犀利红队,会注入,会上传,会Xss,会破解,会嗅探,会开发,会业务,会运维,渗透,社工,调戏客服MM,无不精通,祖传三代红队。电话通知后10秒钟上线,身体强壮可持续渗透7天7夜,上千万肉鸡Ddos流量永不停歇,上至深信服、360、融信、下至刷致远OA,刷泛微OA。备用电源,千兆光纤,无线网卡,永不断网,备用电脑一台,发电机二台(含柴油100升)。本人身体强壮,健步如飞,可连续编程20小时不休息,讨论技术方案5小时不喝水,上至带项目、出方案,下至盗号威胁pm,什么都能干。本人意识猥琐,技艺娴熟,0day丰富,能上各种渗透工具,怕延迟可直接接受电话指挥,语音指挥。全面漏洞认识深刻,熟练掌握各种渗透理论,认真学习过《白帽子讲web安全》《Metasploit渗透测试指南》《Web之困》等专业书籍。深山苦练30年,一天只睡4小时,脾气好,不喷人,操作虎,意识强,渗透快,shell多,能过狗,能过盾,听指挥,千里之外取服务器首级,瞬息之间爆管理员菊花,日站如杀鸡,压安全狗如压草芥,第一时间赶到渗透现场。
攻击IP
124.14.10.103
124.205.198.165
139.198.18.27
203.80.57.6
101.91.62.89
139.198.18.25
139.198.18.95
183.6.115.9
103.87.10.6
117.93.134.152
43.239.167.146
47.52.98.110
1.201.151.8
103.87.10.8
123.206.70.180
45.132.12.125
3.35.23.225
220.197.183.201
58.16.228.95
1.204.112.183
116.55.39.30
112.43.137.221
203.208.60.32
117.86.31.66
192.144.191.70
129.211.63.240
103.85.84.125
139.196.226.117
33.41.148.241
1.195.220.243
52.136.118.70
72.252.117.87
66.240.236.119
64.227.87.155
123.123.219.55
52.186.165.217
89.248.174.215
123.54.223.223
13.48.30.73
45.147.212.10
13.48.248.133
172.119.218.240
154.62.206.50
54.215.241.6
203.208.60.53
45.158.220.2
79.211.50.199
103.96.148.97
161.35.230.16
121.235.200.79
122.14.208.63
47.98.55.86
121.40.161.211
121.43.227.31
121.43.152.91
47.98.62.88
116.213.40.211
211.23.45.26
114.238.160.242
150.211.73.96
43.243.100.6
125.212.217.214
156.244.78.66
120.79.202.67
94.102.49.193
91.234.62.112
49.88.155.213
223.104.7.156
111.32.88.249
188.125.170.219
125.91.191.11
202.162.198.93
185.107.80.227
183.88.213.85
221.130.203.172
67.2.209.173
190.218.183.78
45.84.196.102
193.176.86.166
184.97.128.65
85.209.0.100
180.153.49.25
1.68.58.74
180.153.49.251
203.168.17.196
43.242.180.16
122.97.174.147
180.153.49.212
111.230.157.95
239.143.76.154
45.141.156.116
81.68.168.223
81.68.169.72
81.68.167.29
81.68.170.78
81.68.168.250
81.68.173.7
39.156.57.0/24
114.247.103.116
43.254.90.8
129.226.160.197
43.250.200.120
221.120.37.191
110.152.29.158
123.123.219.39
116.178.46.155
121.43.152.87
121.40.92.37
47.98.132.73
47.97.223.155
47.98.182.211
118.31.10.144
117.136.26.13
110.156.39.178
35.177.160.149
49.119.241.128
110.156.146.66
223.117.118.144
110.157.183.98
39.144.30.158
114.32.237.73
49.112.243.129
36.107.41.175
36.108.56.146
106.42.201.50
223.104.1.128
118.190.67.81
125.84.179.19
36.108.31.7
52.221.197.199
49.115.51.209
18.228.119.108
203.208.60.65
223.152.10.250
222.89.56.130
192.74.230.104
171.99.162.136
122.112.239.131
43.250.200.17
180.116.122.116
121.228.224.89
185.181.102.18
117.84.134.102
116.179.32.26
80.82.77.139
220.181.108.149
121.231.154.226
194.40.44.143
218.81.118.54
177.75.221.165
185.244.39.29
223.149.241.120
119.23.224.131
223.152.93.112
63.207.41.196
67.142.70.166
115.28.143.82
91.234.62.16
111.74.62.175
101.91.60.81
121.234.236.193
49.89.250.166
144.239.16.18
49.89.242.53
114.239.104.49
114.239.17.136
114.239.176.240
2020.8.17日14:30分—更新——
114.247.103.116
121.234.236.193
49.89.250.166
114.239.16.18
49.89.242.53
114.239.104.49
114.239.17.136
114.239.176.240
2020.8.17日14:38分—更新——
58.218.66.190
122.155.161.107
122.51.16.221
180.76.121.81
47.56.187.209
42.3.24.62
117.136.0.139 以上IP攻击方式:针对mysql、redis、weblogic、vpn服务的攻击。
攻击队4G现场地址
223.104.3.24
39.99.160.90
2020.8.17日14:40分—更新——
1、第一支队伍出口IP
39.103.138.156
39.103.138.156
39.103.138.154
39.103.138.20
39.103.138.92
跳板机IP:
39.156.57.19
39.156.57.17
2、第二支队伍出口IP
39.107.111.182
39.107.108.116
39.107.111.182
39.107.112.96
39.107.112.213
跳板机IP:
39.156.57.120
39.156.57.93
3、攻击队入住酒店IP:
124.202.183.131
4、攻击队物理主机dns服务器:
202.106.46.151
5、目前怀疑39.156.56.0/24 为所有攻击队第一跳出口网段。
6、因为今天是测试,所有IP基本都在一个段里,后期会换。
【共享情报】已确认的红队腾讯云IP,建议立即封禁
81.68.168.223
81.68.169.72
81.68.167.29
81.68.170.78
81.68.168.250
81.68.173.7
2020.8.17日14:59分—————更新———————–
40.76.75.137 扫描攻击
46.81.56.4 扫描攻击
46.81.56.5 扫描攻击
46.81.56.6 扫描攻击
46.81.56.7 扫描攻击
121.42.12.130 多次尝试利用struts2漏洞
42.81.56.6 扫描攻击
115.28.143.82 http僵尸网络连接,CGI扫描
123.6.13.10 扫描攻击
121.32.243.5 扫描攻击
52.177.238.151 http Linux命令注入攻击
128.14.209.234 扫描攻击
128.14.209.250 扫描攻击
61.160.224.7 扫描攻击
42.81.56.9 扫描攻击
42.81.56.10 扫描攻击
42.81.56.11 扫描攻击
121.32.243.6 木马攻击 http后门
121.32.243.7 大量扫描
106.112.129.153 尝试木马攻击
240e:3a0:8c03:3a87:2e56:dc8c:3772:cbe7 尝试上传webshell
62.60.200.74 疑似访问webshell行为
187.174.74.83 http Linux命令注入攻击
193.106.30.234 扫描攻击
119.96.130.116 木马攻击
61.160.224.6 扫描攻击
61.160.224.11 扫描攻击
61.160.224.13 扫描攻击
61.160.224.12 扫描攻击
61.160.224.14 扫描攻击
156.96.44.192 扫描
58.87.105.221 尝试webRCE漏洞扫描
221.230.145.227 连接外网冰蝎webshell
222.129.131.110 namp网络扫描
43.247.89.34 目录遍历
116.233.55.63 xss探测攻击
2407:c080:802:35:4727:b7f6:af8d:ce4c
106.54.179.83 DNS爆破
212.129.247.82 DNS爆破
114.104.138.231 尝试扫描Web组件漏洞
114.255.73.145 尝试扫描apache roller漏洞
223.149.251.137 尝试扫描命令执行漏洞
119.3.159.71
124.200.182.121
61.48.208.250
94.200.76.222 尝试web组件漏洞利用
39.101.150.29 敏感目录探测
111.230.157.95 HTTP远程代码执行,上传木马
219.143.76.154 上传php webshell
182.92.235.240 上传phpwebshell
47.99.213.158 内网连接外网的远控
36.230.163.250 尝试命令注入
183.64.80.142
122.139.132.102
157.122.2.29 尝试利用shiro漏洞
125.77.142.189 尝试利用shiro漏洞
123.6.13.7
122.190.204.3
111.197.240.57
2409:8900:5650:2631:75b9:af06:4ffc:abb3
124.225.167.213 内网机器反连外网的shiro漏洞远控
1.246.222.56 远程命令执行漏洞
61.129.128.208 尝试SQL注入