%2Bplugin%3AHiSiliconDVR %2Bcountry%3A%22Vietnam%22 %2Basn%3A%2218403%22 +country:"Japan" +events.leak.severity:"high" +ip:"52.192.0.0/13"
Indices: 3, document count: 11, size: 46.0 kB
Found index read_me with 1 documents (5.1 kB)
Found index cgi-bin with 0 documents (283 B)
Found in...
Ransom notes :
{"text":"Your DB has been back up. The only way of recovery is you must send 0.002 BTC to 127ZBzXyLJFc7ShMmzkYFDhSiXXSnR8Jfr. Once paid please email databaserestore32@onionmail.org with code: `omoRmq` and we will recover your database. please read https://cutmyurl.com/3caF8EkT for more information"}
Analysis helper :
estk --url=http://52.194.210.64 list
Found by ElasticSearchOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
filemode = false
[remote "origin"]
url = https://eb...
Found by GitConfigHttpPlugin
Found 2 files trough .DS_Store spidering:
/backup
/sample_kizuna
Found by DotDsStoreOpenPlugin
HTTP/1.1 200 OK
Date: Mon, 08 May 2023 20:08:05 GMT
Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.39
X-Powered-By: PHP/5.6.39
Con...
Found by GitConfigHttpPlugin
Databases: 251, row count: 27654, size: 30.9 MB
Found table itoss.aaadontdelete with 0 records
Found table itoss.address with 0 records
Found tab...
Found by MysqlOpenPlugin
Databases: 39, row count: 139997, size: 7.9 MB
Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv wi...
Ransom notes :
All your data was backed up from your server. You need to email us at rambler+225g8@onionmail.org to recover your data. If you dont contact us we will reach the General Data Protection Regulation, GDPR,
Found by MysqlOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://git_project@bitbucke...
Found by GitConfigHttpPlugin
Found 71 files trough .DS_Store spidering:
/css
/dist
/dist/css
/dist/img
/dist/js
/favicon.ico
/index.php
/js
/plugins
/plugins/bootstrap
/plug...
Found by DotDsStoreOpenPlugin
Found vulnerable Moodle application:
Affected by CVE-2023-30943
Found by MoodlePlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
fetch = +refs/heads/*:refs/remotes...
Found by GitConfigHttpPlugin
Found 25 files trough .DS_Store spidering:
/.git
/.git/logs
/.git/objects
/.git/refs
/application
/db_backup
/files
/files/107國小.json
/files/108...
Found by DotDsStoreOpenPlugin
Found 12 files trough .DS_Store spidering:
/cgi-bin
/cgi-bin/back
/cgi-bin/mhe
/cgi-bin/mhe/img
/cgi-bin/mhe/kakaku
/cgi-bin/mhe/price
/cgi-bin/...
Found by DotDsStoreOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[branch "master"]
[user]
name = Joseph Leung
email ...
Found by GitConfigHttpPlugin
[core]
repositoryformatversion = 0
filemode = false
bare = false
logallrefupdates = true
symlinks = false
ignorecase = true
[remote "origin...
Found by GitConfigHttpPlugin
Found 105 files trough .DS_Store spidering:
/.DS_Store
/.htaccess
/_notes
/aboutus.html
/boshuu.html
/commons
/commons/_notes
/css
/css/_notes
/...
Found by DotDsStoreOpenPlugin
[core]
repositoryformatversion = 0
filemode = false
logallrefupdates = true
[remote "origin"]
url = ssh://t_sasaki@build.synca.org:29418/sync...
Found by GitConfigHttpPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
fetch = +refs/heads/*:refs/remotes...
Found by GitConfigHttpPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://active_ninjas@...
Found by GitConfigHttpPlugin
Found 71 files trough .DS_Store spidering:
/css
/dist
/dist/css
/dist/img
/dist/js
/favicon.ico
/index.php
/js
/plugins
/plugins/bootstrap
/plug...
Found by DotDsStoreOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://active_ninjas@...
Found by GitConfigHttpPlugin