MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: high
Fingerprint: cf350410ecceb5fdebd6b760d92c9051d92c9051d92c9051d92c9051d92c9051
Databases: 1, row count: 2, size: 16.4 kB Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records
Severity: critical
Fingerprint: cf350410ecceb5fdaadf9f5361ebb35ea08b56c246a88cf6302ada80ee00f0d3
Databases: 30, row count: 49294, size: 427.9 MB Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records Found table crawler.encarecode with 3048 records Found table crawler.encarlist with 30831 records Found table crawler.hansung with 13352 records Found table crawler.hibernate_sequence with 1 records Found table crawler.test with 4 records Found table mysql.column_stats with 0 records Found table mysql.db with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.help_category with 39 records Found table mysql.help_keyword with 464 records Found table mysql.help_relation with 1028 records Found table mysql.help_topic with 508 records Found table mysql.host with 0 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 2 records Found table mysql.servers with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 0 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 9 records
Open service 13.209.18.171:2222
2024-04-25 14:13
Open service 13.209.18.171:2023
2024-04-25 14:01
HTTP/1.1 404 Not Found Connection: close Date: Thu, 25 Apr 2024 14:01:14 GMT Server: WebLogic Server 10.3.6.0.0 Content-Type: text/html Content-Length: 1766 Page title: Error 404--Not Found <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 404--Not Found</TITLE> </HEAD> <BODY bgcolor="white"> <FONT FACE=Helvetica><BR CLEAR=all> <TABLE border=0 cellspacing=5> <TR> <TD> <BR CLEAR=all> <FONT FACE="Helvetica" COLOR="black" SIZE="3"> <H2>Error 404--Not Found</H2> </FONT> </TD> </TR> </TABLE> <TABLE border=0 width=100% cellpadding=10> <TR> <TD VALIGN=top WIDTH=100% BGCOLOR=white> <FONT FACE="Courier New"> <FONT FACE="Helvetica" SIZE="3"> <H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3> </FONT> <FONT FACE="Helvetica" SIZE="3"> <H4>10.4.5 404 Not Found</H4> </FONT> <P> <FONT FACE="Courier New"> The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. </p> <p>If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.</FONT></P> </FONT> </TD> </TR> </TABLE> </BODY> </HTML>
Open service 13.209.18.171:8008
2024-04-25 13:09
HTTP/1.1 200 OK Connection: keep-alive Date: Thu, 25 Apr 2024 13:10:07 GMT Content-Type: text/html Pragma: private Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: 0 X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline'; Content-Length: 188 <script LANGUAGE=JavaScript> window.location = "/global-protect/login.esp"; </script> <html> <head></head> <body> <p>JavaScript must be enabled to continue!</p> </body> </html>