In the past few weeks I have noticed this type of POST activity showing in my honeypot {"id":0,"jsonrpc":"2.0","method":"eth_accounts"} looking for ID 0 (root). Activity has a static source port of 65535 and destination port 8080.
[1] https://github.com/ethereum/wiki/wiki/JSON-RPC ----------- |
Guy 486 Posts ISC Handler Nov 13th 2017 |
Thread locked Subscribe |
Nov 13th 2017 3 years ago |
Looks, at first glance, as if it could be related to this Oracle advisory?
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html Remote attack without auth... |
Anonymous |
Quote |
Nov 15th 2017 3 years ago |
https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_accounts
|
Anonymous |
Quote |
May 31st 2018 2 years ago |
Sign Up for Free or Log In to start participating in the conversation!