2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:26”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 11688,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:24”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 8371,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:23”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 11363,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:23”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 7623,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:23”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 5706,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 17:56:23”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 5167,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}

2016-06-29. MSSQL attacked from 61.178.78.96,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 16:54:23”,        “source of the attack”: {            “ip”: “61.178.78.96”,            “domain”: “96.78.178.61.dail.lz.gs.dynamic.163data.com.cn”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 6123,        “destination port”: 1433,        “login”: [],        “mssql command”: [],        “mssql fingerprint”: []    }}

2016-06-29. MSSQL attacked from 61.178.78.96,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 16:54:19”,        “source of the attack”: {            “ip”: “61.178.78.96”,            “domain”: “96.78.178.61.dail.lz.gs.dynamic.163data.com.cn”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 6122,        “destination port”: 1433,        “login”: [],        “mssql command”: [],        “mssql fingerprint”: []    }}

2016-06-29. MSSQL attacked from 61.178.78.96,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 16:54:19”,        “source of the attack”: {            “ip”: “61.178.78.96”,            “domain”: “96.78.178.61.dail.lz.gs.dynamic.163data.com.cn”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 6121,        “destination port”: 1433,        “login”: [],        “mssql command”: [],        “mssql fingerprint”: []    }}

2016-06-29. MSSQL attacked from 123.249.0.151,China

{    “project”: “OpenBlackList (https://twitter.com/openblacklist)”,    “author”: “ElCatapan (https://twitter.com/ElCatapan)”,    “attack details”: {        “timestamp”: “2016-06-29 16:20:33”,        “source of the attack”: {            “ip”: “123.249.0.151”,            “domain”: “error-cdnzz-com.cdnzz.net”,            “geoloc”: “China”        },        “honeypot sensor target”: “sensor01”,        “service attacked”: “MSSQL”,        “protocol”: “tcp”,        “source port”: 9428,        “destination port”: 1433,        “login”: [            {                “password”: “”,                “user”: “sa”            }        ],        “mssql command”: [],        “mssql fingerprint”: [            {                “hostname”: “SERVER”,                “clientname”: “ODBC”,                “appname”: “OSQL-32”            }        ]    }}