Lateral mouvement
Once inside the vulnerable web server machine, the attacker's goal is to move laterally to another machine within the same network. In this case, the attacker is targeting the Apache Tomcat Manager in ScadaBR, which was purposely set to be vulnerable due to weak credentials (CVE-2009-3548).
Det er ikke laget noen visninger for denne ressursen ennå.
Dataordbok
| Kolonne | Type | Merkelapp | Beskrivelse |
|---|---|---|---|
| ip.session_id | numeric | ||
| meta.direction | numeric | ||
| ip.pkts_per_flow | numeric | ||
| duration | numeric | ||
| ip.header_len | numeric | ||
| ip.payload_len | numeric | ||
| ip.avg_bytes_tot_len | numeric | ||
| time_between_pkts_sum | numeric | ||
| time_between_pkts_avg | numeric | ||
| time_between_pkts_max | numeric | ||
| time_between_pkts_min | numeric | ||
| time_between_pkts_std | numeric | ||
| (-0.001, 50.0] | numeric | ||
| (50.0, 100.0] | numeric | ||
| (100.0, 150.0] | numeric | ||
| (150.0, 200.0] | numeric | ||
| (200.0, 250.0] | numeric | ||
| (250.0, 300.0] | numeric | ||
| (300.0, 350.0] | numeric | ||
| (350.0, 400.0] | numeric | ||
| (400.0, 450.0] | numeric | ||
| (450.0, 500.0] | numeric | ||
| (500.0, 550.0] | numeric | ||
| tcp_pkts_per_flow | numeric | ||
| pkts_rate | numeric | ||
| tcp_bytes_per_flow | numeric | ||
| byte_rate | numeric | ||
| tcp.tcp_session_payload_up_len | numeric | ||
| tcp.tcp_session_payload_down_len | numeric | ||
| (-0.001, 150.0] | numeric | ||
| (150.0, 300.0] | numeric | ||
| (300.0, 450.0] | numeric | ||
| (450.0, 600.0] | numeric | ||
| (600.0, 750.0] | numeric | ||
| (750.0, 900.0] | numeric | ||
| (900.0, 1050.0] | numeric | ||
| (1050.0, 1200.0] | numeric | ||
| (1200.0, 1350.0] | numeric | ||
| (1350.0, 1500.0] | numeric | ||
| (1500.0, 10000.0] | numeric | ||
| tcp.fin | numeric | ||
| tcp.syn | numeric | ||
| tcp.rst | numeric | ||
| tcp.psh | numeric | ||
| tcp.ack | numeric | ||
| tcp.urg | numeric | ||
| sport_g | numeric | ||
| sport_le | numeric | ||
| dport_g | numeric | ||
| dport_le | numeric | ||
| mean_tcp_pkts | numeric | ||
| std_tcp_pkts | numeric | ||
| min_tcp_pkts | numeric | ||
| max_tcp_pkts | numeric | ||
| entropy_tcp_pkts | numeric | ||
| mean_tcp_len | numeric | ||
| std_tcp_len | numeric | ||
| min_tcp_len | numeric | ||
| max_tcp_len | numeric | ||
| entropy_tcp_len | numeric | ||
| ssl.tls_version | numeric | ||
| malware | numeric |
Tilleggsinformasjon
| Felt | Verdi |
|---|---|
| Data sist oppdatert | 10. september 2025 |
| Metadata sist oppdatert | 10. september 2025 |
| Opprettet | 10. september 2025 |
| Format | CSV |
| Lisens | Open Data Commons Open Database License (ODbL) |
| Datastore active | True |
| Has views | False |
| Id | d4864014-a84a-4198-a0ca-b80c85b525b7 |
| Mimetype | text/csv |
| Package id | ff293242-dc9a-4e25-8670-6cb2f550d475 |
| Position | 4 |
| Size | 1,5 KiB |
| State | active |
| Url type | upload |