Apache 2.4.18
tcp/80
Elasticsearch 6.3.0
tcp/9200
Elasticsearch and/or Kibana is currently open without authentication.
Additionaly a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: medium
Fingerprint: 831cb76b8e05df461befdd5445ded2302250d7062250d7062250d7062250d706
Indices: 2, document count: 2, size: 12.4 kB Found index internal with 1 documents (7.3 kB) Found index read-me-to-recover-data with 1 documents (5.1 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46d43a7e65f89f6e8df89f6e8df89f6e8df89f6e8df89f6e8d
Indices: 1, document count: 1, size: 5.1 kB Found index read-me-to-recover-data with 1 documents (5.1 kB)
Severity: high
Fingerprint: 831cb76b8e05df46d43a7e658af9535f8af9535f8af9535f8af9535f8af9535f
Indices: 1, document count: 1, size: 5.1 kB Found index read-me with 1 documents (5.1 kB)
Severity: high
Fingerprint: 831cb76b8e05df46d65b72a2f2d8b1c2c332c526c332c526c332c526c332c526
Indices: 2, document count: 2, size: 12.6 kB Found index read-me with 1 documents (5.1 kB) Found index .kibana_1 with 1 documents (7.6 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46d43a7e65c63a508cc63a508cc63a508cc63a508cc63a508c
Indices: 1, document count: 1, size: 5.1 kB Found index read_me_to_restore_base with 1 documents (5.1 kB)
Severity: high
Fingerprint: 831cb76b8e05df46858711327f4526137f4526137f4526137f4526137f452613
Indices: 1, document count: 1, size: 5.4 kB Found index read-me with 1 documents (5.4 kB)
Severity: high
Fingerprint: 831cb76b8e05df4681d961d0670b03e7ed0c62350aa35396cfca01f4cfca01f4
Indices: 4, document count: 3, size: 33.0 kB Found index api with 1 documents (5.5 kB) Found index service with 1 documents (20.6 kB) Found index read_me with 1 documents (5.6 kB) Found index casa with 0 documents (1.3 kB)
Severity: high
Fingerprint: 831cb76b8e05df46910e961506c81e36125af7144b5039834b5039834b503983
Indices: 3, document count: 2, size: 12.4 kB Found index read_me with 1 documents (5.6 kB) Found index casa with 0 documents (1.3 kB) Found index api with 1 documents (5.5 kB)
Severity: high
Fingerprint: 831cb76b8e05df46ce71af41b3f74db2d0591920d0591920d0591920d0591920
Indices: 2, document count: 1, size: 6.9 kB Found index read_me with 1 documents (5.6 kB) Found index casa with 0 documents (1.3 kB)
Severity: high
Fingerprint: 831cb76b8e05df46225d41adee4d1ea32bfb51242bfb51242bfb51242bfb5124
Indices: 2, document count: 2, size: 26.2 kB Found index service with 1 documents (20.6 kB) Found index read_me with 1 documents (5.6 kB)
Severity: high
Fingerprint: 831cb76b8e05df468b1b16a4a85ec2b5a85ec2b5a85ec2b5a85ec2b5a85ec2b5
Indices: 1, document count: 1, size: 5.6 kB Found index read_me with 1 documents (5.6 kB)
Severity: medium
Fingerprint: 831cb76b8e05df469b30c7582b7a716e61e39f0dbcc8a0ba6192c4307d13cc18
Indices: 6, document count: 7, size: 41.5 kB Found index read-me-hacked-by-nightlionsecurity-lvwsfn with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-7gysgr with 1 documents (6.3 kB) Found index api with 2 documents (10.2 kB) Found index read-me-hacked-by-nightlionsecurity-fugkwx with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-7cl5ja with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-1diu6c with 1 documents (6.3 kB)
Severity: medium
Fingerprint: 831cb76b8e05df466637b1c9e9f60ee7d01e8ecc7886c6ee687a0654c281950a
Indices: 5, document count: 5, size: 31.4 kB Found index read-me-hacked-by-nightlionsecurity-lvwsfn with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-7gysgr with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-fugkwx with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-7cl5ja with 1 documents (6.3 kB) Found index read-me-hacked-by-nightlionsecurity-1diu6c with 1 documents (6.3 kB)
Severity: high
Fingerprint: 831cb76b8e05df46d78a45c015280108977ffd05977ffd05977ffd05977ffd05
Indices: 2, document count: 2, size: 12.0 kB Found index api with 1 documents (6.1 kB) Found index read__me with 1 documents (6.0 kB)
Severity: high
Fingerprint: 831cb76b8e05df46ef90042b4566100645661006456610064566100645661006
Indices: 1, document count: 1, size: 6.0 kB Found index read__me with 1 documents (6.0 kB)
A JSON configuration file has been found at config.json
.
It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
Fingerprint: b18befd9dd6536aa30550de540201d8d738d96c6e2ac8d380da24f550da24f55
{ "code": "1004", "message": "Your session has been expired.", "status": "failure" }
Open service 35.174.55.229:80
2024-09-10 03:13
HTTP/1.1 200 OK Date: Tue, 10 Sep 2024 03:13:11 GMT Server: Apache/2.4.18 (Ubuntu) Last-Modified: Thu, 13 Dec 2018 14:02:39 GMT ETag: "2c39-57ce7c479d3e0" Accept-Ranges: bytes Content-Length: 11321 Vary: Accept-Encoding Connection: close Content-Type: text/html Page title: Apache2 Ubuntu Default Page: It works <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!-- Modified from the Debian original for Ubuntu Last updated: 2014-03-19 See: https://launchpad.net/bugs/1288690 --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Apache2 Ubuntu Default Page: It works</title> <style type="text/css" media="screen"> * { margin: 0px 0px 0px 0px; padding: 0px 0px 0px 0px; } body, html { padding: 3px 3px 3px 3px; background-color: #D8DBE2; font-family: Verdana, sans-serif; font-size: 11pt; text-align: center; } div.main_page { position: relative; display: table; width: 800px; margin-bottom: 3px; margin-left: auto; margin-right: auto; padding: 0px 0px 0px 0px; border-width: 2px; border-color: #212738; border-style: solid; background-color: #FFFFFF; text-align: center; } div.page_header { height: 99px; width: 100%; background-color: #F5F6F7; } div.page_header span { margin: 15px 0px 0px 50px; font-size: 180%; font-weight: bold; } div.page_header img { margin: 3px 0px 0px 40px; border: 0px 0px 0px; } div.table_of_contents { clear: left; min-width: 200px; margin: 3px 3px 3px 3px; background-color: #FFFFFF; text-align: left; } div.table_of_contents_item { clear: left; width: 100%; margin: 4px 0px 0px 0px; background-color: #FFFFFF; color: #000000; text-align: left; } div.table_of_contents_item a { margin: 6px 0px 0px 6px; } div.content_section { margin: 3px 3px 3px 3px; background-color: #FFFFFF; text-align: left; } div.content_section_text { padding: 4px 8px 4px 8px; color: #000000; font-size: 100%; } div.content_section_text pre { margin: 8px 0px 8px 0px; padding: 8px 8px 8px 8px; border-width: 1px; border-style: dotted; border-color: #000000; background-color: #F5F6F7; font-style: italic; } div.content_section_text p { margin-bottom: 6px; } div.content_section_text ul, div.content_section_text li { padding: 4px 8px 4px 16px; } div.section_header { padding: 3px 6px 3px 6px; background-color: #8E9CB2; color: #FFFFFF; font-weight: bold; font-size: 112%; text-align: center; } div.section_header_red { background-color: #CD214F; } div.section_header_grey { background-color: #9F9386; } .floating_element { position: relative; float: left; } div.table_of_contents_item a, div.content_section_text a { text-decoration: none; font-weight: bold; } div.table_of_contents_item a:link, div.table_of_contents_item a:visited, div.table_of_contents_item a:active { color: #000000; } div.table_of_contents_item a:hover { background-color: #000000; color: #FFFFFF; } div.content_section_text a:link, div.content_section_text a:visited, div.content_section_text a:active { background-color: #DCDFE6; color: #000000; } div.content_section_text a:hover { background-color: #000000; color: #DCDFE6; } div.validator { } </style> </head> <body> <div class="main_page"> <div class="page_header floating_element"> <img src="/icons/ubuntu-logo.png" alt="Ubuntu Logo" class="floating_element"/> <span class="floating_element"> Apache2 Ubuntu Default Page </span> </div> <!-- <div class="table_of_contents floating_element"> <div class="section_header section_header_grey"> TABLE OF CONTENTS </div> <div class="table_of_contents_item floating_element"> <a href="#about">About</a> </div> <div class="table_of_contents_item floating_element"> <a href="#changes">Changes</a> </div> <div class="table_of_contents_item floating_elem
Open service 35.174.55.229:9200
2024-08-17 20:52
Cluster info: {"_nodes":{"total":1,"successful":1,"failed":0},"cluster_name":"elasticsearch","nodes":{"1PFDqQt8SrKvBxtPPppMOg":{"name":"1PFDqQt","transport_address":"172.31.32.163:9300","host":"172.31.32.163","ip":"172.31.32.163","version":"6.3.0","build_flavor":"default","build_type":"deb","build_hash":"424e937","total_indexing_buffer":51943833,"roles":["master","data","ingest"],"attributes":{"ml.machine_memory":"4080988160","xpack.installed":"true","ml.max_open_jobs":"20","ml.enabled":"true"},"settings":{"pidfile":"/var/run/elasticsearch/elasticsearch.pid","cluster":{"name":"elasticsearch"},"node":{"attr":{"xpack":{"installed":"true"},"ml":{"machine_memory":"4080988160","max_open_jobs":"20","enabled":"true"}},"name":"1PFDqQt"},"path":{"data":["/var/lib/elasticsearch"],"logs":"/var/log/elasticsearch","home":"/usr/share/elasticsearch"},"client":{"type":"node"},"http":{"type":"security4","type.default":"netty4"},"transport":{"type":"security4","features":{"x-pack":"true"},"type.default":"netty4"},"network":{"host":"0.0.0.0"}},"os":{"refresh_interval_in_millis":1000,"name":"Linux","arch":"amd64","version":"4.4.0-1074-aws","available_processors":2,"allocated_processors":2},"process":{"refresh_interval_in_millis":1000,"id":1175,"mlockall":false},"jvm":{"pid":1175,"version":"1.8.0_191","vm_name":"OpenJDK 64-Bit Server VM","vm_version":"25.191-b12","vm_vendor":"Oracle Corporation","start_time_in_millis":1548679562370,"mem":{"heap_init_in_bytes":536870912,"heap_max_in_bytes":519438336,"non_heap_init_in_bytes":2555904,"non_heap_max_in_bytes":0,"direct_max_in_bytes":519438336},"gc_collectors":["ParNew","ConcurrentMarkSweep"],"memory_pools":["Code Cache","Metaspace","Compressed Class Space","Par Eden Space","Par Survivor Space","CMS Old Gen"],"using_compressed_ordinary_object_pointers":"true","input_arguments":["-Xms512m","-Xmx512m","-XX:+UseConcMarkSweepGC","-XX:CMSInitiatingOccupancyFraction=75","-XX:+UseCMSInitiatingOccupancyOnly","-XX:+AlwaysPreTouch","-Xss1m","-Djava.awt.headless=true","-Dfile.encoding=UTF-8","-Djna.nosys=true","-XX:-OmitStackTraceInFastThrow","-Dio.netty.noUnsafe=true","-Dio.netty.noKeySetOptimization=true","-Dio.netty.recycler.maxCapacityPerThread=0","-Dlog4j.shutdownHookEnabled=false","-Dlog4j2.disable.jmx=true","-Djava.io.tmpdir=/tmp/elasticsearch.u86m341L","-XX:+HeapDumpOnOutOfMemoryError","-XX:HeapDumpPath=/var/lib/elasticsearch","-XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log","-XX:+PrintGCDetails","-XX:+PrintGCDateStamps","-XX:+PrintTenuringDistribution","-XX:+PrintGCApplicationStoppedTime","-Xloggc:/var/log/elasticsearch/gc.log","-XX:+UseGCLogFileRotation","-XX:NumberOfGCLogFiles=32","-XX:GCLogFileSize=64m","-Des.path.home=/usr/share/elasticsearch","-Des.path.conf=/etc/elasticsearch","-Des.distribution.flavor=default","-Des.distribution.type=deb"]},"thread_pool":{"watcher":{"type":"fixed","min":10,"max":10,"queue_size":1000},"force_merge":{"type":"fixed","min":1,"max":1,"queue_size":-1},"security-token-key":{"type":"fixed","min":1,"max":1,"queue_size":1000},"ml_datafeed":{"type":"fixed","min":20,"max":20,"queue_size":200},"fetch_shard_started":{"type":"scaling","min":1,"max":4,"keep_alive":"5m","queue_size":-1},"listener":{"type":"fixed","min":1,"max":1,"queue_size":-1},"ml_autodetect":{"type":"fixed","min":80,"max":80,"queue_size":80},"index":{"type":"fixed","min":2,"max":2,"queue_size":200},"refresh":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"generic":{"type":"scaling","min":4,"max":128,"keep_alive":"30s","queue_size":-1},"rollup_indexing":{"type":"fixed","min":4,"max":4,"queue_size":4},"warmer":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"search":{"type":"fixed_auto_queue_size","min":4,"max":4,"queue_size":1000},"flush":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"fetch_shard_store":{"type":"scaling","min":1,"max":4,"keep_alive":"5m","queue_size":-1},"management":{"type":"scaling","min":1,"max":5,"keep_alive":"5m","queue_size":-1},"ml_utility":{"type":"fixed","min":80,"max":80,"queue_size":500},"get":{"type":"fixed","min":2,"max":2,"queue_size":1000},"analyze":{"type":"fixed","min":1,"max":1,"queue_size":16},"write":{"type":"fixed","min":2,"max":2,"queue_size":200},"snapshot":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1}},"transport":{"bound_address":["[::]:9300"],"publish_address":"172.31.32.163:9300","profiles":{}},"http":{"bound_address":["[::]:9200"],"publish_address":"172.31.32.163:9200","max_content_length_in_bytes":104857600},"plugins":[],"modules":[{"name":"aggs-matrix-stats","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Adds aggregations whose input are a list of numeric fields and output includes a matrix.","classname":"org.elasticsearch.search.aggregations.matrix.MatrixAggregationPlugin","extended_plugins":[],"has_native_controller":false},{"name":"analysis-common","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Adds \"built in\" analyzers to Elasticsearch.","classname":"org.elasticsearch.analysis.common.CommonAnalysisPlugin","extended_plugins":[],"has_native_controller":false},{"name":"ingest-common","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Module for ingest processors that do not require additional security permissions or have large dependencies and resources","classname":"org.elasticsearch.ingest.common.IngestCommonPlugin","extended_plugins":[],"has_native_controller":false},{"name":"lang-expression","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Lucene expressions integration for Elasticsearch","classname":"org.elasticsearch.script.expression.ExpressionPlugin","extended_plugins":[],"has_native_controller":false},{"name":"lang-mustache","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Mustache scripting integration for Elasticsearch","classname":"org.elasticsearch.script.mustache.MustachePlugin","extended_plugins":[],"has_native_controller":false},{"name":"lang-painless","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"An easy, safe and fast scripting language for Elasticsearch","classname":"org.elasticsearch.painless.PainlessPlugin","extended_plugins":[],"has_native_controller":false},{"name":"mapper-extras","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Adds advanced field mappers","classname":"org.elasticsearch.index.mapper.MapperExtrasPlugin","extended_plugins":[],"has_native_controller":false},{"name":"parent-join","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"This module adds the support parent-child queries and aggregations","classname":"org.elasticsearch.join.ParentJoinPlugin","extended_plugins":[],"has_native_controller":false},{"name":"percolator","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Percolator module adds capability to index queries and query these queries by specifying documents","classname":"org.elasticsearch.percolator.PercolatorPlugin","extended_plugins":[],"has_native_controller":false},{"name":"rank-eval","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"The Rank Eval module adds APIs to evaluate ranking quality.","classname":"org.elasticsearch.index.rankeval.RankEvalPlugin","extended_plugins":[],"has_native_controller":false},{"name":"reindex","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"The Reindex module adds APIs to reindex from one index to another or update documents in place.","classname":"org.elasticsearch.index.reindex.ReindexPlugin","extended_plugins":[],"has_native_controller":false},{"name":"repository-url","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Module for URL repository","classname":"org.elasticsearch.plugin.repository.url.URLRepositoryPlugin","extended_plugins":[],"has_native_controller":false},{"name":"transport-netty4","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Netty 4 based transport implementation","classname":"org.elasticsearch.transport.Netty4Plugin","extended_plugins":[],"has_native_controller":false},{"name":"tribe","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Tribe module","classname":"org.elasticsearch.tribe.TribePlugin","extended_plugins":[],"has_native_controller":false},{"name":"x-pack-core","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Core","classname":"org.elasticsearch.xpack.core.XPackPlugin","extended_plugins":[],"has_native_controller":false},{"name":"x-pack-deprecation","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Deprecation","classname":"org.elasticsearch.xpack.deprecation.Deprecation","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-graph","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Graph","classname":"org.elasticsearch.xpack.graph.Graph","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-logstash","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Logstash","classname":"org.elasticsearch.xpack.logstash.Logstash","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-ml","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Machine Learning","classname":"org.elasticsearch.xpack.ml.MachineLearning","extended_plugins":["x-pack-core"],"has_native_controller":true},{"name":"x-pack-monitoring","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Monitoring","classname":"org.elasticsearch.xpack.monitoring.Monitoring","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-rollup","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Rollup","classname":"org.elasticsearch.xpack.rollup.Rollup","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-security","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Security","classname":"org.elasticsearch.xpack.security.Security","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-sql","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"The Elasticsearch plugin that powers SQL for Elasticsearch","classname":"org.elasticsearch.xpack.sql.plugin.SqlPlugin","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-upgrade","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Upgrade","classname":"org.elasticsearch.xpack.upgrade.Upgrade","extended_plugins":["x-pack-core"],"has_native_controller":false},{"name":"x-pack-watcher","version":"6.3.0","elasticsearch_version":"6.3.0","java_version":"1.8","description":"Elasticsearch Expanded Pack Plugin - Watcher","classname":"org.elasticsearch.xpack.watcher.Watcher","extended_plugins":["x-pack-core"],"has_native_controller":false}],"ingest":{"processors":[{"type":"append"},{"type":"convert"},{"type":"date"},{"type":"date_index_name"},{"type":"dot_expander"},{"type":"fail"},{"type":"foreach"},{"type":"grok"},{"type":"gsub"},{"type":"join"},{"type":"json"},{"type":"kv"},{"type":"lowercase"},{"type":"remove"},{"type":"rename"},{"type":"script"},{"type":"set"},{"type":"set_security_user"},{"type":"sort"},{"type":"split"},{"type":"trim"},{"type":"uppercase"},{"type":"urldecode"}]}}}}
Open service 35.174.55.229:9200
2024-08-17 20:52
HTTP/1.1 200 OK content-type: application/json; charset=UTF-8 content-length: 493 { "name" : "1PFDqQt", "cluster_name" : "elasticsearch", "cluster_uuid" : "3UaGUzSTTCuCTTPsgYBu6g", "version" : { "number" : "6.3.0", "build_flavor" : "default", "build_type" : "deb", "build_hash" : "424e937", "build_date" : "2018-06-11T23:38:03.357887Z", "build_snapshot" : false, "lucene_version" : "7.3.1", "minimum_wire_compatibility_version" : "5.6.0", "minimum_index_compatibility_version" : "5.0.0" }, "tagline" : "You Know, for Search" }