cNotes 検索 一覧 カテゴリ

インジェクション - www.pabloescobar.in

Published: 2010/11/05

本気なのか試験なのか釣りなのか、若干判断に困るものなのですが、

こんな中身。

これを利用するようです。

Java Web Start Arbitrary command-line injection CVE-2010-0886

そしてこれ。

http://www.virustotal.com/file-scan/report.html?id=75fa2135401f66281dcb788d405e69d8d84588f8cf217941f4c6056124c5a60a-1288942870

典型的な内容。

関連するURLはこれ。

domainpath
www.pabloescobar.inanalytics/in.cgi?3
www.marazmatik3.ingb.php?tp=7b93def1058fee42

 Domain ID:D4534766-AFIN
 Domain Name:PABLOESCOBAR.IN
 Created On:21-Oct-2010 22:04:20 UTC
 Last Updated On:21-Oct-2010 22:04:21 UTC
 Expiration Date:21-Oct-2011 22:04:20 UTC
 Sponsoring Registrar:Transecute Solutions Pvt. Ltd. (R120-AFIN)
 Status:CLIENT TRANSFER PROHIBITED
 Status:TRANSFER PROHIBITED
 Registrant ID:TS_12788117
 Registrant Name:Black Hole
 Registrant Organization:BlackHole
 Registrant Country:RU
 
 195.206.246.91
 inetnum:        195.206.246.0 - 195.206.247.255
 netname:        EVENTISHOST
 descr:          EVENTISHOST S.R.L.
 country:        RO
 Domain ID:D4548688-AFIN
 Domain Name:MARAZMATIK3.IN
 Created On:28-Oct-2010 20:24:18 UTC
 Last Updated On:28-Oct-2010 20:24:19 UTC
 Expiration Date:28-Oct-2011 20:24:18 UTC
 Sponsoring Registrar:Transecute Solutions Pvt. Ltd. (R120-AFIN)
 Status:CLIENT TRANSFER PROHIBITED
 Status:TRANSFER PROHIBITED
 Registrant ID:TS_12788117
 Registrant Name:Black Hole
 Registrant Organization:BlackHole
 Registrant Country:RU
 
 195.80.151.99
 inetnum:        195.80.148.0 - 195.80.151.255
 netname:        INSTANTEXCHANGER-NET
 descr:          InstantExchanger Ltd.
 country:        EU

[カテゴリ:インジェクション観察日記]

by jyake