(福利局)putty pscp远程代码执行漏洞(CVE-2016-2563)
Tags
| attack-pattern: | Data Direct Python - T1059.006 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 |
Common Information
| Type | Value |
|---|---|
| UUID | d4521c2d-2099-48ca-9005-784488bc8ee2 |
| Fingerprint | d618fcffc94d77fe |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 23, 2016, midnight |
| Added to db | Jan. 19, 2023, 12:06 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | UNKNOWN |
| Title | (福利局)putty pscp远程代码执行漏洞(CVE-2016-2563) |
| Detected Hints/Tags/Attributes | 32/1/22 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://whereisk0shl.top/post/2016-11-23 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2016-2563 |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 1 | paramiko.channel |
|
| Details | Domain | 25 | log.info |
|
| Details | Domain | 1 | self.channel |
|
| Details | Domain | 707 | google.com |
|
| Details | Domain | 1 | vshell.channel |
|
| Details | File | 1 | paramiko.py |
|
| Details | File | 25 | log.inf |
|
| Details | File | 3 | self.bin |
|
| Details | File | 8 | sock.bin |
|
| Details | File | 1 | 'test_rsa.key |
|
| Details | File | 1 | 执行exp.py |
|
| Details | File | 1 | 首先我们运行poc.py |
|
| Details | File | 11 | pscp.exe |
|
| Details | File | 1 | 我们通过od带参数启动pscp.exe |
|
| Details | File | 1 | 我们先找到poc.py |
|
| Details | File | 1 | 再次执行exp.py |
|
| Details | Github username | 1 | tintinweb |
|
| Details | IPv4 | 1 | 192.168.139.129 |
|
| Details | IPv4 | 198 | 1.1.1.1 |
|
| Details | IPv4 | 619 | 0.0.0.0 |