How I could’ve taken over the production server of a Yahoo acquisition through command injection | Sam Curry
Tags
country: Germany
attack-pattern: Data Direct Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 Brute Force - T1110 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID e1161e39-c164-4881-8617-fd7dcc734fe6
Fingerprint 14409dd30676ed83
Analysis status DONE
Considered CTI value 0
Text language
Published June 6, 2017, 9:52 a.m.
Added to db Feb. 17, 2023, 10:20 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Sam Curry
Title How I could’ve taken over the production server of a Yahoo acquisition through command injection | Sam Curry
Detected Hints/Tags/Attributes 44/2/22
Source URLs
Redirection Url
Details Source http://samcurry.net/how-i-couldve-taken-over-the-production-server-of-a-yahoo-acquisition-through-command-injection/
Details Source https://samcurry.net/how-i-couldve-taken-over-the-production-server-of-a-yahoo-acquisition-through-command-injection/
URL Provider
Details Provider Source level domain
Details samcurry.net samcurry.net
Attributes
Details Type #Events CTI Value
Details CVE 17 
cve-2016-3714
Details Domain 1 
mediagroupone.de
Details Domain 1 
snacktv.de
Details Domain 1 
vertical-network.de
Details Domain 1 
vertical-n.de
Details Domain 1 
fabalista.com
Details Domain 831 
example.com
Details Domain 150 
www.w3.org
Details Domain 1 
image.ps
Details File 1 
getimg.php
Details File 1 
supersecretdevblog.php
Details File 32 
image.jpg
Details File 1 
image.ps
Details File 1206 
index.php
Details File 1 
getimage.php
Details Url 1 
http://snacktv.de/imged/getimg.php
Details Url 1 
http://example.com/supersecretdevblog.php
Details Url 1 
http://example.com/supersecretdevblog.php?page=index&post=1
Details Url 11 
http://www.w3.org/graphics/svg/1.1/dtd/svg11.dtd
Details Url 20 
http://www.w3.org/2000/svg
Details Url 7 
http://www.w3.org/1999/xlink
Details Url 2 
https://example.com/image.jpg