Amenaza Activa • MEDIO
115.21.72.248
🎯
173
Ataques Totales
🔌
1
Puertos
📡
1
Tipos Ataque
🦠
20
Malware
Geolocalizacion
- Pais
- 🇰🇷 Corea del Sur
- Ciudad
- Yangcheon-gu
- ASN
- AS4766
- ISP
- Korea Telecom
Tipos de Ataque
ssh_telnet_honeypot
Puertos Atacados
22
Malware Asociado
Credenciales Intentadas
🔐root/Admin123$
1x🔐root/thomas1234
1x🔐root/Sa123456.
1x🔐root/fjbdfdjkdsfs541544@@
1x🔐root/a0s9d8f7
1x🔐root/digital@123
1x🔐root/future
1x🔐root/Avcon@202433!
1x🔐root/santos
1x🔐root/qaz12345!
1x🔐root/3245gs5662d34
1x🔐root/12345678qq
1x🔐root/friday
1x🔐root/baby
1x🔐root/123!@#qwe
1xComandos Ejecutados
$
lscpu | grep Model1x$
echo "root:qZc60zb4VaIX"|chpasswd|bash1x$
ls -lh $(which ls)1x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x$
uname -a1x$
w1x$
cat /proc/cpuinfo | grep name | wc -l1x$
crontab -l1x$
cat /proc/cpuinfo | grep model | grep name | wc -l1x$
which ls1xExposicion segun Shodan InternetDBShodan
Datos de InternetDB, actualizacion no en tiempo real
Puertos
2280443500170133067989800013000168005000465000
Vulnerabilidades
CVE-2024-21125CVE-2025-50086CVE-2024-21203CVE-2008-3844CVE-2024-21055CVE-2023-22110CVE-2023-22068CVE-2024-20961CVE-2024-21230CVE-2024-21129CVE-2025-50098CVE-2025-50084CVE-2023-22078CVE-2023-22032CVE-2024-21198CVE-2024-21134CVE-2024-21096CVE-2024-20963CVE-2023-22111CVE-2024-21237
Hostnames
www.farminsf.com
CPEs
cpe:/a:encode:uvicorncpe:/a:python:pythoncpe:/a:f5:nginxcpe:/a:f5:nginx:1.25.3cpe:/a:nodejs:node.jscpe:/a:openbsd:openssh:7.6p1cpe:/a:openbsd:openssh:8.9p1cpe:/a:openbsd:openssh:8.7cpe:/a:oracle:mysql:8.0.33cpe:/a:expressjs:expresscpe:/o:canonical:ubuntu_linuxcpe:/a:facebook:react
Evaluacion de Riesgo
55
/100
BajoMedioAltoCritico