nginx 1.24.0
tcp/80
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fdfda48c44b32bdadcaf384e7b28c1f1fdf196b96b5c8a035e
Databases: 29, row count: 141563, size: 3.8 MB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.db with 0 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 0 records Found table mysql.help_category with 47 records Found table mysql.help_keyword with 825 records Found table mysql.help_relation with 1660 records Found table mysql.help_topic with 603 records Found table mysql.innodb_index_stats with 37 records Found table mysql.innodb_table_stats with 4 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 2 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 0 records Found table mysql.time_zone with 1826 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1826 records Found table mysql.time_zone_transition with 124862 records Found table mysql.time_zone_transition_type with 9864 records Found table mysql.user with 3 records
Severity: high
Fingerprint: cf350410ecceb5fdebd6b7609132601091326010913260109132601091326010
Databases: 1, row count: 2, size: 16.4 kB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Open service 82.157.55.8:3306
2024-06-25 23:02
MySQL detected
Open service 82.157.55.8:3306
2024-06-23 23:10
MySQL detected
Open service 82.157.55.8:3306
2024-06-22 22:14
MySQL detected
Open service 82.157.55.8:22
2024-06-22 00:57
Open service 82.157.55.8:3306
2024-06-21 21:57
MySQL detected
Open service 82.157.55.8:80
2024-06-21 01:01
HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Fri, 21 Jun 2024 01:01:51 GMT Content-Type: text/html Content-Length: 615 Last-Modified: Fri, 17 Nov 2023 08:19:21 GMT Connection: close ETag: "65572209-267" Accept-Ranges: bytes Page title: Welcome to nginx! <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
Open service 82.157.55.8:3306
2024-06-19 22:49
MySQL detected
Open service 82.157.55.8:3306
2024-06-17 22:37
MySQL detected
Open service 82.157.55.8:3306
2024-06-15 22:48
MySQL detected
Open service 82.157.55.8:3306
2024-06-14 19:47
MySQL detected
Open service 82.157.55.8:80
2024-06-14 04:05
HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Fri, 14 Jun 2024 04:05:58 GMT Content-Type: text/html Content-Length: 615 Last-Modified: Fri, 17 Nov 2023 08:19:21 GMT Connection: close ETag: "65572209-267" Accept-Ranges: bytes Page title: Welcome to nginx! <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
Open service 82.157.55.8:3306
2024-06-11 21:52
MySQL detected