Httpd 1.0
tcp/88
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd5b1c2fcce1ab10246e43a0d3ef5dd8b6d04b6dbc8d3aca1e
Databases: 36, row count: 2227, size: 831.6 kB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.db with 7 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.help_category with 39 records Found table mysql.help_keyword with 464 records Found table mysql.help_relation with 1028 records Found table mysql.help_topic with 508 records Found table mysql.host with 0 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 2 records Found table mysql.servers with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 0 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 9 records Found table wordpress.wp_commentmeta with 0 records Found table wordpress.wp_comments with 1 records Found table wordpress.wp_links with 0 records Found table wordpress.wp_options with 125 records Found table wordpress.wp_postmeta with 6 records Found table wordpress.wp_posts with 10 records Found table wordpress.wp_term_relationships with 2 records Found table wordpress.wp_term_taxonomy with 1 records Found table wordpress.wp_terms with 1 records Found table wordpress.wp_usermeta with 17 records Found table wordpress.wp_users with 1 records
Open service 219.251.162.211:88
2024-09-11 14:50
HTTP/1.0 200 OK Date: Wed, 11 Sep 2024 14:50:44 GMT Server: Httpd/1.0 Connection: close Content-Length: 112 Last-Modified: Thu, 29 Nov 2012 06:35:53 GMT Content-Type: text/html <html> <head> <meta http-equiv=refresh content="0; URL=login/login.cgi"> <title></title> <body> </body> </html>
Open service 219.251.162.211:3306
2024-09-10 22:11
MySQL detected
Open service 219.251.162.211:21
2024-09-09 18:24
220 ipTIME_FTPD 1.3.4d Server (ipTIME A5004NS-65C177) [::ffff:192.168.0.1] UTF-8 500 GET not understood 500 CONNECTION: not understood 500 HOST: not understood 500 Invalid command: try being more creative 214-The following commands are recognized (* =>'s unimplemented): CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD XRMD MKD XMKD PWD XPWD SIZE SYST HELP NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* PBSZ* PROT* TYPE STRU MODE RETR STOR STOU APPE REST ABOR USER PASS ACCT* REIN* LIST NLST STAT SITE MLSD MLST 214 Direct comments to root@127.0.0.1 500 EHLO not understood 500 ? not understood 500 Invalid command: try being more creative