After using google to identify some of the "cgi" files I noticed a tool that they had utilized to scan the honeypot. The tool is located on packet storms site.
Thursday, April 9, 2015
What's in the honeypot? Advanced Information Security Shellshock Scanner
In the honeypot I found over 276 requests for cgi files that could be accessed to leverage the shellshock vulnerability documented as CVE-2014-6271.
After using google to identify some of the "cgi" files I noticed a tool that they had utilized to scan the honeypot. The tool is located on packet storms site.
After using google to identify some of the "cgi" files I noticed a tool that they had utilized to scan the honeypot. The tool is located on packet storms site.
Subscribe to:
Post Comments (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
Today looking at the logs of the honeypots, I became curious based on the whois of the IP Addresses attempting to login to SSH which country...
-
Recently I was doing some scanning with a tool that is available on github called masscan. The tool allows you to configure a configuration...
No comments:
Post a Comment