nginx
tcp/80
Elasticsearch and/or Kibana is currently open without authentication.
Additionaly a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: high
Fingerprint: 831cb76b8e05df46f99e36e7d4075051d4075051d4075051d4075051d4075051
Indices: 1, document count: 1, size: 4.6 kB Found index read_me with 1 documents (4.6 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46263d1c6949c7a1c6e5ebffeca455827b51e7297177ef77ec
Indices: 7, document count: 8, size: 60.5 kB Found index read-me-hacked-by-nightlionsecurity-r3kpqt with 1 documents (5.2 kB) Found index read-me-hacked-by-nightlionsecurity-ceag2y with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-nzoyon with 1 documents (5.2 kB) Found index read-me-hacked-by-nightlionsecurity-ibilxa with 1 documents (5.3 kB) Found index admin with 1 documents (4.7 kB) Found index read-me-hacked-by-nightlionsecurity-nqm3rl with 1 documents (5.3 kB) Found index policy with 2 documents (29.5 kB)
Severity: medium
Fingerprint: 831cb76b8e05df4690d8484cef654c7f520ab6517bfab9feb1a7dd1839630a8b
Indices: 7, document count: 7, size: 46.5 kB Found index read-me-hacked-by-nightlionsecurity-r3kpqt with 1 documents (5.2 kB) Found index read-me-hacked-by-nightlionsecurity-ceag2y with 1 documents (5.3 kB) Found index read-me-hacked-by-nightlionsecurity-nzoyon with 1 documents (5.2 kB) Found index read-me-hacked-by-nightlionsecurity-ibilxa with 1 documents (5.3 kB) Found index admin with 1 documents (4.7 kB) Found index read-me-hacked-by-nightlionsecurity-nqm3rl with 1 documents (5.3 kB) Found index policy with 1 documents (15.5 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46269a57760bbf17e89c27ba3b73055d4485d5771585d57715
Indices: 4, document count: 460, size: 3.4 MB Found index .kibana_task_manager_1 with 2 documents (6.8 kB) Found index .apm-agent-configuration with 0 documents (283 B) Found index .kibana_1 with 3 documents (15.8 kB) Found index policy with 455 documents (3.4 MB)
Severity: medium
Fingerprint: 831cb76b8e05df461af6ff2de9423e97c5f5ee1a5bbfb6d1022eb982022eb982
Indices: 4, document count: 457, size: 3.3 MB Found index .kibana_task_manager_1 with 2 documents (6.8 kB) Found index .apm-agent-configuration with 0 documents (283 B) Found index .kibana_1 with 3 documents (15.8 kB) Found index policy with 452 documents (3.3 MB)
Severity: medium
Fingerprint: 831cb76b8e05df46fcfe5510061f682aaff7d55508453a6ef7d5c4a6f7d5c4a6
Indices: 4, document count: 455, size: 3.2 MB Found index .kibana_task_manager_1 with 2 documents (6.8 kB) Found index .apm-agent-configuration with 0 documents (283 B) Found index .kibana_1 with 3 documents (15.8 kB) Found index policy with 450 documents (3.2 MB)
Severity: medium
Fingerprint: 831cb76b8e05df461db2b0829392ae7446f732079dba389091a3497e91a3497e
Indices: 4, document count: 430, size: 3.1 MB Found index .kibana_task_manager_1 with 2 documents (44.6 kB) Found index .apm-agent-configuration with 0 documents (283 B) Found index .kibana_1 with 3 documents (15.8 kB) Found index policy with 425 documents (3.0 MB)
Open service 47.111.86.64:80
2024-03-03 16:47
HTTP/1.1 302 Found Server: nginx Date: Sun, 03 Mar 2024 16:47:49 GMT Content-Type: text/html; charset=utf-8 Content-Length: 99 Connection: close Cache-Control: no-cache Location: http://47.111.86.64/users/sign_in Set-Cookie: experimentation_subject_id=eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqY3dZemt4WlRFMkxURmhaV1F0TkROak55MDVZbU5rTFRGbFpUWmpPR0UxWTJFMVlpST0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5leHBlcmltZW50YXRpb25fc3ViamVjdF9pZCJ9fQ%3D%3D--84ea609351eea9a8514da474d2e8ea609fdf0916; path=/; expires=Thu, 03 Mar 2044 16:47:49 GMT; HttpOnly X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: DENY X-Gitlab-Feature-Category: projects X-Permitted-Cross-Domain-Policies: none X-Request-Id: 01HR2KDVBFFJFM1H2HA6XZK0TF X-Runtime: 0.017729 X-Ua-Compatible: IE=edge X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 Referrer-Policy: strict-origin-when-cross-origin <html><body>You are being <a href="http://47.111.86.64/users/sign_in">redirected</a>.</body></html>
Open service 47.111.86.64:22
2024-03-03 01:17