Historical OSINT - A Compilation of Publicly Accessible Web Shells - An Analysis

0
December 13, 2020

In this post I'll provide actionable intelligence on some of the currently active publicly accessible IPs which are known to have been hosting publicly accessible web shells for the purpose of empowering the cybercriminals behind the campaigns to establish a direct connection with the server in question potentially resulting in a direct compromise of the server which could further assist in the ongoing monetization of the access for the purpose of hosting blackhat SEO content including malicious software on the compromised server.

Sample known IPs known to have hosted publicly accessible Web shells circa 2013:

http://63.143.52.90/webdav/Kat.php

http://188.39.86.169/webdav/Kat.php

http://71.13.238.29/webdav/Kat.php

http://122.192.68.247/webdav/Kat.php

http://79.136.101.26/webdav/Kat.php

http://218.66.79.138/webdav/Kat.php

http://147.46.53.121/webdav/Kat.php

http://195.70.35.170/webdav/Kat.php

http://202.120.38.4/webdav/Kat.php

http://175.158.191.163/webdav/Greenshell.php

http://177.124.2.30/webdav/Greenshell.php

http://200.165.107.147/webdav/Greenshell.php

http://118.97.18.244/webdav/Greenshell.php

http://175.28.13.160/webdav/Greenshell.php

http://187.76.0.75/webdav/Greenshell.php

http://58.240.239.178/webdav/Greenshell.php

http://202.100.85.103/webdav/Greenshell.php

http://210.175.78.71/webdav/Greenshell.php

http://118.69.245.77/webdav/Greenshell.php

http://69.51.202.235/webdav/Greenshell.php

http://87.106.13.193/webdav/Greenshell.php

http://24.222.37.150/webdav/Greenshell.php

http://200.57.141.91/webdav/Greenshell.php

http://173.56.68.9/webdav/Greenshell.php

http://177.2.129.199/webdav/Greenshell.php

http://202.120.34.5/webdav/Greenshell.php

http://195.70.35.170/webdav/Greenshell.php

http://62.193.248.62/webdav/Greenshell.php

http://131.220.71.150/webdav/Greenshell.php

http://161.53.159.250/webdav/Greenshell.php

http://201.122.73.249/webdav/Greenshell.php

http://201.39.231.190/webdav/Greenshell.php

http://178.18.95.238/webdav/Greenshell.php

http://178.78.114.133/webdav/Greenshell.php

http://41.57.109.245/webdav/Greenshell.php

http://18.172.2.239/webdav/Greenshell.php

http://124.165.225.147/webdav/Greenshell.php

http://84.246.6.172/webdav/Greenshell.php

http://64.47.71.249/webdav/Greenshell.php

http://186.153.123.155/webdav/Greenshell.php

http://103.30.92.130/webdav/Greenshell.php

http://115.249.227.230/webdav/Greenshell.php

http://59.176.124.13/webdav/Greenshell.php

http://114.69.241.42/webdav/Greenshell.php

http://123.18.207.2/webdav/Greenshell.php

http://84.233.143.17/webdav/Greenshell.php

http://193.60.92.220/webdav/Greenshell.php

http://80.154.138.211/webdav/Greenshell.php

http://212.91.233.115/webdav/Greenshell.php

http://210.175.78.71/webdav/Greenshell.php

http://174.37.60.119/webdav/Greenshell.php

http://75.126.69.194/webdav/Greenshell.php

http://147.46.216.176/webdav/Greenshell.php

http://195.243.244.22/webdav/Greenshell.php

http://202.169.30.215/webdav/Greenshell.php

http://193.179.195.125/webdav/Greenshell.php

http://88.179.3.250/webdav/Greenshell.php

http://62.82.100.195/webdav/Greenshell.php

http://212.204.205.48/webdav/Greenshell.php

http://61.120.124.87/webdav/Greenshell.php

http://91.195.163.75/webdav/Greenshell.php

http://212.50.28.194/webdav/Greenshell.php

http://66.60.102.110/webdav/Greenshell.php

http://41.207.95.71/webdav/Greenshell.php

http://87.79.66.248/webdav/Greenshell.php

http://118.70.167.134/webdav/Greenshell.php

http://222.73.18.86/webdav/Greenshell.php

http://118.97.18.244/webdav/Greenshell.php

http://175.28.13.160/webdav/Greenshell.php

http://217.18.195.71/webdav/Greenshell.php

http://200.50.118.40/webdav/Greenshell.php

http://81.169.178.176/webdav/Greenshell.php

http://210.163.224.65/webdav/Greenshell.php

http://175.158.191.163/webdav/Greenshell.php

http://87.98.167.79/webdav/Greenshell.php

http://212.91.233.120/webdav/Greenshell.php

http://69.162.81.116/webdav/Greenshell.php

http://212.16.239.24/webdav/Greenshell.php

http://80.122.103.134/webdav/Greenshell.php

http://68.232.226.42/webdav/Greenshell.php

http://210.173.78.67/webdav/Greenshell.php

http://118.69.245.77/webdav/Greenshell.php

http://202.100.85.103/webdav/Greenshell.php

http://115.119.15.180/webdav/Greenshell.php

http://222.73.18.86/webdav/Kat.php

http://208.115.223.114/webdav/Kat.php

http://83.238.165.202/webdav/Kat.php

http://195.243.244.22/webdav/Kat.php

http://210.163.224.65/webdav/Kat.php

http://120.68.42.163/webdav/Kat.php

http://114.142.147.125/webdav/Kat.php

http://92.39.20.52/webdav/Greenshell.php

http://202.120.51.74/webdav/Greenshell.php

http://222.73.18.86/webdav/Greenshell.php

http://210.47.36.6/webdav/Greenshell.php

http://210.175.78.71/webdav/Greenshell.php

http://212.91.233.115/webdav/Greenshell.php

http://147.46.216.176/webdav/Greenshell.php

http://77.237.1.104/webdav/Greenshell.php

http://82.204.47.109/webdav/Greenshell.php

http://217.92.57.106/webdav/Greenshell.php

http://80.24.82.4/webdav/Greenshell.php

http://194.249.184.130/webdav/Greenshell.php

http://147.46.53.121/webdav/Greenshell.php

http://85.214.39.59/webdav/Greenshell.php

http://74.208.103.227/webdav/Greenshell.php

http://134.206.51.221/webdav/Greenshell.php

http://212.91.233.120/webdav/Greenshell.php

http://220.233.42.100/webdav/Greenshell.php

http://79.125.24.51/webdav/Greenshell.php

http://74.208.161.177/webdav/Greenshell.php

http://195.54.209.152/webdav/Greenshell.php

http://78.8.120.172/webdav/Greenshell.php

http://173.192.69.18/webdav/Greenshell.php

http://212.91.233.119/webdav/Greenshell.php

http://85.111.3.57/webdav/Greenshell.php

http://213.8.91.167/webdav/Greenshell.php

http://218.83.153.18/webdav/Greenshell.php

http://218.16.119.82/webdav/Greenshell.php

http://58.26.163.2/webdav/Greenshell.php

http://109.123.92.158/webdav/Greenshell.php

http://71.13.238.14/webdav/Greenshell.php

http://210.175.78.71/webdav/Greenshell.php

http://222.24.19.18/webdav/Greenshell.php

http://87.79.66.248/webdav/Greenshell.php

http://66.171.182.154/webdav/Greenshell.php

http://210.47.36.6/webdav/Greenshell.php

http://147.46.216.176/webdav/Greenshell.php

http://87.79.66.248/webdav/Greenshell.php

http://92.39.20.52/webdav/Greenshell.php

http://208.115.223.114/webdav/Greenshell.php

http://210.175.78.71/webdav/Greenshell.php

http://212.91.233.115/webdav/Greenshell.php

http://195.243.244.22/webdav/Greenshell.php

http://222.24.19.18/webdav/Greenshell.php

http://147.46.216.176/webdav/Greenshell.php

http://202.169.30.215/webdav/Greenshell.php

http://174.37.60.119/webdav/Greenshell.php

http://70.38.118.206/webdav/Greenshell.php

http://71.13.238.10/webdav/Greenshell.php

http://71.13.238.32/webdav/Greenshell.php

http://165.234.1.18/webdav/Greenshell.php

http://216.38.161.104/webdav/Greenshell.php

http://71.13.238.4/webdav/Greenshell.php

http://71.13.238.25/webdav/Greenshell.php

http://68.232.226.42/webdav/Greenshell.php

http://173.192.69.18/webdav/Greenshell.php

http://66.171.182.154/webdav/Greenshell.php

http://173.15.180.89/webdav/Greenshell.php

http://188.39.86.169/webdav/Greenshell.php

http://212.91.233.114/webdav/Greenshell.php

http://31.163.203.16/webdav/Greenshell.php

http://213.8.91.167/webdav/Greenshell.php

http://202.120.1.33/webdav/Greenshell.php

http://219.219.114.91/webdav/Greenshell.php

http://202.72.218.181/webdav/Greenshell.php

Stay tuned!

About the author

Donec non enim in turpis pulvinar facilisis. Ut felis. Praesent dapibus, neque id cursus faucibus. Aenean fermentum, eget tincidunt.

0 Comments:

Subscribe to: Post Comments (Atom)