nginx 1.20.1
tcp/443 tcp/80
nginx
tcp/5000
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fdd8d50317d48b3aa40a57b0539af7c9978bc9254d5d86452e
Databases: 32, row count: 2064, size: 2.4 MB Found table A____Z____RECOVER____DATA.README with 0 records Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 40 records Found table mysql.help_keyword with 726 records Found table mysql.help_relation with 483 records Found table mysql.help_topic with 732 records Found table mysql.innodb_index_stats with 10 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 5 records
Severity: critical
Fingerprint: cf350410ecceb5fddb02a43ec77f0ecaae552649dc3decc1dc75c97728fc975c
Databases: 32, row count: 2065, size: 2.4 MB Found table A____Z____RECOVER____DATA.README with 1 records Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 40 records Found table mysql.help_keyword with 726 records Found table mysql.help_relation with 483 records Found table mysql.help_topic with 732 records Found table mysql.innodb_index_stats with 10 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 5 records
Severity: high
Fingerprint: cf350410ecceb5fd71aa8d524b04dd6134affa49e8901acf132dda1d6d66d2d2
Databases: 31, row count: 2124, size: 2.3 MB Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 40 records Found table mysql.help_keyword with 722 records Found table mysql.help_relation with 706 records Found table mysql.help_topic with 578 records Found table mysql.innodb_index_stats with 7 records Found table mysql.innodb_table_stats with 2 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 4 records
Open service 8.217.42.137:22
2024-06-14 05:06
Open service 8.217.42.137:80
2024-06-14 02:57
Open service 8.217.42.137:5000
2024-06-13 23:29
Open service 8.217.42.137:443
2024-06-13 16:55
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Thu, 13 Jun 2024 16:55:49 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Page title: 燕之羽的服务器 <!DOCTYPE html> <html lang="zh-CN"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <meta content="telephone=no" name="format-detection"> <title>燕之羽的服务器</title> <link rel="stylesheet" type="text/css" href="https://cdn.staticfile.org/semantic-ui/2.4.1/semantic.min.css"> <link href="https://cdn.staticfile.org/font-logos/0.17/font-logos.min.css" type="text/css" rel="stylesheet" /> <link href="https://cdn.staticfile.org/bootstrap-icons/1.10.3/font/bootstrap-icons.css" type="text/css" rel="stylesheet" /> <link rel="stylesheet" type="text/css" href="/static/semantic-ui-alerts.min.css"> <link rel="stylesheet" type="text/css" href="/static/main.css?v2022042314"> <link rel="shortcut icon" type="image/png" href="/static/logo.svg?v20210804" /> <link href="/static/theme-angel-kanade/ktz.css" rel="stylesheet"> </head> <body> <div class="ui large top fixed menu nb-menu"> <div class="ui container"> <a class="item" href="/"> <img class="ui" style="height: 2rem" src="/static/logo.svg?v20210804"> </a> <a class='item active' href="/"><i class="home icon"></i>首页</a> <a class='item' href="/service"><i class="rss icon"></i>服务</a> <div class="right menu"> <div class="item"> <a href="/login" class="ui large positive nezha-primary-btn button"><i class="sign-in icon"></i>登录</a> </div> </div> </div> </div> <div class="ui mini confirm modal transition hidden"> <div class="header"></div> <div class="content"> </div> <div class="actions"> <div class="ui negative button">取消</div> <button class="ui positive nezha-primary-btn right labeled icon button">确认<i class="checkmark icon"></i> </button> </div> </div> <div class="nb-container"> <div class="ui container"> <div id="app"> <div class="ui styled fluid accordion" v-for="group in groups"> <div class="active title"> <i class="dropdown icon"></i> @#(group.Tag!==''?group.Tag:'默认')#@ </div> <div class="active content"> <div class="ui four stackable status cards"> <div v-for="server in group.data" :id="server.ID" class="ui card"> <div class="content" v-if="server.Host" style="margin-top: 10px; padding-bottom: 5px"> <div class="header"> <img v-if="server.Host.CountryCode" style="border-radius: 50%;box-shadow:-1px -1px 2px #eee, 1px 1px 2px #000;width:19px;" :src="'https://cdn.staticfile.org/flag-icon-css/6.6.5/flags/1x1/'+server.Host.CountryCode + '.svg'" alt="国家"/> <i v-if='server.Host.Platform == "darwin"' class="apple icon"></i><i v-else-if='isWindowsPlatform(server.Host.Platform)' class="windows icon"></i><i v-else :class="'fl-' + getFontLogoClass(server.Host.Platform)"></i> @#server.Name + (server.live?'':'[已离线]')#@ <i class="nezha-secondary-font info circle icon" style="height: 28px"></i> <div class="ui content popup" style="margin-bottom: 0"> 系统: @#server.Host.Platform#@-@#server.Host.PlatformVersion#@ [<span v-if="server.Host.Virtualization">@#server.Host.Virtualization#@:</span>@#server.Host.Arch#@]<br /> CPU: @#server.Host.CPU#@<br /> 硬盘: @#formatByteSize(server.State.DiskUsed)#@/@#formatByteSize(server.Host.DiskTotal)#@<br /> 内存: @#formatByteSize(server.State.MemUsed)#@/@#formatByteSize(server.Host.MemTotal)#@<br /> 交换: @#formatByteSize(server.State.SwapUsed)#@/@#formatByteSize(server.Host.SwapTotal)#@<br />
Open service 8.217.42.137:5000
2024-06-13 10:29
HTTP/1.1 200 OK Server: nginx Date: Thu, 13 Jun 2024 10:29:22 GMT Content-Type: text/html; charset="UTF-8" Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-control: no-store X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Security-Policy: base-uri 'self'; connect-src data: ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; Page title: DSM mobile - DiskStation <!DOCTYPE HTML> <html manifest=""> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>DSM mobile - DiskStation</title> <link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=42218" rel="stylesheet" type="text/css"> <link href="mobile/ui/style.css?v=42218" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="webman/favicon.ico?v=42218"> <script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&version=1&method=getjs_mobile&SynoToken="></script> <script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&version=1&method=getjs&v=42218&SynoToken="></script> <script type="text/javascript" src="mobile/ui/mobile.js?v=42218"></script> <script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=42218"></script> </head> <body class="syno-mobile-body"> <div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;"> <div class="syno-mask-ct" id="syno-mask-ct"> <div class="syno-mask-inner" id="syno-mask-loading"> <div class="syno-loading-icon"></div> <div class="syno-message x-mask-message syno-mask-message">Loading...</div> </div> <div id="syno-non-admin-redirect" style="visibility: hidden;"> <div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div> <div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div> </div> </div> </div> </body> </html>
Open service 8.217.42.137:80
2024-06-02 23:57
HTTP/1.1 301 Moved Permanently Server: nginx/1.20.1 Date: Sun, 02 Jun 2024 23:57:37 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://8.217.42.137/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.20.1</center> </body> </html>
Open service 8.217.42.137:443
2024-06-02 13:20
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Sun, 02 Jun 2024 13:20:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Page title: 燕之羽的服务器 <!DOCTYPE html> <html lang="zh-CN"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <meta content="telephone=no" name="format-detection"> <title>燕之羽的服务器</title> <link rel="stylesheet" type="text/css" href="https://cdn.staticfile.org/semantic-ui/2.4.1/semantic.min.css"> <link href="https://cdn.staticfile.org/font-logos/0.17/font-logos.min.css" type="text/css" rel="stylesheet" /> <link href="https://cdn.staticfile.org/bootstrap-icons/1.10.3/font/bootstrap-icons.css" type="text/css" rel="stylesheet" /> <link rel="stylesheet" type="text/css" href="/static/semantic-ui-alerts.min.css"> <link rel="stylesheet" type="text/css" href="/static/main.css?v2022042314"> <link rel="shortcut icon" type="image/png" href="/static/logo.svg?v20210804" /> <link href="/static/theme-angel-kanade/ktz.css" rel="stylesheet"> </head> <body> <div class="ui large top fixed menu nb-menu"> <div class="ui container"> <a class="item" href="/"> <img class="ui" style="height: 2rem" src="/static/logo.svg?v20210804"> </a> <a class='item active' href="/"><i class="home icon"></i>首页</a> <a class='item' href="/service"><i class="rss icon"></i>服务</a> <div class="right menu"> <div class="item"> <a href="/login" class="ui large positive nezha-primary-btn button"><i class="sign-in icon"></i>登录</a> </div> </div> </div> </div> <div class="ui mini confirm modal transition hidden"> <div class="header"></div> <div class="content"> </div> <div class="actions"> <div class="ui negative button">取消</div> <button class="ui positive nezha-primary-btn right labeled icon button">确认<i class="checkmark icon"></i> </button> </div> </div> <div class="nb-container"> <div class="ui container"> <div id="app"> <div class="ui styled fluid accordion" v-for="group in groups"> <div class="active title"> <i class="dropdown icon"></i> @#(group.Tag!==''?group.Tag:'默认')#@ </div> <div class="active content"> <div class="ui four stackable status cards"> <div v-for="server in group.data" :id="server.ID" class="ui card"> <div class="content" v-if="server.Host" style="margin-top: 10px; padding-bottom: 5px"> <div class="header"> <img v-if="server.Host.CountryCode" style="border-radius: 50%;box-shadow:-1px -1px 2px #eee, 1px 1px 2px #000;width:19px;" :src="'https://cdn.staticfile.org/flag-icon-css/6.6.5/flags/1x1/'+server.Host.CountryCode + '.svg'" alt="国家"/> <i v-if='server.Host.Platform == "darwin"' class="apple icon"></i><i v-else-if='isWindowsPlatform(server.Host.Platform)' class="windows icon"></i><i v-else :class="'fl-' + getFontLogoClass(server.Host.Platform)"></i> @#server.Name + (server.live?'':'[已离线]')#@ <i class="nezha-secondary-font info circle icon" style="height: 28px"></i> <div class="ui content popup" style="margin-bottom: 0"> 系统: @#server.Host.Platform#@-@#server.Host.PlatformVersion#@ [<span v-if="server.Host.Virtualization">@#server.Host.Virtualization#@:</span>@#server.Host.Arch#@]<br /> CPU: @#server.Host.CPU#@<br /> 硬盘: @#formatByteSize(server.State.DiskUsed)#@/@#formatByteSize(server.Host.DiskTotal)#@<br /> 内存: @#formatByteSize(server.State.MemUsed)#@/@#formatByteSize(server.Host.MemTotal)#@<br /> 交换: @#formatByteSize(server.State.SwapUsed)#@/@#formatByteSize(server.Host.SwapTotal)#@<br />