Apache
tcp/80
The Redis instance is open to the public.
This could result to data leak and code execution.
Severity: medium
Fingerprint: d606b92f1b5fdf1897c596ab97c596ab97c596ab97c596ab97c596ab97c596ab
Redis is open with 4 keys in dbs
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd7a7903a8e3697706ccef6ab5bc32e48298b89d5bbf8ff91a
Databases: 40, row count: 135027, size: 7.9 MB Found table mysql.chfekp32 with 0 records Found table mysql.columns_priv with 0 records Found table mysql.cykdhh32 with 1 records Found table mysql.db with 5 records Found table mysql.dkbeye32 with 1 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 880 records Found table mysql.help_relation with 1165 records Found table mysql.help_topic with 589 records Found table mysql.innodb_index_stats with 34 records Found table mysql.innodb_table_stats with 11 records Found table mysql.ivwtsg with 1 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.ojwfze with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 1826 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1621 records Found table mysql.time_zone_transition with 119956 records Found table mysql.time_zone_transition_type with 8813 records Found table mysql.user with 6 records Found table mysql.uuzres with 1 records Found table mysql.wnbskc with 1 records Found table mysql.zkvhpy32 with 1 records Found table readme_to_recover_a.recover_your_data with 2 records
Open service 122.114.12.45:80
2024-09-12 04:21
HTTP/1.1 200 OK Date: Thu, 12 Sep 2024 04:21:09 GMT Server: Apache X-Powered-By: ZMCloud Set-Cookie: PHPSESSID=ncjl3k43h1vm80ftq2k0s592b0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: private Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
Open service 122.114.12.45:3306
2024-09-11 17:05
MySQL detected
Open service 122.114.12.45:22
2024-09-10 19:21
Open service 122.114.12.45:21
2024-09-10 14:48
220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 22:48. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 500 HTTP command: [get]