR (South Korea)
Attacker	221.160.29.254
Classification	Cisco device detection
Harm Potential	Medium

Description

Shell commands execute for cisco device detection

Content

221.160.29.254:60270 is connected to telnet server
login:
ftp
Password:


OK
TSrv >
ftp

ERROR : Unrecognized command
TSrv >
sh
shell
enable
system
ping; sh

/bin/busybox cat /proc/self/exe || cat /proc/self/exe

ERROR : Unrecognized command
TSrv >

ERROR : Unrecognized command
221.160.29.254:60270 is disconnected

All observations are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us: Honeypots.tk Admin

If you like, you can support
with your donations to us..

Donate

Attack Report for Observation

Header

Time

2024/03/25, 11:56:03 (GMT)

Transaction ID

IL3URS5685DLIHBZ

Service

telnet

Location

KR (South Korea)

Attacker

221.160.29.254

Classification

Cisco device detection

Harm Potential

Medium

Description

Shell commands execute for cisco device detection

Content