Skip to main content

Posts

Showing posts from March, 2019

TrickBot C2i and Configs March 2019

There are some new additions in the latest target list. These are the targeted URIs extracted from the complete configs. Some of the regex'd URIs are very interesting and highly effective. Article by  Vishal Thakur C2: http://103.119.144.250:8082 http://75.183.130.158:8082 http://96.36.253.146:8082 http://75.183.130.158:8082 http://96.36.253.146:8082 http://14.102.107.114:8082 http://181.115.156.218:80 http://200.21.51.30:80 http://36.91.93.114:80 http://97.87.127.198:80 http://190.152.125.162:80 http://192.210.152.173:443 http://212.80.216.228:443 http://185.68.93.59:443 http://31.202.132.5:443 http://107.175.132.141:443 http://185.86.148.195:443 Target list: <lm>https://us.etrade.com/webapiagg/aggregator</lm> <lm>https://us.etrade.com/etx/hw/0/accountshome.json</lm> <lm>https://www.nwolb.com/*.aspx*</lm> <lm>https://www.rbsdigital.com/*.aspx*</lm> <lm>https://www.ulsterbankanytimebanking.