Report - raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]

Report Overview

Submitted URL
raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh
IP
185.199.109.133
ASN
#54113 FASTLY
Submitted
2024-03-28 17:37:22
Access
public
Website Title
raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh
Final URL
raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-03-28	554 B	1.2 kB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Bourne-Again shell script, ASCII text executable, with very long lines (511), with CRLF line terminators
Size
305 B (305 bytes)
Hash
ec7e2bce0d33102fe92fcd9158d8490d
2bd03418689da3bf58c5e7410b9286ec3ba1d466
eb5f58772246f532a24934b03446cde7a93df3ed860471cc89f557c876d373ef

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 9/60

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh

185.199.111.133

200 OK

305 B

URL User Request GET HTTP/2
raw.githubusercontent.com/zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Bourne-Again shell script, ASCII text executable, with very long lines (511), with CRLF line terminators
Size
305 B (305 bytes)
Hash
ec7e2bce0d33102fe92fcd9158d8490d
2bd03418689da3bf58c5e7410b9286ec3ba1d466
eb5f58772246f532a24934b03446cde7a93df3ed860471cc89f557c876d373ef

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 9/60

HTTP Headers

GET /zev3n/Ubuntu-Gnome-privilege-escalation/main/CVE-2020-1612[6_7]_exploit.sh HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"3964611d394e42a71a88f9d373a368c7b3543a6a964cbda760146c7cfca2f960"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 808A:0EC5:30921AB:32A2E6F:6605AAB8
content-encoding: gzip
accept-ranges: bytes
date: Thu, 28 Mar 2024 17:36:57 GMT
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1711647417.054546,VS0,VE124
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: e123aada99f72cf0465ea9d9c932bc706f3d8519
expires: Thu, 28 Mar 2024 17:41:57 GMT
source-age: 0
content-length: 305
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers