Lateral mouvement
Once inside the vulnerable web server machine, the attacker's goal is to move laterally to another machine within the same network. In this case, the attacker is targeting the Apache Tomcat Manager in ScadaBR, which was purposely set to be vulnerable due to weak credentials (CVE-2009-3548).
There are no views created for this resource yet.
Data Dictionary
| Column | Type | Label | Description |
|---|---|---|---|
| ip.session_id | numeric | ||
| meta.direction | numeric | ||
| ip.pkts_per_flow | numeric | ||
| duration | numeric | ||
| ip.header_len | numeric | ||
| ip.payload_len | numeric | ||
| ip.avg_bytes_tot_len | numeric | ||
| time_between_pkts_sum | numeric | ||
| time_between_pkts_avg | numeric | ||
| time_between_pkts_max | numeric | ||
| time_between_pkts_min | numeric | ||
| time_between_pkts_std | numeric | ||
| (-0.001, 50.0] | numeric | ||
| (50.0, 100.0] | numeric | ||
| (100.0, 150.0] | numeric | ||
| (150.0, 200.0] | numeric | ||
| (200.0, 250.0] | numeric | ||
| (250.0, 300.0] | numeric | ||
| (300.0, 350.0] | numeric | ||
| (350.0, 400.0] | numeric | ||
| (400.0, 450.0] | numeric | ||
| (450.0, 500.0] | numeric | ||
| (500.0, 550.0] | numeric | ||
| tcp_pkts_per_flow | numeric | ||
| pkts_rate | numeric | ||
| tcp_bytes_per_flow | numeric | ||
| byte_rate | numeric | ||
| tcp.tcp_session_payload_up_len | numeric | ||
| tcp.tcp_session_payload_down_len | numeric | ||
| (-0.001, 150.0] | numeric | ||
| (150.0, 300.0] | numeric | ||
| (300.0, 450.0] | numeric | ||
| (450.0, 600.0] | numeric | ||
| (600.0, 750.0] | numeric | ||
| (750.0, 900.0] | numeric | ||
| (900.0, 1050.0] | numeric | ||
| (1050.0, 1200.0] | numeric | ||
| (1200.0, 1350.0] | numeric | ||
| (1350.0, 1500.0] | numeric | ||
| (1500.0, 10000.0] | numeric | ||
| tcp.fin | numeric | ||
| tcp.syn | numeric | ||
| tcp.rst | numeric | ||
| tcp.psh | numeric | ||
| tcp.ack | numeric | ||
| tcp.urg | numeric | ||
| sport_g | numeric | ||
| sport_le | numeric | ||
| dport_g | numeric | ||
| dport_le | numeric | ||
| mean_tcp_pkts | numeric | ||
| std_tcp_pkts | numeric | ||
| min_tcp_pkts | numeric | ||
| max_tcp_pkts | numeric | ||
| entropy_tcp_pkts | numeric | ||
| mean_tcp_len | numeric | ||
| std_tcp_len | numeric | ||
| min_tcp_len | numeric | ||
| max_tcp_len | numeric | ||
| entropy_tcp_len | numeric | ||
| ssl.tls_version | numeric | ||
| malware | numeric |
Additional Information
| Field | Value |
|---|---|
| Data last updated | September 10, 2025 |
| Metadata last updated | September 10, 2025 |
| Created | September 10, 2025 |
| Format | CSV |
| License | Open Data Commons Open Database License (ODbL) |
| Datastore active | True |
| Has views | False |
| Id | d4864014-a84a-4198-a0ca-b80c85b525b7 |
| Mimetype | text/csv |
| Package id | ff293242-dc9a-4e25-8670-6cb2f550d475 |
| Position | 4 |
| Size | 1.5 KiB |
| State | active |
| Url type | upload |