Mirrors
/
cyber_threat_intelligence
镜像自地址 https://github.com/vuldb/cyber_threat_intelligence
6
0
派生 0
代码 工单 软件包 项目 版本发布 百科 动态

Update January 2024

这个提交包含在:
Marc Ruef 2024-01-05 11:54:56 +01:00
父节点 cfa9489a9c
当前提交 1d5ef30cb7
共有 194 个文件被更改,包括 18253 次插入17587 次删除
显示统计 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

2
actors/.IMG Files/README.md
查看文件

@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/00519ead/README.md
查看文件

@ -64,4 +64,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/0ktapus/README.md
查看文件

@ -117,4 +117,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/3LOSH/README.md
查看文件

@ -56,4 +56,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/404 Keylogger/README.md
查看文件

@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/8220 Gang/README.md
查看文件

@ -92,4 +92,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/APT27/README.md
查看文件

@ -124,4 +124,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/APT32/README.md
查看文件

@ -111,4 +111,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/APT39/README.md
查看文件

@ -90,4 +90,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/AdvisorsBot/README.md
查看文件

@ -112,4 +112,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Anubis/README.md
查看文件

@ -58,4 +58,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

1146
actors/AsyncRAT/README.md
查看文件

文件差异内容过多而无法显示 加载差异

2
actors/BBtok/README.md
查看文件

@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

105
actors/Bahrain Unknown/README.md
查看文件

@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bahrain Unknown:
* [US](https://vuldb.com/?country.us)
* [JP](https://vuldb.com/?country.jp)
* [CN](https://vuldb.com/?country.cn)
* [JP](https://vuldb.com/?country.jp)
* ...
There are 23 more country items available. Please use our online service to access the data.
@ -87,55 +87,60 @@ ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/accounts_con/register_account` | High
3 | File | `/admin/?page=bike` | High
4 | File | `/admin/course.php` | High
5 | File | `/admin/courses/manage_course.php` | High
6 | File | `/admin/courses/view_course.php` | High
7 | File | `/admin/departments/manage_department.php` | High
8 | File | `/admin/index.php` | High
9 | File | `/admin/ind_backstage.php` | High
10 | File | `/admin/list_addr_fwresource_ip.php` | High
11 | File | `/admin/list_onlineuser.php` | High
12 | File | `/admin/login.php` | High
13 | File | `/admin/manage-pages.php` | High
14 | File | `/admin/manage-users.php` | High
15 | File | `/admin/options-theme.php` | High
16 | File | `/admin/plugin.php` | High
17 | File | `/admin/students/manage_academic.php` | High
18 | File | `/admin/subject.php` | High
19 | File | `/admin/theme-edit.php` | High
20 | File | `/adplanet/PlanetUser` | High
21 | File | `/ample/app/ajax/member_data.php` | High
22 | File | `/api/authentication/login` | High
23 | File | `/api/download` | High
24 | File | `/api/v1/alerts` | High
25 | File | `/article/DelectArticleById/` | High
26 | File | `/auth/auth.php?user=1` | High
27 | File | `/b2b-supermarket/catalog/all-products` | High
28 | File | `/b2b-supermarket/shopping-cart` | High
29 | File | `/cgi-bin/cstecgi.cgi` | High
30 | File | `/config-manager/save` | High
31 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
32 | File | `/content/templates/` | High
33 | File | `/course/filterRecords/` | High
34 | File | `/dashboard/createblog` | High
35 | File | `/debug/pprof` | Medium
36 | File | `/ecommerce/admin/settings/setDiscount.php` | High
37 | File | `/endpoint/add-guest.php` | High
38 | File | `/endpoint/add-user.php` | High
39 | File | `/etc/hosts.deny` | High
40 | File | `/fcgi/scrut_fcgi.fcgi` | High
41 | File | `/forum/away.php` | High
42 | File | `/geoserver/gwc/rest.html` | High
43 | File | `/goform/formSysCmd` | High
44 | File | `/h/autoSaveDraft` | High
45 | File | `/HNAP1/` | Low
46 | File | `/im/user/` | Medium
47 | File | `/importexport.php` | High
48 | File | `/index.php?pluginApp/to/yzOffice/getFile` | High
49 | ... | ... | ...
3 | File | `/admin/` | Low
4 | File | `/admin/?page=bike` | High
5 | File | `/admin/book_add.php` | High
6 | File | `/admin/book_row.php` | High
7 | File | `/admin/bwdates-report-details.php` | High
8 | File | `/admin/course.php` | High
9 | File | `/admin/courses/manage_course.php` | High
10 | File | `/admin/courses/view_course.php` | High
11 | File | `/admin/departments/manage_department.php` | High
12 | File | `/admin/index.php` | High
13 | File | `/admin/ind_backstage.php` | High
14 | File | `/admin/list_addr_fwresource_ip.php` | High
15 | File | `/admin/list_onlineuser.php` | High
16 | File | `/admin/login.php` | High
17 | File | `/admin/manage-pages.php` | High
18 | File | `/admin/manage-users.php` | High
19 | File | `/admin/options-theme.php` | High
20 | File | `/admin/pages/subjects.php` | High
21 | File | `/admin/pages/yearlevel.php` | High
22 | File | `/admin/students/manage_academic.php` | High
23 | File | `/admin/subject.php` | High
24 | File | `/admin/theme-edit.php` | High
25 | File | `/admin/upload/img` | High
26 | File | `/adplanet/PlanetUser` | High
27 | File | `/ample/app/ajax/member_data.php` | High
28 | File | `/api/authentication/login` | High
29 | File | `/api/download` | High
30 | File | `/api/v1/alerts` | High
31 | File | `/article/DelectArticleById/` | High
32 | File | `/auth/auth.php?user=1` | High
33 | File | `/b2b-supermarket/catalog/all-products` | High
34 | File | `/b2b-supermarket/shopping-cart` | High
35 | File | `/boaform/wlan_basic_set.cgi` | High
36 | File | `/cgi-bin/cstecgi.cgi` | High
37 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
38 | File | `/config,admin.jsp` | High
39 | File | `/config-manager/save` | High
40 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
41 | File | `/dashboard/createblog` | High
42 | File | `/debug/pprof` | Medium
43 | File | `/ecommerce/admin/settings/setDiscount.php` | High
44 | File | `/endpoint/add-guest.php` | High
45 | File | `/endpoint/add-user.php` | High
46 | File | `/etc/hosts.deny` | High
47 | File | `/file-manager/delete.php` | High
48 | File | `/file-manager/upload.php` | High
49 | File | `/forum/away.php` | High
50 | File | `/geoserver/gwc/rest.html` | High
51 | File | `/goform/formSysCmd` | High
52 | File | `/h/autoSaveDraft` | High
53 | File | `/HNAP1/` | Low
54 | ... | ... | ...
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 468 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -154,4 +159,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

9
actors/BazarLoader/README.md
查看文件

@ -73,9 +73,10 @@ ID | Technique | Weakness | Description | Confidence
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1059 | CWE-94 | Cross Site Scripting | High
4 | ... | ... | ... | ...
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | ... | ... | ... | ...
There are 13 more TTP items available. Please use our online service to access the data.
There are 14 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -97,7 +98,7 @@ ID | Type | Indicator | Confidence
12 | File | `admin/admin.shtml` | High
13 | ... | ... | ...
There are 103 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 106 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -138,4 +139,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

97
actors/BlackCat/README.md
查看文件

@ -65,54 +65,55 @@ ID | Type | Indicator | Confidence
12 | File | `/admin/index.php` | High
13 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
14 | File | `/admin/list_onlineuser.php` | High
15 | File | `/admin/options` | High
16 | File | `/admin/report/index.php` | High
17 | File | `/admin/services/manage_service.php` | High
18 | File | `/admin/settings/` | High
19 | File | `/admin/show.php` | High
20 | File | `/admin/students/update_status.php` | High
21 | File | `/admin/subject.php` | High
22 | File | `/admin/user/manage_user.php` | High
23 | File | `/admin/users/index.php` | High
24 | File | `/ample/app/ajax/member_data.php` | High
25 | File | `/article/DelectArticleById/` | High
26 | File | `/asms/classes/Master.php?f=delete_service` | High
27 | File | `/auth/auth.php?user=1` | High
28 | File | `/b2b-supermarket/shopping-cart` | High
29 | File | `/blog` | Low
30 | File | `/bsms_ci/index.php/user/edit_user/` | High
31 | File | `/cgi-bin/cstecgi.cgi` | High
32 | File | `/classes/Master.php?f=delete_category` | High
33 | File | `/classes/Master.php?f=delete_inquiry` | High
34 | File | `/classes/Master.php?f=save_reminder` | High
35 | File | `/classes/Users.php?f=delete_client` | High
36 | File | `/clients/listclients.php` | High
37 | File | `/clients/profile` | High
38 | File | `/cms/category/list` | High
39 | File | `/collection/all` | High
40 | File | `/company/store` | High
41 | File | `/contacts/listcontacts.php` | High
42 | File | `/Default/Bd` | Medium
43 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
44 | File | `/ext/phar/phar_object.c` | High
45 | File | `/forum/away.php` | High
46 | File | `/fos/admin/index.php?page=menu` | High
47 | File | `/friends` | Medium
48 | File | `/goform/AddSysLogRule` | High
49 | File | `/goform/SafeEmailFilter` | High
50 | File | `/goform/SetIpMacBind` | High
51 | File | `/goform/setSnmpInfo` | High
52 | File | `/goform/setUplinkInfo` | High
53 | File | `/goform/SysToolReboot` | High
54 | File | `/goform/WifiBasicSet` | High
55 | File | `/graphql` | Medium
56 | File | `/home/get_tasks_list` | High
57 | File | `/hrm/employeeview.php` | High
58 | File | `/hss/?page=categories` | High
59 | File | `/hss/admin/brands/manage_brand.php` | High
60 | ... | ... | ...
15 | File | `/admin/login.php` | High
16 | File | `/admin/options` | High
17 | File | `/admin/report/index.php` | High
18 | File | `/admin/services/manage_service.php` | High
19 | File | `/admin/settings/` | High
20 | File | `/admin/show.php` | High
21 | File | `/admin/students/update_status.php` | High
22 | File | `/admin/subject.php` | High
23 | File | `/admin/user/manage_user.php` | High
24 | File | `/admin/users/index.php` | High
25 | File | `/ample/app/ajax/member_data.php` | High
26 | File | `/article/DelectArticleById/` | High
27 | File | `/asms/classes/Master.php?f=delete_service` | High
28 | File | `/auth/auth.php?user=1` | High
29 | File | `/b2b-supermarket/shopping-cart` | High
30 | File | `/blog` | Low
31 | File | `/bsms_ci/index.php/user/edit_user/` | High
32 | File | `/cgi-bin/cstecgi.cgi` | High
33 | File | `/cgi-bin/cstecgi.cgi?action=login&flag=ie8` | High
34 | File | `/classes/Master.php?f=delete_category` | High
35 | File | `/classes/Master.php?f=delete_inquiry` | High
36 | File | `/classes/Master.php?f=save_reminder` | High
37 | File | `/classes/Users.php?f=delete_client` | High
38 | File | `/clients/listclients.php` | High
39 | File | `/clients/profile` | High
40 | File | `/cms/category/list` | High
41 | File | `/collection/all` | High
42 | File | `/company/store` | High
43 | File | `/contacts/listcontacts.php` | High
44 | File | `/Default/Bd` | Medium
45 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
46 | File | `/ext/phar/phar_object.c` | High
47 | File | `/file-manager/upload.php` | High
48 | File | `/forum/away.php` | High
49 | File | `/fos/admin/index.php?page=menu` | High
50 | File | `/friends` | Medium
51 | File | `/goform/AddSysLogRule` | High
52 | File | `/goform/SafeEmailFilter` | High
53 | File | `/goform/SetIpMacBind` | High
54 | File | `/goform/setSnmpInfo` | High
55 | File | `/goform/setUplinkInfo` | High
56 | File | `/goform/SysToolReboot` | High
57 | File | `/goform/WifiBasicSet` | High
58 | File | `/graphql` | Medium
59 | File | `/home/get_tasks_list` | High
60 | File | `/hrm/employeeview.php` | High
61 | ... | ... | ...
There are 527 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 536 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -131,4 +132,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Bluekeep Exploit/README.md
查看文件

@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Bronze Butler/README.md
查看文件

@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Bronze Union/README.md
查看文件

@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Brunhilda/README.md
查看文件

@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Carbanak/README.md
查看文件

@ -160,4 +160,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

7197
actors/Cobalt Strike/README.md
查看文件

文件差异内容过多而无法显示 加载差异

84
actors/Comoros Unknown/README.md
查看文件

@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | ... | ... | ... | ...
There are 14 more TTP items available. Please use our online service to access the data.
There are 15 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -52,46 +52,48 @@ ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
3 | File | `/admin/ajax/avatar.php` | High
4 | File | `/admin/forgot-password.php` | High
5 | File | `/admin/index.php` | High
6 | File | `/admin/lab.php` | High
7 | File | `/admin/login.php` | High
8 | File | `/admin/payment.php` | High
9 | File | `/admin/show.php` | High
10 | File | `/cgi-bin/kerbynet` | High
11 | File | `/default.php?idx=17` | High
12 | File | `/download` | Medium
13 | File | `/env` | Low
14 | File | `/forum/away.php` | High
15 | File | `/index.php` | Medium
16 | File | `/opt/bin/cli` | Medium
17 | File | `/p` | Low
18 | File | `/patient/doctors.php` | High
19 | File | `/phpinventory/editcategory.php` | High
20 | File | `/product-list.php` | High
21 | File | `/spip.php` | Medium
22 | File | `/uncpath/` | Medium
23 | File | `/updown/upload.cgi` | High
24 | File | `/user/del.php` | High
25 | File | `/wp-admin/admin-ajax.php` | High
26 | File | `/_next` | Low
27 | File | `123flashchat.php` | High
28 | File | `act.php` | Low
29 | File | `admin.php/pay` | High
30 | File | `admin/bad.php` | High
31 | File | `admin/index.php` | High
32 | File | `admin/index.php/user/del/1` | High
33 | File | `admin/index.php?id=themes&action=edit_chunk` | High
34 | File | `administrator/index.php` | High
35 | File | `agenda.php` | Medium
36 | File | `ajax/render/widget_php` | High
37 | File | `album_portal.php` | High
38 | File | `api.php` | Low
39 | File | `application/home/controller/debug.php` | High
40 | ... | ... | ...
3 | File | `/admin/add-services.php` | High
4 | File | `/admin/ajax/avatar.php` | High
5 | File | `/admin/edit-services.php` | High
6 | File | `/admin/forgot-password.php` | High
7 | File | `/admin/index.php` | High
8 | File | `/admin/lab.php` | High
9 | File | `/admin/login.php` | High
10 | File | `/admin/payment.php` | High
11 | File | `/admin/show.php` | High
12 | File | `/boat/login.php` | High
13 | File | `/cgi-bin/kerbynet` | High
14 | File | `/clinic/disease_symptoms_view.php` | High
15 | File | `/default.php?idx=17` | High
16 | File | `/download` | Medium
17 | File | `/env` | Low
18 | File | `/forum/away.php` | High
19 | File | `/index.php` | Medium
20 | File | `/opt/bin/cli` | Medium
21 | File | `/p` | Low
22 | File | `/patient/doctors.php` | High
23 | File | `/phpinventory/editcategory.php` | High
24 | File | `/product-list.php` | High
25 | File | `/spip.php` | Medium
26 | File | `/uncpath/` | Medium
27 | File | `/updown/upload.cgi` | High
28 | File | `/user/del.php` | High
29 | File | `/wp-admin/admin-ajax.php` | High
30 | File | `/_next` | Low
31 | File | `123flashchat.php` | High
32 | File | `act.php` | Low
33 | File | `admin.php/pay` | High
34 | File | `admin/bad.php` | High
35 | File | `admin/index.php` | High
36 | File | `admin/index.php/user/del/1` | High
37 | File | `admin/index.php?id=themes&action=edit_chunk` | High
38 | File | `admin/products/controller.php?action=add` | High
39 | File | `administrator/index.php` | High
40 | File | `agenda.php` | Medium
41 | File | `ajax/render/widget_php` | High
42 | ... | ... | ...
There are 344 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -110,4 +112,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

11
actors/CosmicBeetle/README.md
查看文件

@ -15,11 +15,11 @@ The following _campaigns_ are known and can be associated with CosmicBeetle:
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CosmicBeetle:
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [RU](https://vuldb.com/?country.ru)
* [CN](https://vuldb.com/?country.cn)
* ...
There are 3 more country items available. Please use our online service to access the data.
There are 4 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -56,9 +56,10 @@ ID | Type | Indicator | Confidence
1 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
2 | File | `add-category.php` | High
3 | File | `admin/dashboard.php` | High
4 | ... | ... | ...
4 | File | `detail.php` | Medium
5 | ... | ... | ...
There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 27 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -75,4 +76,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/CozyDuke/README.md
查看文件

@ -63,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

70
actors/Cuba Ransomware/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* ...
There are 3 more country items available. Please use our online service to access the data.
There are 4 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -46,15 +46,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
6 | ... | ... | ... | ...
There are 23 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -64,41 +63,48 @@ ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/?ajax-request=jnews` | High
2 | File | `/accounts/password_change/` | High
3 | File | `/activate_hook.php` | High
3 | File | `/act/ActDao.xml` | High
4 | File | `/admin/ajax.php?action=confirm_order` | High
5 | File | `/admin/courses/manage_course.php` | High
6 | File | `/admin/departments/manage_department.php` | High
7 | File | `/admin/students/manage_academic.php` | High
8 | File | `/api/addusers` | High
9 | File | `/api/baskets/{name}` | High
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
11 | File | `/assets/something/services/AppModule.class` | High
12 | File | `/audit/log/log_management.php` | High
7 | File | `/admin/php/crud.php` | High
8 | File | `/admin/students/manage_academic.php` | High
9 | File | `/api/addusers` | High
10 | File | `/api/baskets/{name}` | High
11 | File | `/api/log/killJob` | High
12 | File | `/api/v1/terminal/sessions/?limit=1` | High
13 | File | `/authenticationendpoint/login.do` | High
14 | File | `/b2b-supermarket/shopping-cart` | High
15 | File | `/blog/comment` | High
16 | File | `/bsms_ci/index.php` | High
17 | File | `/catalog/compare` | High
18 | File | `/cgi-bin/downloadFile.cgi` | High
19 | File | `/cgi-bin/wlogin.cgi` | High
20 | File | `/classes/Users.php` | High
21 | File | `/debug/pprof` | Medium
22 | File | `/DXR.axd` | Medium
23 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
24 | File | `/env` | Low
25 | File | `/forms/doLogin` | High
26 | File | `/forum/away.php` | High
27 | File | `/geoserver/gwc/rest.html` | High
28 | File | `/importexport.php` | High
29 | File | `/index.php` | Medium
30 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
31 | File | `/librarian/bookdetails.php` | High
32 | File | `/login` | Low
33 | File | `/MailAdmin_dll.htm` | High
34 | File | `/mhds/clinic/view_details.php` | High
35 | ... | ... | ...
18 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
19 | File | `/cgi-bin/downloadFile.cgi` | High
20 | File | `/cgi-bin/kerbynet` | High
21 | File | `/cgi-bin/wlogin.cgi` | High
22 | File | `/clinic/disease_symptoms_view.php` | High
23 | File | `/config/getuser` | High
24 | File | `/debug/pprof` | Medium
25 | File | `/download.php?file=author.png` | High
26 | File | `/DXR.axd` | Medium
27 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
28 | File | `/forum/away.php` | High
29 | File | `/geoserver/gwc/rest.html` | High
30 | File | `/importexport.php` | High
31 | File | `/index.php` | Medium
32 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
33 | File | `/login` | Low
34 | File | `/MailAdmin_dll.htm` | High
35 | File | `/main/offices.php` | High
36 | File | `/mehah/otclient` | High
37 | File | `/mhds/clinic/view_details.php` | High
38 | File | `/modals/class_form.php` | High
39 | File | `/oauth/idp/.well-known/openid-configuration` | High
40 | File | `/php/exportrecord.php` | High
41 | File | `/php/ping.php` | High
42 | ... | ... | ...
There are 298 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -116,4 +122,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

117
actors/Czechia Unknown/README.md
查看文件

@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [RU](https://vuldb.com/?country.ru)
* [GB](https://vuldb.com/?country.gb)
* ...
There are 24 more country items available. Please use our online service to access the data.
There are 27 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -583,14 +583,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-425 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 23 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -598,64 +599,58 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/admin/?page=user/manage_user&id=3` | High
2 | File | `/admin/admin_content_tag.php?action=save_content` | High
3 | File | `/admin/courses/manage_course.php` | High
4 | File | `/admin/edit-accepted-appointment.php` | High
5 | File | `/admin/forgot-password.php` | High
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/accounts_con/register_account` | High
3 | File | `/admin/admin_content_tag.php?action=save_content` | High
4 | File | `/admin/bwdates-report-details.php` | High
5 | File | `/admin/courses/manage_course.php` | High
6 | File | `/admin/index.php` | High
7 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
8 | File | `/admin/modal_add_product.php` | High
9 | File | `/admin/save.php` | High
10 | File | `/admin/students/manage_academic.php` | High
11 | File | `/admin/sys_sql_query.php` | High
12 | File | `/ajax/networking/get_wgkey.php` | High
13 | File | `/api/baskets/{name}` | High
14 | File | `/api/download` | High
15 | File | `/api/sys/set_passwd` | High
16 | File | `/api/v1/alerts` | High
17 | File | `/api/v1/terminal/sessions/?limit=1` | High
18 | File | `/api2/html/` | Medium
19 | File | `/App_Resource/UEditor/server/upload.aspx` | High
20 | File | `/bitrix/admin/ldap_server_edit.php` | High
21 | File | `/blog` | Low
22 | File | `/category.php` | High
23 | File | `/categorypage.php` | High
24 | File | `/cgi-bin/` | Medium
25 | File | `/cgi-bin/luci/api/wireless` | High
26 | File | `/cgi-bin/vitogate.cgi` | High
27 | File | `/chaincity/user/ticket/create` | High
28 | File | `/classes/Master.php?f=delete_reminder` | High
29 | File | `/company/store` | High
30 | File | `/config` | Low
31 | File | `/contact.php` | Medium
32 | File | `/Content/Template/root/reverse-shell.aspx` | High
33 | File | `/Controller/Ajaxfileupload.ashx` | High
34 | File | `/core/conditions/AbstractWrapper.java` | High
35 | File | `/dev/kmem` | Medium
36 | File | `/dipam/athlete-profile.php` | High
37 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
38 | File | `/etc/passwd` | Medium
39 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
40 | File | `/fcgi/scrut_fcgi.fcgi` | High
41 | File | `/forum/away.php` | High
42 | File | `/h/` | Low
7 | File | `/admin/manage-users.php` | High
8 | File | `/admin/pages/subjects.php` | High
9 | File | `/admin/pages/yearlevel.php` | High
10 | File | `/admin/php/crud.php` | High
11 | File | `/admin/save.php` | High
12 | File | `/admin/students/manage_academic.php` | High
13 | File | `/admin/upload/img` | High
14 | File | `/admin/uploads/` | High
15 | File | `/ajax/networking/get_wgkey.php` | High
16 | File | `/api/download` | High
17 | File | `/api/log/killJob` | High
18 | File | `/api/upload.php` | High
19 | File | `/api/v1/alerts` | High
20 | File | `/api/v1/terminal/sessions/?limit=1` | High
21 | File | `/api2/html/` | Medium
22 | File | `/article/DelectArticleById/` | High
23 | File | `/b2b-supermarket/shopping-cart` | High
24 | File | `/base/ecma-helpers.c` | High
25 | File | `/category.php` | High
26 | File | `/categorypage.php` | High
27 | File | `/cgi-bin/` | Medium
28 | File | `/cgi-bin/vitogate.cgi` | High
29 | File | `/classes/Master.php?f=delete_reminder` | High
30 | File | `/config,admin.jsp` | High
31 | File | `/dashboard?controller=UserCollection::createUser` | High
32 | File | `/debug/pprof` | Medium
33 | File | `/dev/kmem` | Medium
34 | File | `/dist/index.js` | High
35 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
36 | File | `/fcgi/scrut_fcgi.fcgi` | High
37 | File | `/file-manager/rename.php` | High
38 | File | `/forum/away.php` | High
39 | File | `/geoserver/gwc/rest.html` | High
40 | File | `/goform/formSysCmd` | High
41 | File | `/goform/goform_get_cmd_process` | High
42 | File | `/gracemedia-media-player/templates/files/ajax_controller.php` | High
43 | File | `/HNAP1` | Low
44 | File | `/home/courses` | High
45 | File | `/home/filter_listings` | High
46 | File | `/home/search` | Medium
47 | File | `/index.php/payment/getcoinaddress` | High
48 | File | `/index.php?controller=GzUser&action=edit&id=1` | High
49 | File | `/install/index.php` | High
50 | File | `/jeecg-boot/sys/common/upload` | High
51 | File | `/librarian/bookdetails.php` | High
52 | File | `/log/webmailattach.php` | High
53 | File | `/matchmakings/question` | High
54 | File | `/mhds/clinic/view_details.php` | High
55 | File | `/modules/projects/vw_files.php` | High
56 | ... | ... | ...
44 | File | `/hosts/firewall/ip` | High
45 | File | `/index.php/ccm/system/file/upload` | High
46 | File | `/install/index.php` | High
47 | File | `/librarian/bookdetails.php` | High
48 | File | `/log/webmailattach.php` | High
49 | File | `/login` | Low
50 | ... | ... | ...
There are 485 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 432 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -673,4 +668,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/DEV-0530/README.md
查看文件

@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

21
actors/DEV-1084/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [CN](https://vuldb.com/?country.cn)
* ...
There are 6 more country items available. Please use our online service to access the data.
There are 7 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -48,15 +48,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
2 | File | `/rukovoditel/index.php?module=dashboard/ajax_request` | High
3 | File | `/wordpress/wp-admin/options-general.php` | High
4 | File | `arch/powerpc/kernel/entry_64.S` | High
5 | File | `auth2-gss.c` | Medium
6 | File | `avahi-core/socket.c` | High
7 | File | `block/bfq-iosched.c` | High
8 | ... | ... | ...
2 | File | `/forum/away.php` | High
3 | File | `/oauth/idp/.well-known/openid-configuration` | High
4 | File | `/rukovoditel/index.php?module=dashboard/ajax_request` | High
5 | File | `/search` | Low
6 | File | `/wordpress/wp-admin/options-general.php` | High
7 | File | `adclick.php` | Medium
8 | File | `arch/powerpc/kernel/entry_64.S` | High
9 | ... | ... | ...
There are 59 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 65 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -73,4 +74,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/DNSBirthday/README.md
查看文件

@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

60
actors/DarkGate/README.md
查看文件

@ -48,7 +48,7 @@ ID | Technique | Weakness | Description | Confidence
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
@ -86,36 +86,36 @@ ID | Type | Indicator | Confidence
24 | File | `/api/v1/alerts` | High
25 | File | `/api/v1/terminal/sessions/?limit=1` | High
26 | File | `/app/sys1.php` | High
27 | File | `/App_Resource/UEditor/server/upload.aspx` | High
28 | File | `/auth/auth.php?user=1` | High
29 | File | `/b2b-supermarket/shopping-cart` | High
30 | File | `/blog` | Low
31 | File | `/category.php` | High
32 | File | `/categorypage.php` | High
33 | File | `/cgi-bin/cstecgi.cgi` | High
34 | File | `/cgi-bin/luci/api/wireless` | High
35 | File | `/cgi-bin/vitogate.cgi` | High
36 | File | `/classes/Master.php?f=delete_category` | High
37 | File | `/collection/all` | High
38 | File | `/company/store` | High
39 | File | `/config-manager/save` | High
40 | File | `/Controller/Ajaxfileupload.ashx` | High
41 | File | `/debug/pprof` | Medium
42 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
43 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
44 | File | `/fcgi/scrut_fcgi.fcgi` | High
45 | File | `/forum/away.php` | High
46 | File | `/fusion/portal/action/Link` | High
47 | File | `/geoserver/gwc/rest.html` | High
48 | File | `/goform/formSysCmd` | High
49 | File | `/HNAP1` | Low
50 | File | `/home/courses` | High
51 | File | `/home/get_tasks_list` | High
52 | File | `/hosts/firewall/ip` | High
53 | File | `/importexport.php` | High
27 | File | `/auth/auth.php?user=1` | High
28 | File | `/b2b-supermarket/shopping-cart` | High
29 | File | `/blog` | Low
30 | File | `/category.php` | High
31 | File | `/categorypage.php` | High
32 | File | `/cgi-bin/cstecgi.cgi` | High
33 | File | `/cgi-bin/vitogate.cgi` | High
34 | File | `/classes/Master.php?f=delete_category` | High
35 | File | `/collection/all` | High
36 | File | `/company/store` | High
37 | File | `/config-manager/save` | High
38 | File | `/Controller/Ajaxfileupload.ashx` | High
39 | File | `/debug/pprof` | Medium
40 | File | `/dist/index.js` | High
41 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
42 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
43 | File | `/fcgi/scrut_fcgi.fcgi` | High
44 | File | `/forum/away.php` | High
45 | File | `/fusion/portal/action/Link` | High
46 | File | `/geoserver/gwc/rest.html` | High
47 | File | `/goform/formSysCmd` | High
48 | File | `/HNAP1` | Low
49 | File | `/home/courses` | High
50 | File | `/home/get_tasks_list` | High
51 | File | `/hosts/firewall/ip` | High
52 | File | `/importexport.php` | High
53 | File | `/index.php` | Medium
54 | ... | ... | ...
There are 469 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 467 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -168,4 +168,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

119
actors/Denmark Unknown/README.md
查看文件

@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Denmark Unknown:
* [US](https://vuldb.com/?country.us)
* [JP](https://vuldb.com/?country.jp)
* [CN](https://vuldb.com/?country.cn)
* [JP](https://vuldb.com/?country.jp)
* ...
There are 29 more country items available. Please use our online service to access the data.
There are 31 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -893,13 +893,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-36, CWE-425 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | ... | ... | ... | ...
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | T1068 | CWE-264, CWE-266, CWE-268, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
There are 18 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -907,59 +909,56 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/academy/home/courses` | High
2 | File | `/academy/tutor/filter` | High
3 | File | `/ad-list` | Medium
4 | File | `/admin/?page=user/list` | High
5 | File | `/admin/?page=user/manage_user&id=3` | High
6 | File | `/admin/about-us.php` | High
7 | File | `/admin/add-category.php` | High
8 | File | `/admin/add-services.php` | High
9 | File | `/admin/admin-profile.php` | High
10 | File | `/admin/article/article-edit-run.php` | High
11 | File | `/admin/del_category.php` | High
12 | File | `/admin/del_feedback.php` | High
13 | File | `/admin/edit-accepted-appointment.php` | High
14 | File | `/admin/edit_category.php` | High
15 | File | `/admin/edit_product.php` | High
16 | File | `/admin/files` | Medium
17 | File | `/admin/forgot-password.php` | High
18 | File | `/admin/invoice.php` | High
19 | File | `/admin/search-appointment.php` | High
20 | File | `/admin/sys_sql_query.php` | High
21 | File | `/api/baskets/{name}` | High
22 | File | `/api/download/updateFile` | High
23 | File | `/api/es/admin/v3/security/user/1` | High
24 | File | `/api/installation/setThumbnailRc` | High
25 | File | `/api/sys/login` | High
26 | File | `/api/sys/set_passwd` | High
27 | File | `/api/thumbnail` | High
28 | File | `/app/sys1.php` | High
29 | File | `/bitrix/admin/ldap_server_edit.php` | High
30 | File | `/blog-single.php` | High
31 | File | `/cgi-bin/koha/catalogue/search.pl` | High
32 | File | `/cgi-bin/luci/api/wireless` | High
33 | File | `/classes/Master.php?f=delete_category` | High
34 | File | `/collection/all` | High
35 | File | `/conf/` | Low
36 | File | `/config/php.ini` | High
37 | File | `/Content/Template/root/reverse-shell.aspx` | High
38 | File | `/core/conditions/AbstractWrapper.java` | High
39 | File | `/etc/passwd` | Medium
40 | File | `/find-a-match` | High
41 | File | `/forum/away.php` | High
42 | File | `/friends` | Medium
43 | File | `/friends/ajax_invite` | High
44 | File | `/fusion/portal/action/Link` | High
45 | File | `/goform/fast_setting_wifi_set` | High
46 | File | `/goform/NatStaticSetting` | High
47 | File | `/goform/PowerSaveSet` | High
48 | File | `/goform/SetPptpServerCfg` | High
49 | File | `/goform/SetStaticRouteCfg` | High
50 | File | `/goform/WifiBasicSet` | High
51 | ... | ... | ...
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/.env` | Low
3 | File | `/accounts_con/register_account` | High
4 | File | `/admin/` | Low
5 | File | `/admin/add-category.php` | High
6 | File | `/admin/book_add.php` | High
7 | File | `/admin/book_row.php` | High
8 | File | `/admin/bwdates-report-details.php` | High
9 | File | `/admin/course.php` | High
10 | File | `/admin/departments/manage_department.php` | High
11 | File | `/admin/index.php` | High
12 | File | `/admin/ind_backstage.php` | High
13 | File | `/admin/list_onlineuser.php` | High
14 | File | `/admin/manage-pages.php` | High
15 | File | `/admin/manage-users.php` | High
16 | File | `/admin/options-theme.php` | High
17 | File | `/admin/pages/subjects.php` | High
18 | File | `/admin/pages/yearlevel.php` | High
19 | File | `/admin/students/manage_academic.php` | High
20 | File | `/admin/subject.php` | High
21 | File | `/admin/theme-edit.php` | High
22 | File | `/admin/upload/img` | High
23 | File | `/adplanet/PlanetUser` | High
24 | File | `/ample/app/ajax/member_data.php` | High
25 | File | `/api/authentication/login` | High
26 | File | `/api/upload.php` | High
27 | File | `/article/DelectArticleById/` | High
28 | File | `/auth/auth.php?user=1` | High
29 | File | `/b2b-supermarket/catalog/all-products` | High
30 | File | `/b2b-supermarket/shopping-cart` | High
31 | File | `/base/ecma-helpers.c` | High
32 | File | `/boaform/wlan_basic_set.cgi` | High
33 | File | `/cgi-bin/cstecgi.cgi` | High
34 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
35 | File | `/config,admin.jsp` | High
36 | File | `/config-manager/save` | High
37 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
38 | File | `/dashboard/createblog` | High
39 | File | `/debug/pprof` | Medium
40 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
41 | File | `/endpoint/add-guest.php` | High
42 | File | `/endpoint/add-user.php` | High
43 | File | `/etc/hosts.deny` | High
44 | File | `/file-manager/delete.php` | High
45 | File | `/file-manager/upload.php` | High
46 | File | `/forum/away.php` | High
47 | File | `/geoserver/gwc/rest.html` | High
48 | ... | ... | ...
There are 448 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 421 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References

10
actors/Dfni/README.md
查看文件

@ -35,7 +35,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
4 | ... | ... | ... | ...
There are 6 more TTP items available. Please use our online service to access the data.
There are 7 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -43,12 +43,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `FlexCell.ocx` | Medium
2 | File | `photo-gallery.php` | High
3 | File | `wp-admin/profile.php` | High
1 | File | `/ajax/openvpn/activate_ovpncfg.php` | High
2 | File | `FlexCell.ocx` | Medium
3 | File | `photo-gallery.php` | High
4 | ... | ... | ...
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References

2
actors/Dkvn/README.md
查看文件

@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

133
actors/Dominica Unknown/README.md
查看文件

@ -65,72 +65,73 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/+CSCOE+/logon.html` | High
2 | File | `/admin/photo.php` | High
3 | File | `/admin/upload.php` | High
4 | File | `/admin/user/add` | High
5 | File | `/api/baskets/{name}` | High
6 | File | `/APP_Installation.asp` | High
7 | File | `/blog` | Low
8 | File | `/categorypage.php` | High
9 | File | `/cm/delete` | Medium
10 | File | `/common/logViewer/logViewer.jsf` | High
11 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
12 | File | `/download` | Medium
13 | File | `/drivers/media/media-device.c` | High
14 | File | `/etc/master.passwd` | High
15 | File | `/filemanager/upload.php` | High
16 | File | `/forum/away.php` | High
17 | File | `/getcfg.php` | Medium
18 | File | `/home.php` | Medium
19 | File | `/homeaction.php` | High
20 | File | `/index.php` | Medium
21 | File | `/modules/profile/index.php` | High
22 | File | `/modules/tasks/summary.inc.php` | High
23 | File | `/multi-vendor-shopping-script/product-list.php` | High
24 | File | `/out.php` | Medium
25 | File | `/p` | Low
26 | File | `/preauth` | Medium
27 | File | `/products/details.asp` | High
28 | File | `/recordings/index.php` | High
29 | File | `/see_more_details.php` | High
30 | File | `/show_news.php` | High
31 | File | `/tmp/before` | Medium
32 | File | `/uncpath/` | Medium
33 | File | `/updownload/t.report` | High
34 | File | `/user.profile.php` | High
35 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
36 | File | `/wordpress/wp-admin/options-general.php` | High
37 | File | `/wp-admin` | Medium
38 | File | `/wp-admin/admin-ajax.php` | High
39 | File | `4.2.0.CP09` | Medium
40 | File | `account.asp` | Medium
41 | File | `adclick.php` | Medium
42 | File | `adm/systools.asp` | High
43 | File | `admin.php` | Medium
44 | File | `admin/admin.shtml` | High
45 | File | `Admin/ADM_Pagina.php` | High
46 | File | `admin/category.inc.php` | High
47 | File | `admin/main.asp` | High
48 | File | `admin/param/param_func.inc.php` | High
49 | File | `admin/y_admin.asp` | High
50 | File | `admincp.php?app=apps&do=save` | High
51 | File | `adminer.php` | Medium
52 | File | `administration/admins.php` | High
53 | File | `administrator/components/com_media/helpers/media.php` | High
54 | File | `admin_ok.asp` | Medium
55 | File | `album_portal.php` | High
56 | File | `app/Core/Paginator.php` | High
57 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
58 | File | `archive.php` | Medium
59 | File | `artlinks.dispnew.php` | High
60 | File | `auth.php` | Medium
61 | File | `bin/named/query.c` | High
62 | File | `blank.php` | Medium
63 | File | `blocklayered-ajax.php` | High
64 | File | `blogger-importer.php` | High
65 | ... | ... | ...
2 | File | `/admin/manage_academic.php` | High
3 | File | `/admin/photo.php` | High
4 | File | `/admin/upload.php` | High
5 | File | `/admin/user/add` | High
6 | File | `/api/baskets/{name}` | High
7 | File | `/APP_Installation.asp` | High
8 | File | `/blog` | Low
9 | File | `/categorypage.php` | High
10 | File | `/cm/delete` | Medium
11 | File | `/common/logViewer/logViewer.jsf` | High
12 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
13 | File | `/download` | Medium
14 | File | `/drivers/media/media-device.c` | High
15 | File | `/etc/master.passwd` | High
16 | File | `/filemanager/upload.php` | High
17 | File | `/forum/away.php` | High
18 | File | `/getcfg.php` | Medium
19 | File | `/home.php` | Medium
20 | File | `/homeaction.php` | High
21 | File | `/index.php` | Medium
22 | File | `/modules/profile/index.php` | High
23 | File | `/modules/tasks/summary.inc.php` | High
24 | File | `/multi-vendor-shopping-script/product-list.php` | High
25 | File | `/out.php` | Medium
26 | File | `/p` | Low
27 | File | `/preauth` | Medium
28 | File | `/products/details.asp` | High
29 | File | `/recordings/index.php` | High
30 | File | `/see_more_details.php` | High
31 | File | `/show_news.php` | High
32 | File | `/tmp/before` | Medium
33 | File | `/uncpath/` | Medium
34 | File | `/updownload/t.report` | High
35 | File | `/user.profile.php` | High
36 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
37 | File | `/wordpress/wp-admin/options-general.php` | High
38 | File | `/wp-admin` | Medium
39 | File | `/wp-admin/admin-ajax.php` | High
40 | File | `4.2.0.CP09` | Medium
41 | File | `account.asp` | Medium
42 | File | `adclick.php` | Medium
43 | File | `adm/systools.asp` | High
44 | File | `admin.php` | Medium
45 | File | `admin/admin.shtml` | High
46 | File | `Admin/ADM_Pagina.php` | High
47 | File | `admin/category.inc.php` | High
48 | File | `admin/main.asp` | High
49 | File | `admin/param/param_func.inc.php` | High
50 | File | `admin/y_admin.asp` | High
51 | File | `admincp.php?app=apps&do=save` | High
52 | File | `adminer.php` | Medium
53 | File | `administration/admins.php` | High
54 | File | `administrator/components/com_media/helpers/media.php` | High
55 | File | `admin_ok.asp` | Medium
56 | File | `album_portal.php` | High
57 | File | `app/Core/Paginator.php` | High
58 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
59 | File | `archive.php` | Medium
60 | File | `artlinks.dispnew.php` | High
61 | File | `auth.php` | Medium
62 | File | `awstats.pl` | Medium
63 | File | `bin/named/query.c` | High
64 | File | `blank.php` | Medium
65 | File | `blocklayered-ajax.php` | High
66 | ... | ... | ...
There are 572 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 583 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -149,4 +150,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/DoppelDridex/README.md
查看文件

@ -70,4 +70,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Dragonfly/README.md
查看文件

@ -91,4 +91,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

11
actors/Ecuador Unknown/README.md
查看文件

@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* [RU](https://vuldb.com/?country.ru)
* [GB](https://vuldb.com/?country.gb)
* [CZ](https://vuldb.com/?country.cz)
* ...
There are 10 more country items available. Please use our online service to access the data.
@ -161,7 +161,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
4 | ... | ... | ... | ...
There are 10 more TTP items available. Please use our online service to access the data.
There are 11 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -177,9 +177,10 @@ ID | Type | Indicator | Confidence
6 | File | `/_uuids` | Low
7 | File | `admin/dashboard.php` | High
8 | File | `agent/Core/SpawningKit/Spawner.h` | High
9 | ... | ... | ...
9 | File | `auth-gss2.c` | Medium
10 | ... | ... | ...
There are 69 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 72 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -198,4 +199,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

17
actors/ElectrumDosMiner/README.md
查看文件

@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1059.007 | CWE-79, CWE-80, CWE-84 | Cross Site Scripting | High
4 | ... | ... | ... | ...
There are 8 more TTP items available. Please use our online service to access the data.
There are 10 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -58,14 +58,13 @@ ID | Type | Indicator | Confidence
9 | File | `/spip.php` | Medium
10 | File | `addentry.php` | Medium
11 | File | `admin.php` | Medium
12 | File | `admin/admin.php` | High
13 | File | `admin/conf_users_edit.php` | High
14 | File | `admin/index.php` | High
15 | File | `AppCompatCache.exe` | High
16 | File | `ardguest.php` | Medium
17 | ... | ... | ...
12 | File | `admin/admin.guestbook.php` | High
13 | File | `admin/admin.php` | High
14 | File | `admin/conf_users_edit.php` | High
15 | File | `admin/index.php` | High
16 | ... | ... | ...
There are 137 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 127 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -82,4 +81,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

94
actors/Europe Unknown/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [JP](https://vuldb.com/?country.jp)
* ...
There are 28 more country items available. Please use our online service to access the data.
There are 32 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -57603,14 +57603,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
1 | T1006 | CWE-21, CWE-22, CWE-24 | Pathname Traversal | High
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-94 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 20 more TTP items available. Please use our online service to access the data.
There are 21 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -57618,44 +57618,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `%PROGRAMFILES(X86)%\TSplus\Clients\www.` | High
2 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
3 | File | `/.env` | Low
4 | File | `//proc/kcore` | Medium
5 | File | `/admin/add-category.php` | High
6 | File | `/admin/offenses/view_details.php` | High
7 | File | `/admin/theme-edit.php` | High
8 | File | `/ample/app/ajax/member_data.php` | High
9 | File | `/api/admin/system/store/order/list` | High
10 | File | `/api/authentication/login` | High
11 | File | `/api/upload.php` | High
12 | File | `/b2b-supermarket/shopping-cart` | High
13 | File | `/base/ecma-helpers.c` | High
14 | File | `/bin/rc4_crypt` | High
15 | File | `/cgi-bin/luci/api/switch` | High
16 | File | `/cgi-bin/luci;stok=/locale` | High
17 | File | `/cgi-bin/qcmap_auth` | High
18 | File | `/CMD_ACCOUNT_ADMIN` | High
19 | File | `/common/logViewer/logViewer.jsf` | High
20 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
21 | File | `/dishes.php` | Medium
22 | File | `/endpoint/add-user.php` | High
23 | File | `/etc/hosts.deny` | High
24 | File | `/forum/away.php` | High
25 | File | `/goform/formSysCmd` | High
26 | File | `/goform/goform_get_cmd_process` | High
27 | File | `/h/autoSaveDraft` | High
28 | File | `/HNAP1/` | Low
29 | File | `/home/admin/.ash_history` | High
30 | File | `/leave_system/classes/SystemSettings.php?f=update_settings` | High
31 | File | `/link/` | Low
32 | File | `/main/inc/ajax/dropbox.ajax.php` | High
33 | File | `/main/webservices/additional_webservices.php` | High
34 | File | `/oauth/idp/.well-known/openid-configuration` | High
35 | File | `/public/plugins/` | High
36 | ... | ... | ...
1 | File | `/accounts_con/register_account` | High
2 | File | `/admin/` | Low
3 | File | `/admin/book_add.php` | High
4 | File | `/admin/book_row.php` | High
5 | File | `/admin/bwdates-report-details.php` | High
6 | File | `/admin/controller/JobLogController.java` | High
7 | File | `/admin/course.php` | High
8 | File | `/admin/general.cgi` | High
9 | File | `/admin/index2.html` | High
10 | File | `/admin/ind_backstage.php` | High
11 | File | `/admin/manage-pages.php` | High
12 | File | `/admin/manage-users.php` | High
13 | File | `/admin/options-theme.php` | High
14 | File | `/admin/pages/subjects.php` | High
15 | File | `/admin/pages/yearlevel.php` | High
16 | File | `/admin/subject.php` | High
17 | File | `/admin/upload/img` | High
18 | File | `/adplanet/PlanetUser` | High
19 | File | `/api/admin/system/store/order/list` | High
20 | File | `/api/log/killJob` | High
21 | File | `/api/snapshot and /api/get_log_file` | High
22 | File | `/api/trackedEntityInstances` | High
23 | File | `/api/upload.php` | High
24 | File | `/api /v3/auth` | High
25 | File | `/article/DelectArticleById/` | High
26 | File | `/auth/auth.php?user=1` | High
27 | File | `/b2b-supermarket/catalog/all-products` | High
28 | File | `/b2b-supermarket/shopping-cart` | High
29 | File | `/boaform/wlan_basic_set.cgi` | High
30 | File | `/cgi-bin/cstecgi.cgi` | High
31 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
32 | File | `/cgi-bin/mainfunction.cgi` | High
33 | File | `/cgi-bin/qcmap_auth` | High
34 | File | `/cgi-bin/vitogate.cgi` | High
35 | File | `/classes/Master.php?f=delete_category` | High
36 | File | `/config,admin.jsp` | High
37 | File | `/config/getuser` | High
38 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
39 | File | `/debug/pprof` | Medium
40 | File | `/endpoint/add-guest.php` | High
41 | File | `/file-manager/delete.php` | High
42 | File | `/file-manager/upload.php` | High
43 | File | `/forum/away.php` | High
44 | ... | ... | ...
There are 307 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 382 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -57675,4 +57683,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

98
actors/EvilProxy/README.md
查看文件

@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [GB](https://vuldb.com/?country.gb)
* [IR](https://vuldb.com/?country.ir)
* ...
There are 19 more country items available. Please use our online service to access the data.
There are 22 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -39,11 +39,12 @@ ID | Technique | Weakness | Description | Confidence
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -52,54 +53,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `//WEB-INF` | Medium
3 | File | `/about.php` | Medium
4 | File | `/admin.php/update/getFile.html` | High
5 | File | `/admin/save.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/api/baskets/{name}` | High
8 | File | `/api/download` | High
9 | File | `/api/v1/alerts` | High
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
11 | File | `/api/v2/cli/commands` | High
2 | File | `/admin/save.php` | High
3 | File | `/admin/singlelogin.php?submit=1` | High
4 | File | `/admin/sys_sql_query.php` | High
5 | File | `/api/baskets/{name}` | High
6 | File | `/api/download` | High
7 | File | `/api/snapshot and /api/get_log_file` | High
8 | File | `/api/v1/alerts` | High
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
10 | File | `/api/v2/cli/commands` | High
11 | File | `/b2b-supermarket/shopping-cart` | High
12 | File | `/bitrix/admin/ldap_server_edit.php` | High
13 | File | `/category.php` | High
14 | File | `/categorypage.php` | High
15 | File | `/cgi-bin/luci/api/wireless` | High
16 | File | `/cgi-bin/vitogate.cgi` | High
17 | File | `/company/store` | High
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
19 | File | `/Controller/Ajaxfileupload.ashx` | High
20 | File | `/core/conditions/AbstractWrapper.java` | High
21 | File | `/debug/pprof` | Medium
22 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
23 | File | `/Duty/AjaxHandle/Write/UploadFile.ashx` | High
24 | File | `/etc/passwd` | Medium
25 | File | `/fcgi/scrut_fcgi.fcgi` | High
26 | File | `/forum/away.php` | High
27 | File | `/geoserver/gwc/rest.html` | High
28 | File | `/h/` | Low
29 | File | `/HNAP1` | Low
30 | File | `/inc/jquery/uploadify/uploadify.php` | High
31 | File | `/index.php?app=main&func=passport&action=login` | High
32 | File | `/index.php?page=category_list` | High
33 | File | `/jeecg-boot/sys/common/upload` | High
34 | File | `/jobinfo/` | Medium
35 | File | `/librarian/bookdetails.php` | High
36 | File | `/Moosikay/order.php` | High
37 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
38 | File | `/opac/Actions.php?a=login` | High
39 | File | `/PreviewHandler.ashx` | High
40 | File | `/proxy` | Low
41 | File | `/recipe-result` | High
42 | File | `/register.do` | Medium
43 | File | `/reservation/add_message.php` | High
44 | File | `/RPS2019Service/status.html` | High
45 | File | `/Service/ImageStationDataService.asmx` | High
46 | File | `/setting` | Medium
47 | ... | ... | ...
15 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
16 | File | `/cgi-bin/luci/api/wireless` | High
17 | File | `/cgi-bin/vitogate.cgi` | High
18 | File | `/company/store` | High
19 | File | `/Content/Template/root/reverse-shell.aspx` | High
20 | File | `/Controller/Ajaxfileupload.ashx` | High
21 | File | `/core/conditions/AbstractWrapper.java` | High
22 | File | `/debug/pprof` | Medium
23 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
24 | File | `/Duty/AjaxHandle/Write/UploadFile.ashx` | High
25 | File | `/etc/passwd` | Medium
26 | File | `/fcgi/scrut_fcgi.fcgi` | High
27 | File | `/forum/away.php` | High
28 | File | `/geoserver/gwc/rest.html` | High
29 | File | `/goform/formSysCmd` | High
30 | File | `/h/` | Low
31 | File | `/HNAP1` | Low
32 | File | `/hosts/firewall/ip` | High
33 | File | `/index.php/ccm/system/file/upload` | High
34 | File | `/jeecg-boot/sys/common/upload` | High
35 | File | `/oauth/idp/.well-known/openid-configuration` | High
36 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
37 | File | `/php/ping.php` | High
38 | File | `/proxy` | Low
39 | File | `/recipe-result` | High
40 | File | `/register.do` | Medium
41 | File | `/RPS2019Service/status.html` | High
42 | File | `/Service/ImageStationDataService.asmx` | High
43 | File | `/setting` | Medium
44 | ... | ... | ...
There are 409 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 383 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -118,4 +116,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/EwDoor/README.md
查看文件

@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Expiro/README.md
查看文件

@ -89,4 +89,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

4
actors/Farseer/README.md
查看文件

@ -8,8 +8,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Farseer:
* [CN](https://vuldb.com/?country.cn)
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [JP](https://vuldb.com/?country.jp)
* ...
@ -77,4 +77,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Finteam/README.md
查看文件

@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/FireBird RAT/README.md
查看文件

@ -70,4 +70,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Five Poisons/README.md
查看文件

@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

4
actors/French Polynesia Unknown/README.md
查看文件

@ -56,7 +56,7 @@ ID | Type | Indicator | Confidence
3 | File | `admin/downloadbackup.php` | High
4 | ... | ... | ...
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -75,4 +75,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/GermanWiper/README.md
查看文件

@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

4
actors/Gh0stRAT/README.md
查看文件

@ -145,7 +145,7 @@ ID | Type | Indicator | Confidence
31 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
32 | ... | ... | ...
There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 271 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -206,4 +206,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Ghostminer/README.md
查看文件

@ -54,4 +54,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Golang/README.md
查看文件

@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/GraphSteel/README.md
查看文件

@ -156,4 +156,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Grayling/README.md
查看文件

@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

13
actors/Grobios/README.md
查看文件

@ -31,7 +31,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1505 | CWE-89 | SQL Injection | High
4 | ... | ... | ... | ...
There are 3 more TTP items available. Please use our online service to access the data.
There are 4 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -39,9 +39,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `plugins/web/service/search/auto-completion/<domain>/en.xml` | High
2 | File | `userfiles/modules/users/controller/controller.php` | High
3 | Argument | `nx_id` | Low
1 | File | `/uncpath/` | Medium
2 | File | `ext/phar/phar.c` | High
3 | File | `plugins/web/service/search/auto-completion/<domain>/en.xml` | High
4 | ... | ... | ...
There are 2 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -58,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Guam Unknown/README.md
查看文件

@ -68,4 +68,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

7
actors/Guyana Unknown/README.md
查看文件

@ -121,9 +121,10 @@ ID | Type | Indicator | Confidence
64 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
65 | File | `artlinks.dispnew.php` | High
66 | File | `auth.php` | Medium
67 | ... | ... | ...
67 | File | `awstats.pl` | Medium
68 | ... | ... | ...
There are 586 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 593 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -142,4 +143,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

3
actors/HermeticWiper/README.md
查看文件

@ -14,6 +14,7 @@ The following _campaigns_ are known and can be associated with HermeticWiper:
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with HermeticWiper:
* [US](https://vuldb.com/?country.us)
* [ES](https://vuldb.com/?country.es)
## IOC - Indicator of Compromise
@ -58,4 +59,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/HiddenWasp/README.md
查看文件

@ -52,4 +52,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

45
actors/HopLight/README.md
查看文件

@ -57,32 +57,33 @@ ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/admin-panel1.php` | High
2 | File | `/admin/academic/studenview_left.php` | High
3 | File | `/admin/bookings/view_details.php` | High
4 | File | `/admin/controller/JobLogController.java` | High
5 | File | `/admin/login.php` | High
6 | File | `/ad_js.php` | Medium
7 | File | `/alerts/alertConfigField.php` | High
8 | File | `/api/v1/terminal/sessions/?limit=1` | High
9 | File | `/config/myfield/test.php` | High
10 | File | `/context/%2e/WEB-INF/web.xml` | High
11 | File | `/core/conditions/AbstractWrapper.java` | High
12 | File | `/data/remove` | Medium
13 | File | `/debug/pprof` | Medium
14 | File | `/etc/passwd` | Medium
15 | File | `/face-recognition-php/facepay-master/camera.php` | High
16 | File | `/forms/doLogin` | High
17 | File | `/fuel/index.php/fuel/logs/items` | High
18 | File | `/fuel/index.php/fuel/pages/items` | High
19 | File | `/goform/aspForm` | High
20 | File | `/image_zoom.php` | High
3 | File | `/admin/ajax.php` | High
4 | File | `/admin/ajax.php?action=confirm_order` | High
5 | File | `/admin/bookings/view_details.php` | High
6 | File | `/admin/controller/JobLogController.java` | High
7 | File | `/admin/login.php` | High
8 | File | `/alerts/alertConfigField.php` | High
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
10 | File | `/config/myfield/test.php` | High
11 | File | `/context/%2e/WEB-INF/web.xml` | High
12 | File | `/core/conditions/AbstractWrapper.java` | High
13 | File | `/data/remove` | Medium
14 | File | `/debug/pprof` | Medium
15 | File | `/etc/passwd` | Medium
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
17 | File | `/forms/doLogin` | High
18 | File | `/fuel/index.php/fuel/logs/items` | High
19 | File | `/fuel/index.php/fuel/pages/items` | High
20 | File | `/goform/aspForm` | High
21 | File | `/index.php` | Medium
22 | File | `/mkshop/Men/profile.php` | High
23 | File | `/modules/announcement/index.php?view=edit` | High
24 | File | `/param.file.tgz` | High
25 | File | `/proxy/` | Low
26 | ... | ... | ...
25 | File | `/php/exportrecord.php` | High
26 | File | `/proxy/` | Low
27 | ... | ... | ...
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 224 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -99,4 +100,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/HyperBro/README.md
查看文件

@ -72,4 +72,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

88
actors/IRCflu and Interplanetary Storm/README.md
查看文件

@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* [PL](https://vuldb.com/?country.pl)
* [DE](https://vuldb.com/?country.de)
* [FR](https://vuldb.com/?country.fr)
* ...
There are 2 more country items available. Please use our online service to access the data.
There are 4 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -30,7 +30,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-22 | Pathname Traversal | High
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
@ -45,46 +45,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `.htaccess` | Medium
2 | File | `/admin/loginc.php` | High
3 | File | `/admin/students/view_student.php` | High
4 | File | `/Applications/Calculator.app/Contents/MacOS/Calculator` | High
5 | File | `/cgi-bin/` | Medium
6 | File | `/cgi-bin/luci` | High
7 | File | `/common/info.cgi` | High
8 | File | `/config.cgi?webmin` | High
9 | File | `/data/inc/images.php` | High
10 | File | `/dev/block/mmcblk0rpmb` | High
11 | File | `/edit` | Low
12 | File | `/etc/passwd` | Medium
13 | File | `/etc/stunnel.key` | High
14 | File | `/etc/sysconfig/btrfsmaintenance` | High
15 | File | `/framework/modules/notfound/controllers/notfoundController.php` | High
16 | File | `/gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php` | High
17 | File | `/job-details` | Medium
18 | File | `/mib.db` | Low
19 | File | `/page/add` | Medium
20 | File | `/squashfs-root/www/HNAP1/control/SetWizardConfig.php` | High
21 | File | `/system-info/health` | High
22 | File | `/tmp/s48lose.tmp` | High
23 | File | `/tmp/xbindkeysrc-tmp` | High
24 | File | `/uncpath/` | Medium
25 | File | `/usr/local` | Medium
26 | File | `/var/log/nginx` | High
27 | File | `/var/run/jboss-eap/` | High
28 | File | `admin-ajax.php` | High
29 | File | `admin.jcomments.php` | High
30 | File | `admin.php` | Medium
31 | File | `admin/?n=language&c=language_general&a=doSearchParameter` | High
32 | File | `admin/?n=user&c=admin_user&a=doGetUserInfo` | High
33 | File | `admin/admin_log/index.html?user_id` | High
34 | File | `admin/admin_menu.php` | High
35 | File | `admin/config.php` | High
36 | File | `admin/content.php` | High
37 | File | `admin/edit_category.php` | High
38 | File | `admin/users` | Medium
39 | ... | ... | ...
2 | File | `/admin/config/uploadicon.php` | High
3 | File | `/admin/loginc.php` | High
4 | File | `/admin/students/view_student.php` | High
5 | File | `/Applications/Calculator.app/Contents/MacOS/Calculator` | High
6 | File | `/cgi-bin/` | Medium
7 | File | `/cgi-bin/luci` | High
8 | File | `/common/info.cgi` | High
9 | File | `/config.cgi?webmin` | High
10 | File | `/data/inc/images.php` | High
11 | File | `/dev/block/mmcblk0rpmb` | High
12 | File | `/edit` | Low
13 | File | `/etc/passwd` | Medium
14 | File | `/etc/stunnel.key` | High
15 | File | `/etc/sysconfig/btrfsmaintenance` | High
16 | File | `/framework/modules/notfound/controllers/notfoundController.php` | High
17 | File | `/gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php` | High
18 | File | `/inquiries/view_inquiry.php` | High
19 | File | `/job-details` | Medium
20 | File | `/mib.db` | Low
21 | File | `/page/add` | Medium
22 | File | `/squashfs-root/www/HNAP1/control/SetWizardConfig.php` | High
23 | File | `/system-info/health` | High
24 | File | `/tmp/s48lose.tmp` | High
25 | File | `/tmp/xbindkeysrc-tmp` | High
26 | File | `/uncpath/` | Medium
27 | File | `/usr/local` | Medium
28 | File | `/var/log/nginx` | High
29 | File | `/var/run/jboss-eap/` | High
30 | File | `admin-ajax.php` | High
31 | File | `admin.jcomments.php` | High
32 | File | `admin.php` | Medium
33 | File | `admin/?n=language&c=language_general&a=doSearchParameter` | High
34 | File | `admin/?n=user&c=admin_user&a=doGetUserInfo` | High
35 | File | `admin/admin_log/index.html?user_id` | High
36 | File | `admin/admin_menu.php` | High
37 | File | `admin/config.php` | High
38 | File | `admin/content.php` | High
39 | File | `admin/edit_category.php` | High
40 | File | `admin/users` | Medium
41 | ... | ... | ...
There are 335 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 350 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -101,4 +103,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

62
actors/JSSLoader/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [CN](https://vuldb.com/?country.cn)
* ...
There are 11 more country items available. Please use our online service to access the data.
There are 12 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -39,11 +39,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-22, CWE-23, CWE-36, CWE-425 | Pathname Traversal | High
1 | T1006 | CWE-22, CWE-23, CWE-29, CWE-36, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 20 more TTP items available. Please use our online service to access the data.
@ -59,37 +59,39 @@ ID | Type | Indicator | Confidence
3 | File | `/admin/manage-users.php` | High
4 | File | `/admin/modal_add_product.php` | High
5 | File | `/admin/reg.php` | High
6 | File | `/admin/service.php` | High
7 | File | `/admin/sys_sql_query.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/admin/users` | Medium
8 | File | `/Ant_Suxin.php` | High
9 | File | `/api/admin/user/list` | High
10 | File | `/api/authentication/login` | High
11 | File | `/api/thumbnail` | High
12 | File | `/App_Resource/UEditor/server/upload.aspx` | High
13 | File | `/blog/blogpublish.php` | High
14 | File | `/boaform/admin/formPing` | High
15 | File | `/cgi-bin/vitogate.cgi` | High
16 | File | `/collection/all` | High
17 | File | `/company/store` | High
18 | File | `/config-manager/save` | High
19 | File | `/config/getuser` | High
20 | File | `/config/php.ini` | High
21 | File | `/controllers/Blocks.php` | High
22 | File | `/dcim/rack/` | Medium
23 | File | `/debug/pprof` | Medium
24 | File | `/dede/tpl.php` | High
25 | File | `/download` | Medium
26 | File | `/download/image` | High
27 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
28 | File | `/endpoint/add-user.php` | High
29 | File | `/etc/hosts.deny` | High
30 | File | `/file/upload/1` | High
31 | File | `/filemanager/php/connector.php` | High
32 | File | `/goform/aspForm` | High
33 | File | `/goform/telnet` | High
34 | ... | ... | ...
12 | File | `/api /v3/auth` | High
13 | File | `/App_Resource/UEditor/server/upload.aspx` | High
14 | File | `/blog/blogpublish.php` | High
15 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
16 | File | `/cgi-bin/R19.9/easy1350.pl` | High
17 | File | `/cgi-bin/vitogate.cgi` | High
18 | File | `/collection/all` | High
19 | File | `/company/store` | High
20 | File | `/config-manager/save` | High
21 | File | `/config/getuser` | High
22 | File | `/config/php.ini` | High
23 | File | `/controllers/Blocks.php` | High
24 | File | `/debug/pprof` | Medium
25 | File | `/dede/tpl.php` | High
26 | File | `/download` | Medium
27 | File | `/download/image` | High
28 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
29 | File | `/endpoint/add-user.php` | High
30 | File | `/etc/hosts.deny` | High
31 | File | `/file-manager/upload.php` | High
32 | File | `/file/upload/1` | High
33 | File | `/filemanager/php/connector.php` | High
34 | File | `/goform/aspForm` | High
35 | File | `/goform/telnet` | High
36 | ... | ... | ...
There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 309 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -106,4 +108,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Joker/README.md
查看文件

@ -76,4 +76,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/KillSomeOne/README.md
查看文件

@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Kraken/README.md
查看文件

@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

6
actors/LACNIC Unknown/README.md
查看文件

@ -178,7 +178,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
4 | ... | ... | ... | ...
There are 5 more TTP items available. Please use our online service to access the data.
There are 6 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -191,7 +191,7 @@ ID | Type | Indicator | Confidence
3 | File | `cloudinit/config/cc_set_passwords.py` | High
4 | ... | ... | ...
There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -208,4 +208,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

95
actors/LabRat/README.md
查看文件

@ -9,7 +9,6 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with LabRat:
* [VN](https://vuldb.com/?country.vn)
* [CN](https://vuldb.com/?country.cn)
## IOC - Indicator of Compromise
@ -30,11 +29,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 22 more TTP items available. Please use our online service to access the data.
@ -45,50 +44,46 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/academy/home/courses` | High
2 | File | `/admin/adclass.php` | High
3 | File | `/admin/admin-profile.php` | High
4 | File | `/admin/sales/view_details.php` | High
5 | File | `/admin/students/view_details.php` | High
6 | File | `/ajax-files/followBoard.php` | High
7 | File | `/ajax.php?action=read_msg` | High
8 | File | `/api/cron/settings/setJob/` | High
9 | File | `/api/v1/snapshots` | High
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
11 | File | `/audit/log/log_management.php` | High
12 | File | `/auth/callback` | High
13 | File | `/authenticationendpoint/login.do` | High
14 | File | `/cgi-bin/mainfunction.cgi` | High
15 | File | `/cgi-bin/wlogin.cgi` | High
16 | File | `/cgi.cgi` | Medium
17 | File | `/classes/Users.php` | High
18 | File | `/collection/all` | High
19 | File | `/Content/Template/root/reverse-shell.aspx` | High
20 | File | `/ctcprotocol/Protocol` | High
21 | File | `/dottie.js` | Medium
22 | File | `/DXR.axd` | Medium
23 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
24 | File | `/env` | Low
25 | File | `/files/` | Low
26 | File | `/forms/doLogin` | High
27 | File | `/forum/away.php` | High
28 | File | `/goform/setportList` | High
29 | File | `/h/autoSaveDraft` | High
30 | File | `/index.php` | Medium
31 | File | `/index.php?p=admin/actions/users/send-password-reset-email` | High
32 | File | `/index.php?page=member` | High
33 | File | `/jurusanmatkul/data` | High
34 | File | `/librarian/bookdetails.php` | High
35 | File | `/log/decodmail.php` | High
36 | File | `/log/webmailattach.php` | High
37 | File | `/login.php?do=login` | High
38 | File | `/php-opos/index.php` | High
39 | File | `/public/login.htm` | High
40 | File | `/QueryView.php` | High
41 | File | `/recreate.php` | High
42 | ... | ... | ...
1 | File | `/?ajax-request=jnews` | High
2 | File | `/accounts/password_change/` | High
3 | File | `/act/ActDao.xml` | High
4 | File | `/admin/ajax.php?action=confirm_order` | High
5 | File | `/api/addusers` | High
6 | File | `/api/baskets/{name}` | High
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
8 | File | `/assets/something/services/AppModule.class` | High
9 | File | `/authenticationendpoint/login.do` | High
10 | File | `/b2b-supermarket/shopping-cart` | High
11 | File | `/blog/comment` | High
12 | File | `/bsms_ci/index.php` | High
13 | File | `/catalog/compare` | High
14 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
15 | File | `/cgi-bin/downloadFile.cgi` | High
16 | File | `/cgi-bin/kerbynet` | High
17 | File | `/cgi-bin/wlogin.cgi` | High
18 | File | `/classes/Users.php` | High
19 | File | `/clinic/disease_symptoms_view.php` | High
20 | File | `/debug/pprof` | Medium
21 | File | `/DXR.axd` | Medium
22 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
23 | File | `/forum/away.php` | High
24 | File | `/geoserver/gwc/rest.html` | High
25 | File | `/importexport.php` | High
26 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
27 | File | `/login` | Low
28 | File | `/mhds/clinic/view_details.php` | High
29 | File | `/modals/class_form.php` | High
30 | File | `/oauth/idp/.well-known/openid-configuration` | High
31 | File | `/php-opos/index.php` | High
32 | File | `/php/exportrecord.php` | High
33 | File | `/php/ping.php` | High
34 | File | `/plain` | Low
35 | File | `/proc/#####/fd/3` | High
36 | File | `/shell` | Low
37 | File | `/showfile.php` | High
38 | ... | ... | ...
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -105,4 +100,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Lapsus/README.md
查看文件

@ -141,4 +141,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

110
actors/Latvia Unknown/README.md
查看文件

@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Latvia Unknown:
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [US](https://vuldb.com/?country.us)
* [GB](https://vuldb.com/?country.gb)
* ...
There are 18 more country items available. Please use our online service to access the data.
There are 16 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -246,15 +246,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
There are 22 more TTP items available. Please use our online service to access the data.
There are 25 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -262,60 +262,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/?p=products` | Medium
3 | File | `/about.php` | Medium
4 | File | `/admin.php/update/getFile.html` | High
5 | File | `/admin/save.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/api/baskets/{name}` | High
8 | File | `/api/download` | High
9 | File | `/api/stl/actions/search` | High
10 | File | `/api/v1/alerts` | High
11 | File | `/api/v1/terminal/sessions/?limit=1` | High
12 | File | `/bin/ate` | Medium
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
14 | File | `/booking/show_bookings/` | High
15 | File | `/category.php` | High
16 | File | `/categorypage.php` | High
17 | File | `/cgi-bin` | Medium
18 | File | `/cgi-bin/luci/api/wireless` | High
19 | File | `/cgi-bin/vitogate.cgi` | High
20 | File | `/company/store` | High
21 | File | `/Content/Template/root/reverse-shell.aspx` | High
22 | File | `/Controller/Ajaxfileupload.ashx` | High
23 | File | `/core/conditions/AbstractWrapper.java` | High
24 | File | `/dashboard/add-blog.php` | High
25 | File | `/debug/pprof` | Medium
26 | File | `/env` | Low
27 | File | `/etc/passwd` | Medium
28 | File | `/fcgi/scrut_fcgi.fcgi` | High
29 | File | `/feeds/post/publish` | High
30 | File | `/forum/away.php` | High
31 | File | `/group1/uploa` | High
32 | File | `/h/` | Low
33 | File | `/HNAP1` | Low
34 | File | `/inc/jquery/uploadify/uploadify.php` | High
35 | File | `/index.php?app=main&func=passport&action=login` | High
36 | File | `/index.php?page=category_list` | High
37 | File | `/jeecg-boot/sys/common/upload` | High
38 | File | `/jobinfo/` | Medium
39 | File | `/Moosikay/order.php` | High
40 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
41 | File | `/opac/Actions.php?a=login` | High
42 | File | `/php-sms/admin/?page=user/manage_user` | High
43 | File | `/PreviewHandler.ashx` | High
44 | File | `/recipe-result` | High
45 | File | `/register.do` | Medium
46 | File | `/reservation/add_message.php` | High
47 | File | `/resources//../` | High
48 | File | `/RPS2019Service/status.html` | High
49 | File | `/Service/ImageStationDataService.asmx` | High
50 | File | `/sicweb-ajax/tmproot/` | High
51 | File | `/spip.php` | Medium
52 | ... | ... | ...
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/controller/JobLogController.java` | High
3 | File | `/admin/save.php` | High
4 | File | `/api/baskets/{name}` | High
5 | File | `/api/download` | High
6 | File | `/api/sys/login` | High
7 | File | `/api/sys/set_passwd` | High
8 | File | `/api/trackedEntityInstances` | High
9 | File | `/api/v1/alerts` | High
10 | File | `/api/v1/terminal/sessions/?limit=1` | High
11 | File | `/b2b-supermarket/shopping-cart` | High
12 | File | `/bitrix/admin/ldap_server_edit.php` | High
13 | File | `/category.php` | High
14 | File | `/categorypage.php` | High
15 | File | `/cgi-bin/luci/api/wireless` | High
16 | File | `/cgi-bin/vitogate.cgi` | High
17 | File | `/changePassword` | High
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
19 | File | `/core/conditions/AbstractWrapper.java` | High
20 | File | `/dashboard/add-blog.php` | High
21 | File | `/debug/pprof` | Medium
22 | File | `/dist/index.js` | High
23 | File | `/ecshop/admin/template.php` | High
24 | File | `/etc/passwd` | Medium
25 | File | `/fcgi/scrut_fcgi.fcgi` | High
26 | File | `/forum/away.php` | High
27 | File | `/geoserver/gwc/rest.html` | High
28 | File | `/goform/formSysCmd` | High
29 | File | `/group1/uploa` | High
30 | File | `/HNAP1` | Low
31 | File | `/hosts/firewall/ip` | High
32 | File | `/index.php/ccm/system/file/upload` | High
33 | File | `/jeecg-boot/sys/common/upload` | High
34 | File | `/oauth/idp/.well-known/openid-configuration` | High
35 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
36 | File | `/php/ping.php` | High
37 | File | `/proxy` | Low
38 | File | `/recipe-result` | High
39 | File | `/register.do` | Medium
40 | File | `/resources//../` | High
41 | File | `/RPS2019Service/status.html` | High
42 | File | `/s/index.php?action=statistics` | High
43 | File | `/setting` | Medium
44 | ... | ... | ...
There are 449 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 378 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -334,4 +326,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

4
actors/LgoogLoader/README.md
查看文件

@ -46,7 +46,7 @@ ID | Type | Indicator | Confidence
7 | File | `cgi-bin/qcmap_web_cgi` | High
8 | ... | ... | ...
There are 58 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 59 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -63,4 +63,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

83
actors/Liberia Unknown/README.md
查看文件

@ -55,7 +55,7 @@ ID | Technique | Weakness | Description | Confidence
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | ... | ... | ... | ...
There are 15 more TTP items available. Please use our online service to access the data.
There are 16 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -66,46 +66,47 @@ ID | Type | Indicator | Confidence
1 | File | `.procmailrc` | Medium
2 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
4 | File | `/admin/ajax/avatar.php` | High
5 | File | `/admin/forgot-password.php` | High
6 | File | `/admin/index.php` | High
7 | File | `/admin/lab.php` | High
8 | File | `/admin/login.php` | High
9 | File | `/admin/payment.php` | High
10 | File | `/admin/show.php` | High
11 | File | `/default.php?idx=17` | High
12 | File | `/download` | Medium
13 | File | `/env` | Low
14 | File | `/forum/away.php` | High
15 | File | `/index.php` | Medium
16 | File | `/opt/bin/cli` | Medium
17 | File | `/p` | Low
18 | File | `/patient/doctors.php` | High
19 | File | `/phpinventory/editcategory.php` | High
20 | File | `/php_action/createUser.php` | High
21 | File | `/product-list.php` | High
22 | File | `/spip.php` | Medium
23 | File | `/uapi/doc` | Medium
24 | File | `/uncpath/` | Medium
25 | File | `/updown/upload.cgi` | High
26 | File | `/user/del.php` | High
27 | File | `/wp-admin/admin-ajax.php` | High
28 | File | `/_next` | Low
29 | File | `123flashchat.php` | High
30 | File | `act.php` | Low
31 | File | `admin.php/pay` | High
32 | File | `admin/bad.php` | High
33 | File | `admin/index.php` | High
34 | File | `admin/index.php/user/del/1` | High
35 | File | `admin/index.php?id=themes&action=edit_chunk` | High
36 | File | `administrator/index.php` | High
37 | File | `agenda.php` | Medium
38 | File | `ajax/render/widget_php` | High
39 | File | `album_portal.php` | High
40 | File | `api.php` | Low
41 | ... | ... | ...
4 | File | `/admin/add-services.php` | High
5 | File | `/admin/ajax/avatar.php` | High
6 | File | `/admin/edit-services.php` | High
7 | File | `/admin/forgot-password.php` | High
8 | File | `/admin/index.php` | High
9 | File | `/admin/lab.php` | High
10 | File | `/admin/login.php` | High
11 | File | `/admin/payment.php` | High
12 | File | `/admin/show.php` | High
13 | File | `/boat/login.php` | High
14 | File | `/clinic/disease_symptoms_view.php` | High
15 | File | `/default.php?idx=17` | High
16 | File | `/download` | Medium
17 | File | `/env` | Low
18 | File | `/forum/away.php` | High
19 | File | `/index.php` | Medium
20 | File | `/opt/bin/cli` | Medium
21 | File | `/p` | Low
22 | File | `/patient/doctors.php` | High
23 | File | `/phpinventory/editcategory.php` | High
24 | File | `/php_action/createUser.php` | High
25 | File | `/product-list.php` | High
26 | File | `/spip.php` | Medium
27 | File | `/uapi/doc` | Medium
28 | File | `/uncpath/` | Medium
29 | File | `/updown/upload.cgi` | High
30 | File | `/user/del.php` | High
31 | File | `/wp-admin/admin-ajax.php` | High
32 | File | `/_next` | Low
33 | File | `123flashchat.php` | High
34 | File | `act.php` | Low
35 | File | `admin.php/pay` | High
36 | File | `admin/bad.php` | High
37 | File | `admin/index.php` | High
38 | File | `admin/index.php/user/del/1` | High
39 | File | `admin/index.php?id=themes&action=edit_chunk` | High
40 | File | `admin/products/controller.php?action=add` | High
41 | File | `administrator/index.php` | High
42 | ... | ... | ...
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 363 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -124,4 +125,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

108
actors/Liechtenstein Unknown/README.md
查看文件

@ -85,14 +85,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -100,65 +100,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/about.php` | Medium
3 | File | `/admin.php/update/getFile.html` | High
4 | File | `/admin/cashadvance_row.php` | High
5 | File | `/admin/maintenance/view_designation.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/admin/userprofile.php` | High
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
10 | File | `/api/baskets/{name}` | High
11 | File | `/APR/login.php` | High
12 | File | `/bin/httpd` | Medium
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
14 | File | `/cgi-bin/luci/api/wireless` | High
15 | File | `/cgi-bin/wapopen` | High
16 | File | `/company/store` | High
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
18 | File | `/Controller/Ajaxfileupload.ashx` | High
19 | File | `/core/conditions/AbstractWrapper.java` | High
20 | File | `/dev/block/mmcblk0rpmb` | High
21 | File | `/etc/passwd` | Medium
22 | File | `/feeds/post/publish` | High
23 | File | `/forum/away.php` | High
24 | File | `/fos/admin/ajax.php?action=login` | High
25 | File | `/fos/admin/index.php?page=menu` | High
26 | File | `/h/` | Low
27 | File | `/home/masterConsole` | High
28 | File | `/home/sendBroadcast` | High
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
30 | File | `/index.php?app=main&func=passport&action=login` | High
31 | File | `/index.php?page=category_list` | High
32 | File | `/jeecg-boot/sys/common/upload` | High
33 | File | `/jobinfo/` | Medium
34 | File | `/Moosikay/order.php` | High
35 | File | `/mygym/admin/index.php?view_exercises` | High
36 | File | `/opac/Actions.php?a=login` | High
37 | File | `/php-opos/index.php` | High
38 | File | `/PreviewHandler.ashx` | High
39 | File | `/public/launchNewWindow.jsp` | High
40 | File | `/recipe-result` | High
41 | File | `/register.do` | Medium
42 | File | `/reservation/add_message.php` | High
43 | File | `/Service/ImageStationDataService.asmx` | High
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/save.php` | High
3 | File | `/admin/sys_sql_query.php` | High
4 | File | `/api/baskets/{name}` | High
5 | File | `/api/download` | High
6 | File | `/api/v1/alerts` | High
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
8 | File | `/b2b-supermarket/shopping-cart` | High
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
10 | File | `/category.php` | High
11 | File | `/categorypage.php` | High
12 | File | `/cgi-bin/luci/api/wireless` | High
13 | File | `/cgi-bin/vitogate.cgi` | High
14 | File | `/company/store` | High
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
16 | File | `/Controller/Ajaxfileupload.ashx` | High
17 | File | `/core/conditions/AbstractWrapper.java` | High
18 | File | `/debug/pprof` | Medium
19 | File | `/etc/passwd` | Medium
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
21 | File | `/forum/away.php` | High
22 | File | `/geoserver/gwc/rest.html` | High
23 | File | `/goform/formSysCmd` | High
24 | File | `/h/` | Low
25 | File | `/HNAP1` | Low
26 | File | `/hosts/firewall/ip` | High
27 | File | `/inc/jquery/uploadify/uploadify.php` | High
28 | File | `/index.php/ccm/system/file/upload` | High
29 | File | `/index.php?app=main&func=passport&action=login` | High
30 | File | `/index.php?page=category_list` | High
31 | File | `/jeecg-boot/sys/common/upload` | High
32 | File | `/jobinfo/` | Medium
33 | File | `/oauth/idp/.well-known/openid-configuration` | High
34 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
35 | File | `/php/ping.php` | High
36 | File | `/PreviewHandler.ashx` | High
37 | File | `/proxy` | Low
38 | File | `/recipe-result` | High
39 | File | `/register.do` | Medium
40 | File | `/RPS2019Service/status.html` | High
41 | File | `/Service/ImageStationDataService.asmx` | High
42 | File | `/setting` | Medium
43 | File | `/sicweb-ajax/tmproot/` | High
44 | File | `/spip.php` | Medium
45 | File | `/student/bookdetails.php` | High
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
47 | File | `/uncpath/` | Medium
48 | File | `/uploads/exam_question/` | High
49 | File | `/user/ticket/create` | High
50 | File | `/user/updatePwd` | High
51 | File | `/UserSelfServiceSettings.jsp` | High
52 | File | `/var/lib/docker/<remapping>` | High
53 | File | `/wireless/security.asp` | High
54 | File | `/wp-admin/admin-ajax.php` | High
55 | File | `/xxl-job-admin/user/add` | High
56 | File | `01article.php` | High
57 | ... | ... | ...
45 | ... | ... | ...
There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -177,4 +165,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Lock360/README.md
查看文件

@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Lumma Stealer/README.md
查看文件

@ -120,4 +120,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Luna Moth/README.md
查看文件

@ -108,4 +108,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

108
actors/Luxembourg Unknown/README.md
查看文件

@ -287,14 +287,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -302,67 +302,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/about.php` | Medium
3 | File | `/admin.php/update/getFile.html` | High
4 | File | `/admin/cashadvance_row.php` | High
5 | File | `/admin/maintenance/view_designation.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/admin/userprofile.php` | High
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
10 | File | `/api/baskets/{name}` | High
11 | File | `/APR/login.php` | High
12 | File | `/bin/httpd` | Medium
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
14 | File | `/cgi-bin/luci/api/wireless` | High
15 | File | `/cgi-bin/wapopen` | High
16 | File | `/company/store` | High
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
18 | File | `/Controller/Ajaxfileupload.ashx` | High
19 | File | `/core/conditions/AbstractWrapper.java` | High
20 | File | `/etc/passwd` | Medium
21 | File | `/feeds/post/publish` | High
22 | File | `/forum/away.php` | High
23 | File | `/fos/admin/ajax.php?action=login` | High
24 | File | `/fos/admin/index.php?page=menu` | High
25 | File | `/h/` | Low
26 | File | `/home/masterConsole` | High
27 | File | `/home/sendBroadcast` | High
28 | File | `/inc/jquery/uploadify/uploadify.php` | High
29 | File | `/index.php?app=main&func=passport&action=login` | High
30 | File | `/index.php?page=category_list` | High
31 | File | `/jeecg-boot/sys/common/upload` | High
32 | File | `/jobinfo/` | Medium
33 | File | `/Moosikay/order.php` | High
34 | File | `/mygym/admin/index.php?view_exercises` | High
35 | File | `/opac/Actions.php?a=login` | High
36 | File | `/php-opos/index.php` | High
37 | File | `/PreviewHandler.ashx` | High
38 | File | `/public/launchNewWindow.jsp` | High
39 | File | `/recipe-result` | High
40 | File | `/register.do` | Medium
41 | File | `/reservation/add_message.php` | High
42 | File | `/Service/ImageStationDataService.asmx` | High
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/save.php` | High
3 | File | `/admin/sys_sql_query.php` | High
4 | File | `/api/baskets/{name}` | High
5 | File | `/api/download` | High
6 | File | `/api/v1/alerts` | High
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
8 | File | `/b2b-supermarket/shopping-cart` | High
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
10 | File | `/category.php` | High
11 | File | `/categorypage.php` | High
12 | File | `/cgi-bin/luci/api/wireless` | High
13 | File | `/cgi-bin/vitogate.cgi` | High
14 | File | `/company/store` | High
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
16 | File | `/Controller/Ajaxfileupload.ashx` | High
17 | File | `/core/conditions/AbstractWrapper.java` | High
18 | File | `/debug/pprof` | Medium
19 | File | `/etc/passwd` | Medium
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
21 | File | `/forum/away.php` | High
22 | File | `/geoserver/gwc/rest.html` | High
23 | File | `/goform/formSysCmd` | High
24 | File | `/h/` | Low
25 | File | `/HNAP1` | Low
26 | File | `/hosts/firewall/ip` | High
27 | File | `/index.php/ccm/system/file/upload` | High
28 | File | `/index.php?app=main&func=passport&action=login` | High
29 | File | `/jeecg-boot/sys/common/upload` | High
30 | File | `/jobinfo/` | Medium
31 | File | `/oauth/idp/.well-known/openid-configuration` | High
32 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
33 | File | `/php/ping.php` | High
34 | File | `/PreviewHandler.ashx` | High
35 | File | `/proxy` | Low
36 | File | `/recipe-result` | High
37 | File | `/register.do` | Medium
38 | File | `/RPS2019Service/status.html` | High
39 | File | `/s/index.php?action=statistics` | High
40 | File | `/Service/ImageStationDataService.asmx` | High
41 | File | `/setting` | Medium
42 | File | `/sicweb-ajax/tmproot/` | High
43 | File | `/spip.php` | Medium
44 | File | `/student/bookdetails.php` | High
45 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
46 | File | `/uncpath/` | Medium
47 | File | `/uploads/exam_question/` | High
48 | File | `/user/ticket/create` | High
49 | File | `/user/updatePwd` | High
50 | File | `/UserSelfServiceSettings.jsp` | High
51 | File | `/var/lib/docker/<remapping>` | High
52 | File | `/wireless/security.asp` | High
53 | File | `/wp-admin/admin-ajax.php` | High
54 | File | `/xxl-job-admin/user/add` | High
55 | File | `a-forms.php` | Medium
56 | File | `activenews_view.asp` | High
57 | File | `adclick.php` | Medium
58 | File | `admin.a6mambocredits.php` | High
59 | ... | ... | ...
45 | ... | ... | ...
There are 516 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -381,4 +367,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

113
actors/Madagascar Unknown/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [GB](https://vuldb.com/?country.gb)
* ...
There are 16 more country items available. Please use our online service to access the data.
There are 14 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -86,14 +86,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
7 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -101,61 +102,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/about.php` | Medium
3 | File | `/act/ActDao.xml` | High
4 | File | `/admin.php/update/getFile.html` | High
5 | File | `/admin/bookings/manage_booking.php` | High
6 | File | `/admin/del_service.php` | High
7 | File | `/admin/index.php` | High
8 | File | `/admin/sys_sql_query.php` | High
9 | File | `/api/baskets/{name}` | High
10 | File | `/api/upload.php` | High
11 | File | `/api/v1/terminal/sessions/?limit=1` | High
12 | File | `/app/sys1.php` | High
13 | File | `/application/common.php#action_log` | High
14 | File | `/bin/ate` | Medium
15 | File | `/bitrix/admin/ldap_server_edit.php` | High
16 | File | `/category.php` | High
17 | File | `/cgi-bin/kerbynet` | High
18 | File | `/cgi-bin/luci/api/wireless` | High
19 | File | `/cgi-bin/luci;stok=/locale` | High
20 | File | `/classes/Master.php?f=delete_category` | High
21 | File | `/classes/Master.php?f=delete_inquiry` | High
22 | File | `/classes/Master.php?f=delete_item` | High
23 | File | `/classes/Master.php?f=delete_service` | High
24 | File | `/classes/Master.php?f=save_service` | High
25 | File | `/classes/Users.php` | High
26 | File | `/classes/Users.php?f=save` | High
27 | File | `/company/store` | High
28 | File | `/config/php.ini` | High
29 | File | `/Content/Template/root/reverse-shell.aspx` | High
30 | File | `/Controller/Ajaxfileupload.ashx` | High
31 | File | `/core/conditions/AbstractWrapper.java` | High
32 | File | `/etc/passwd` | Medium
33 | File | `/ethash/algorithm.go` | High
34 | File | `/export` | Low
35 | File | `/feeds/post/publish` | High
36 | File | `/filemanager/upload/drop` | High
37 | File | `/forum/away.php` | High
38 | File | `/gaia-job-admin/user/add` | High
39 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
40 | File | `/goForm/aspForm` | High
41 | File | `/group1/uploa` | High
42 | File | `/h/` | Low
43 | File | `/inc/jquery/uploadify/uploadify.php` | High
44 | File | `/index.php/archives/1/comment` | High
45 | File | `/index.php?app=main&func=passport&action=login` | High
46 | File | `/index.php?page=category_list` | High
47 | File | `/install/index.php` | High
48 | File | `/ipms/imageConvert/image` | High
49 | File | `/jeecg-boot/sys/common/upload` | High
50 | File | `/jobinfo/` | Medium
51 | File | `/log/decodmail.php` | High
52 | File | `/login.php` | Medium
53 | ... | ... | ...
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/controller/JobLogController.java` | High
3 | File | `/admin/index2.html` | High
4 | File | `/admin/save.php` | High
5 | File | `/api/authentication/login` | High
6 | File | `/api/baskets/{name}` | High
7 | File | `/api/download` | High
8 | File | `/api/v1/alerts` | High
9 | File | `/api/v1/terminal/sessions/?limit=1` | High
10 | File | `/api /v3/auth` | High
11 | File | `/app/sys1.php` | High
12 | File | `/b2b-supermarket/shopping-cart` | High
13 | File | `/bin/rc4_crypt` | High
14 | File | `/category.php` | High
15 | File | `/categorypage.php` | High
16 | File | `/cgi-bin/luci/api/switch` | High
17 | File | `/cgi-bin/luci/api/wireless` | High
18 | File | `/cgi-bin/qcmap_auth` | High
19 | File | `/cgi-bin/vitogate.cgi` | High
20 | File | `/CMD_ACCOUNT_ADMIN` | High
21 | File | `/conf/` | Low
22 | File | `/config/getuser` | High
23 | File | `/config/php.ini` | High
24 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
25 | File | `/Content/Template/root/reverse-shell.aspx` | High
26 | File | `/dayrui/My/View/main.html` | High
27 | File | `/debug/pprof` | Medium
28 | File | `/etc/init.d/openfire` | High
29 | File | `/ethash/algorithm.go` | High
30 | File | `/fcgi/scrut_fcgi.fcgi` | High
31 | File | `/filemanager/upload/drop` | High
32 | File | `/forum/away.php` | High
33 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
34 | File | `/geoserver/gwc/rest.html` | High
35 | File | `/goform/formSysCmd` | High
36 | File | `/HNAP1` | Low
37 | File | `/hosts/firewall/ip` | High
38 | File | `/index.php/ccm/system/file/upload` | High
39 | File | `/jeecg-boot/sys/common/upload` | High
40 | File | `/jerry-core/ecma/base/ecma-helpers-string.c` | High
41 | File | `/link/` | Low
42 | File | `/log/decodmail.php` | High
43 | File | `/oauth/idp/.well-known/openid-configuration` | High
44 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
45 | ... | ... | ...
There are 463 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -174,4 +167,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

90
actors/Maldives Unknown/README.md
查看文件

@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Maldives Unknown:
* [US](https://vuldb.com/?country.us)
* [ES](https://vuldb.com/?country.es)
* [GB](https://vuldb.com/?country.gb)
* [ES](https://vuldb.com/?country.es)
* ...
There are 21 more country items available. Please use our online service to access the data.
There are 22 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -61,48 +61,50 @@ ID | Type | Indicator | Confidence
1 | File | `.htaccess` | Medium
2 | File | `/?Page=Node/OBJ=/System/DeviceFolder/DeviceFolder/DateTime/Action=Submit` | High
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
4 | File | `/admin/addemployee.php` | High
5 | File | `/admin/ajax/avatar.php` | High
6 | File | `/admin/index.php` | High
7 | File | `/admin/login.php` | High
8 | File | `/admin/show.php` | High
9 | File | `/api/file_uploader.php` | High
10 | File | `/apilog.php` | Medium
11 | File | `/default.php?idx=17` | High
12 | File | `/filemanager/upload.php` | High
13 | File | `/forum/away.php` | High
14 | File | `/index.php` | Medium
15 | File | `/mifs/c/i/reg/reg.html` | High
16 | File | `/opt/bin/cli` | Medium
17 | File | `/out.php` | Medium
18 | File | `/patient/doctors.php` | High
19 | File | `/phpinventory/editcategory.php` | High
20 | File | `/spip.php` | Medium
21 | File | `/tmp` | Low
22 | File | `/uncpath/` | Medium
23 | File | `/updater.php` | Medium
24 | File | `/var/log/nginx` | High
25 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
26 | File | `/wp-admin/admin-ajax.php` | High
27 | File | `admin` | Low
28 | File | `admin.php` | Medium
29 | File | `admin.php/pay` | High
30 | File | `admin/adminsignin.html` | High
31 | File | `admin/bad.php` | High
32 | File | `admin/index.php?id=themes&action=edit_chunk` | High
33 | File | `admin/keyWord_deal.php?mudi=add` | High
34 | File | `admin/loginform.php` | High
35 | File | `admin/movieview.php` | High
36 | File | `admin/versions.html` | High
37 | File | `AdminByRequest.exe` | High
38 | File | `administrator/components/com_media/helpers/media.php` | High
39 | File | `administrator/index.php` | High
40 | File | `administrator/mail/download.cfm` | High
41 | File | `AdminUpdateController.class.php` | High
42 | File | `agenda.php` | Medium
43 | ... | ... | ...
4 | File | `/admin/add-services.php` | High
5 | File | `/admin/addemployee.php` | High
6 | File | `/admin/ajax/avatar.php` | High
7 | File | `/admin/edit-services.php` | High
8 | File | `/admin/index.php` | High
9 | File | `/admin/login.php` | High
10 | File | `/admin/show.php` | High
11 | File | `/api/file_uploader.php` | High
12 | File | `/apilog.php` | Medium
13 | File | `/boat/login.php` | High
14 | File | `/clinic/disease_symptoms_view.php` | High
15 | File | `/default.php?idx=17` | High
16 | File | `/filemanager/upload.php` | High
17 | File | `/forum/away.php` | High
18 | File | `/index.php` | Medium
19 | File | `/mifs/c/i/reg/reg.html` | High
20 | File | `/opt/bin/cli` | Medium
21 | File | `/out.php` | Medium
22 | File | `/patient/doctors.php` | High
23 | File | `/phpinventory/editcategory.php` | High
24 | File | `/spip.php` | Medium
25 | File | `/tmp` | Low
26 | File | `/uncpath/` | Medium
27 | File | `/updater.php` | Medium
28 | File | `/var/log/nginx` | High
29 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
30 | File | `/wp-admin/admin-ajax.php` | High
31 | File | `admin` | Low
32 | File | `admin.php` | Medium
33 | File | `admin.php/pay` | High
34 | File | `admin/adminsignin.html` | High
35 | File | `admin/bad.php` | High
36 | File | `admin/index.php?id=themes&action=edit_chunk` | High
37 | File | `admin/keyWord_deal.php?mudi=add` | High
38 | File | `admin/loginform.php` | High
39 | File | `admin/movieview.php` | High
40 | File | `admin/products/controller.php?action=add` | High
41 | File | `admin/versions.html` | High
42 | File | `AdminByRequest.exe` | High
43 | File | `administrator/components/com_media/helpers/media.php` | High
44 | File | `administrator/index.php` | High
45 | ... | ... | ...
There are 371 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -121,4 +123,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

108
actors/Marshall Islands Unknown/README.md
查看文件

@ -35,14 +35,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -50,65 +50,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/about.php` | Medium
3 | File | `/admin.php/update/getFile.html` | High
4 | File | `/admin/cashadvance_row.php` | High
5 | File | `/admin/maintenance/view_designation.php` | High
6 | File | `/admin/sys_sql_query.php` | High
7 | File | `/admin/userprofile.php` | High
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
10 | File | `/api/baskets/{name}` | High
11 | File | `/APR/login.php` | High
12 | File | `/bin/httpd` | Medium
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
14 | File | `/cgi-bin/luci/api/wireless` | High
15 | File | `/cgi-bin/wapopen` | High
16 | File | `/company/store` | High
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
18 | File | `/Controller/Ajaxfileupload.ashx` | High
19 | File | `/core/conditions/AbstractWrapper.java` | High
20 | File | `/dev/block/mmcblk0rpmb` | High
21 | File | `/etc/passwd` | Medium
22 | File | `/feeds/post/publish` | High
23 | File | `/forum/away.php` | High
24 | File | `/fos/admin/ajax.php?action=login` | High
25 | File | `/fos/admin/index.php?page=menu` | High
26 | File | `/h/` | Low
27 | File | `/home/masterConsole` | High
28 | File | `/home/sendBroadcast` | High
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
30 | File | `/index.php?app=main&func=passport&action=login` | High
31 | File | `/index.php?page=category_list` | High
32 | File | `/jeecg-boot/sys/common/upload` | High
33 | File | `/jobinfo/` | Medium
34 | File | `/Moosikay/order.php` | High
35 | File | `/mygym/admin/index.php?view_exercises` | High
36 | File | `/opac/Actions.php?a=login` | High
37 | File | `/php-opos/index.php` | High
38 | File | `/PreviewHandler.ashx` | High
39 | File | `/public/launchNewWindow.jsp` | High
40 | File | `/recipe-result` | High
41 | File | `/register.do` | Medium
42 | File | `/reservation/add_message.php` | High
43 | File | `/Service/ImageStationDataService.asmx` | High
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/save.php` | High
3 | File | `/admin/sys_sql_query.php` | High
4 | File | `/api/baskets/{name}` | High
5 | File | `/api/download` | High
6 | File | `/api/v1/alerts` | High
7 | File | `/api/v1/terminal/sessions/?limit=1` | High
8 | File | `/b2b-supermarket/shopping-cart` | High
9 | File | `/bitrix/admin/ldap_server_edit.php` | High
10 | File | `/category.php` | High
11 | File | `/categorypage.php` | High
12 | File | `/cgi-bin/luci/api/wireless` | High
13 | File | `/cgi-bin/vitogate.cgi` | High
14 | File | `/company/store` | High
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
16 | File | `/Controller/Ajaxfileupload.ashx` | High
17 | File | `/core/conditions/AbstractWrapper.java` | High
18 | File | `/debug/pprof` | Medium
19 | File | `/etc/passwd` | Medium
20 | File | `/fcgi/scrut_fcgi.fcgi` | High
21 | File | `/forum/away.php` | High
22 | File | `/geoserver/gwc/rest.html` | High
23 | File | `/goform/formSysCmd` | High
24 | File | `/h/` | Low
25 | File | `/HNAP1` | Low
26 | File | `/hosts/firewall/ip` | High
27 | File | `/index.php/ccm/system/file/upload` | High
28 | File | `/index.php?app=main&func=passport&action=login` | High
29 | File | `/index.php?page=category_list` | High
30 | File | `/jeecg-boot/sys/common/upload` | High
31 | File | `/jobinfo/` | Medium
32 | File | `/oauth/idp/.well-known/openid-configuration` | High
33 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
34 | File | `/php/ping.php` | High
35 | File | `/PreviewHandler.ashx` | High
36 | File | `/proxy` | Low
37 | File | `/recipe-result` | High
38 | File | `/register.do` | Medium
39 | File | `/RPS2019Service/status.html` | High
40 | File | `/s/index.php?action=statistics` | High
41 | File | `/Service/ImageStationDataService.asmx` | High
42 | File | `/setting` | Medium
43 | File | `/sicweb-ajax/tmproot/` | High
44 | File | `/spip.php` | Medium
45 | File | `/student/bookdetails.php` | High
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
47 | File | `/uncpath/` | Medium
48 | File | `/uploads/exam_question/` | High
49 | File | `/user/ticket/create` | High
50 | File | `/user/updatePwd` | High
51 | File | `/UserSelfServiceSettings.jsp` | High
52 | File | `/var/lib/docker/<remapping>` | High
53 | File | `/wireless/security.asp` | High
54 | File | `/wp-admin/admin-ajax.php` | High
55 | File | `/xxl-job-admin/user/add` | High
56 | File | `01article.php` | High
57 | ... | ... | ...
45 | ... | ... | ...
There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 389 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -126,4 +114,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Mayotte Unknown/README.md
查看文件

@ -105,4 +105,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

95
actors/Mexico Unknown/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [ES](https://vuldb.com/?country.es)
* ...
There are 21 more country items available. Please use our online service to access the data.
There are 20 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -754,14 +754,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-35, CWE-36 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
6 | ... | ... | ... | ...
There are 21 more TTP items available. Please use our online service to access the data.
There are 22 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -769,61 +769,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `//WEB-INF` | Medium
2 | File | `/about.php` | Medium
3 | File | `/admin.php/update/getFile.html` | High
4 | File | `/admin/cashadvance_row.php` | High
5 | File | `/admin/index2.html` | High
6 | File | `/admin/maintenance/view_designation.php` | High
7 | File | `/admin/offenses/view_details.php` | High
8 | File | `/admin/sales/view_details.php` | High
9 | File | `/admin/sys_sql_query.php` | High
10 | File | `/admin/userprofile.php` | High
11 | File | `/api/baskets/{name}` | High
12 | File | `/ari/asterisk/variable` | High
13 | File | `/bitrix/admin/ldap_server_edit.php` | High
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/admin/index2.html` | High
3 | File | `/admin/save.php` | High
4 | File | `/admin/sys_sql_query.php` | High
5 | File | `/api/baskets/{name}` | High
6 | File | `/api/download` | High
7 | File | `/api/v1/alerts` | High
8 | File | `/api/v1/terminal/sessions/?limit=1` | High
9 | File | `/ari/asterisk/variable` | High
10 | File | `/b2b-supermarket/shopping-cart` | High
11 | File | `/bitrix/admin/ldap_server_edit.php` | High
12 | File | `/category.php` | High
13 | File | `/categorypage.php` | High
14 | File | `/cgi-bin/luci/api/wireless` | High
15 | File | `/cgi-bin/wlogin.cgi` | High
15 | File | `/cgi-bin/vitogate.cgi` | High
16 | File | `/company/store` | High
17 | File | `/Content/Template/root/reverse-shell.aspx` | High
18 | File | `/Controller/Ajaxfileupload.ashx` | High
19 | File | `/core/conditions/AbstractWrapper.java` | High
20 | File | `/E-mobile/App/System/File/downfile.php` | High
21 | File | `/Electron/download` | High
22 | File | `/etc/passwd` | Medium
23 | File | `/feeds/post/publish` | High
20 | File | `/debug/pprof` | Medium
21 | File | `/etc/passwd` | Medium
22 | File | `/fcgi/scrut_fcgi.fcgi` | High
23 | File | `/Forms/oadmin_1` | High
24 | File | `/forum/away.php` | High
25 | File | `/h/` | Low
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
27 | File | `/index.php` | Medium
28 | File | `/index.php?app=main&func=passport&action=login` | High
29 | File | `/index.php?page=category_list` | High
30 | File | `/jeecg-boot/sys/common/upload` | High
31 | File | `/jobinfo/` | Medium
32 | File | `/modules/projects/vw_files.php` | High
33 | File | `/Moosikay/order.php` | High
34 | File | `/opac/Actions.php?a=login` | High
35 | File | `/PreviewHandler.ashx` | High
25 | File | `/geoserver/gwc/rest.html` | High
26 | File | `/goform/formSysCmd` | High
27 | File | `/HNAP1` | Low
28 | File | `/hosts/firewall/ip` | High
29 | File | `/index.php` | Medium
30 | File | `/index.php/ccm/system/file/upload` | High
31 | File | `/jeecg-boot/sys/common/upload` | High
32 | File | `/nagiosxi/admin/banner_message-ajaxhelper.php` | High
33 | File | `/oauth/idp/.well-known/openid-configuration` | High
34 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
35 | File | `/php/ping.php` | High
36 | File | `/proxy` | Low
37 | File | `/public/login.htm` | High
38 | File | `/recipe-result` | High
39 | File | `/register.do` | Medium
40 | File | `/reservation/add_message.php` | High
41 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
42 | File | `/send_order.cgi?parameter=access_detect` | High
43 | File | `/Service/ImageStationDataService.asmx` | High
44 | File | `/spip.php` | Medium
45 | File | `/student/bookdetails.php` | High
46 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
47 | File | `/text/pdf/PdfReader.java` | High
48 | File | `/uploads/exam_question/` | High
49 | File | `/user/ticket/create` | High
50 | File | `/user/updatePwd` | High
51 | File | `/UserSelfServiceSettings.jsp` | High
52 | File | `/var/lib/docker/<remapping>` | High
53 | ... | ... | ...
37 | File | `/recipe-result` | High
38 | File | `/register.do` | Medium
39 | File | `/RPS2019Service/status.html` | High
40 | File | `/s/index.php?action=statistics` | High
41 | File | `/scripts/unlock_tasks.php` | High
42 | File | `/Service/ImageStationDataService.asmx` | High
43 | File | `/setting` | Medium
44 | ... | ... | ...
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 379 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -842,4 +833,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Minodo/README.md
查看文件

@ -102,4 +102,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Mint Sandstorm/README.md
查看文件

@ -71,4 +71,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Mirai Botnet for ZyXEL devices/README.md
查看文件

@ -27,4 +27,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

7183
actors/Mirai/README.md
查看文件

文件差异内容过多而无法显示 加载差异

21
actors/MirrorFace/README.md
查看文件

@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-94 | Cross Site Scripting | High
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | ... | ... | ... | ...
There are 12 more TTP items available. Please use our online service to access the data.
@ -57,15 +57,16 @@ ID | Type | Indicator | Confidence
2 | File | `/balance/service/list` | High
3 | File | `/index.php` | Medium
4 | File | `/members/view_member.php` | High
5 | File | `/owa/auth/logon.aspx` | High
6 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
7 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
8 | File | `/uncpath/` | Medium
9 | File | `ActivityManagerService.java` | High
10 | File | `adclick.php` | Medium
11 | ... | ... | ...
5 | File | `/mhds/clinic/view_details.php` | High
6 | File | `/owa/auth/logon.aspx` | High
7 | File | `/rest/api/latest/projectvalidate/key` | High
8 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
9 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
10 | File | `/uncpath/` | Medium
11 | File | `ActivityManagerService.java` | High
12 | ... | ... | ...
There are 79 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 89 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -82,4 +83,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

6
actors/Mofang/README.md
查看文件

@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
3 | T1055 | CWE-74 | Injection | High
4 | ... | ... | ... | ...
There are 12 more TTP items available. Please use our online service to access the data.
There are 13 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -62,7 +62,7 @@ ID | Type | Indicator | Confidence
11 | File | `application\api\controller\User.php` | High
12 | ... | ... | ...
There are 94 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -80,4 +80,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

14
actors/Monero/README.md
查看文件

@ -31,12 +31,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1059.007 | CWE-79 | Cross Site Scripting | High
2 | T1068 | CWE-264, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
3 | T1202 | CWE-78 | Command Injection | High
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
2 | T1059 | CWE-94 | Cross Site Scripting | High
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
4 | ... | ... | ... | ...
There are 5 more TTP items available. Please use our online service to access the data.
There are 9 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -46,10 +46,10 @@ ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `data/gbconfiguration.dat` | High
2 | File | `dede\co_do.php` | High
3 | File | `org/apache/catalina/realm/RealmBase.java` | High
3 | File | `download` | Medium
4 | ... | ... | ...
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 16 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -67,4 +67,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/MsAttacker/README.md
查看文件

@ -65,4 +65,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Mustang Panda/README.md
查看文件

@ -183,4 +183,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/MyKings/README.md
查看文件

@ -128,4 +128,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

102
actors/North America Unknown/README.md
查看文件

@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with North America Unknown:
* [US](https://vuldb.com/?country.us)
* [CN](https://vuldb.com/?country.cn)
* [VN](https://vuldb.com/?country.vn)
* [CN](https://vuldb.com/?country.cn)
* ...
There are 23 more country items available. Please use our online service to access the data.
There are 29 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -37256,14 +37256,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
3 | T1055 | CWE-74 | Injection | High
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
1 | T1006 | CWE-21, CWE-22, CWE-24 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
6 | ... | ... | ... | ...
There are 18 more TTP items available. Please use our online service to access the data.
There are 21 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -37271,41 +37271,57 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `%SYSTEMDRIVE%\node_modules\.bin\wmic.exe` | High
2 | File | `/.env` | Low
3 | File | `//proc/kcore` | Medium
4 | File | `/admin/add-category.php` | High
5 | File | `/admin/index2.html` | High
6 | File | `/admin/theme-edit.php` | High
7 | File | `/ample/app/ajax/member_data.php` | High
8 | File | `/api/authentication/login` | High
9 | File | `/api/upload.php` | High
10 | File | `/base/ecma-helpers.c` | High
11 | File | `/bin/login` | Medium
12 | File | `/bin/rc4_crypt` | High
13 | File | `/calendar/minimizer/index.php` | High
14 | File | `/catalog/compare` | High
15 | File | `/cgi-bin/luci/api/switch` | High
16 | File | `/CMD_ACCOUNT_ADMIN` | High
17 | File | `/common/logViewer/logViewer.jsf` | High
18 | File | `/Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent` | High
19 | File | `/DXR.axd` | Medium
20 | File | `/ecommerce/admin/settings/setDiscount.php` | High
21 | File | `/endpoint/add-user.php` | High
22 | File | `/forum/away.php` | High
23 | File | `/goform/formSysCmd` | High
24 | File | `/goform/goform_get_cmd_process` | High
25 | File | `/h/autoSaveDraft` | High
26 | File | `/link/` | Low
27 | File | `/log/decodmail.php` | High
28 | File | `/main/webservices/additional_webservices.php` | High
29 | File | `/nagiosxi/admin/banner_message-ajaxhelper.php` | High
30 | File | `/oauth/idp/.well-known/openid-configuration` | High
31 | File | `/one_church/churchprofile.php` | High
32 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
33 | ... | ... | ...
1 | File | `/accounts_con/register_account` | High
2 | File | `/addbill.php` | Medium
3 | File | `/admin` | Low
4 | File | `/admin/` | Low
5 | File | `/admin/admin_user.php` | High
6 | File | `/admin/book_add.php` | High
7 | File | `/admin/book_row.php` | High
8 | File | `/admin/borrow_add.php` | High
9 | File | `/admin/bwdates-report-details.php` | High
10 | File | `/admin/clientview.php` | High
11 | File | `/admin/controller/JobLogController.java` | High
12 | File | `/admin/course.php` | High
13 | File | `/admin/general.cgi` | High
14 | File | `/admin/index2.html` | High
15 | File | `/admin/ind_backstage.php` | High
16 | File | `/admin/manage-pages.php` | High
17 | File | `/admin/manage-users.php` | High
18 | File | `/admin/options-theme.php` | High
19 | File | `/admin/pages/subjects.php` | High
20 | File | `/admin/pages/yearlevel.php` | High
21 | File | `/admin/php/crud.php` | High
22 | File | `/admin/regester.php` | High
23 | File | `/admin/return_add.php` | High
24 | File | `/admin/singlelogin.php?submit=1` | High
25 | File | `/admin/subject.php` | High
26 | File | `/admin/update-clients.php` | High
27 | File | `/admin/upload/img` | High
28 | File | `/ample/app/action/edit_product.php` | High
29 | File | `/api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest` | High
30 | File | `/api/log/killJob` | High
31 | File | `/api/snapshot and /api/get_log_file` | High
32 | File | `/api/trackedEntityInstances` | High
33 | File | `/api /v3/auth` | High
34 | File | `/article/DelectArticleById/` | High
35 | File | `/auth/auth.php?user=1` | High
36 | File | `/b2b-supermarket/catalog/all-products` | High
37 | File | `/b2b-supermarket/shopping-cart` | High
38 | File | `/boaform/wlan_basic_set.cgi` | High
39 | File | `/cgi-bin/cstecgi.cgi` | High
40 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
41 | File | `/cgi-bin/qcmap_auth` | High
42 | File | `/cgi-bin/wlogin.cgi` | High
43 | File | `/classes/Master.php? f=save_medicine` | High
44 | File | `/config,admin.jsp` | High
45 | File | `/dashboard?controller=UserCollection::createUser` | High
46 | File | `/dist/index.js` | High
47 | File | `/DXR.axd` | Medium
48 | File | `/ecommerce/admin/settings/setDiscount.php` | High
49 | ... | ... | ...
There are 282 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 422 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -37326,4 +37342,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/ObserverStealer/README.md
查看文件

@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/Phorpiex/README.md
查看文件

@ -127,4 +127,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/PortDoor/README.md
查看文件

@ -61,4 +61,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/PowerDuke/README.md
查看文件

@ -69,4 +69,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

2
actors/PowerShell/README.md
查看文件

@ -66,4 +66,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

117
actors/Purple Fox/README.md
查看文件

@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
* [US](https://vuldb.com/?country.us)
* ...
There are 4 more country items available. Please use our online service to access the data.
There are 5 more country items available. Please use our online service to access the data.
## IOC - Indicator of Compromise
@ -431,14 +431,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29 | Pathname Traversal | High
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-37 | Pathname Traversal | High
2 | T1055 | CWE-74 | Injection | High
3 | T1059 | CWE-94 | Cross Site Scripting | High
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
6 | ... | ... | ... | ...
There are 18 more TTP items available. Please use our online service to access the data.
There are 21 more TTP items available. Please use our online service to access the data.
## IOA - Indicator of Attack
@ -447,49 +447,49 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
1 | File | `/accounts_con/register_account` | High
2 | File | `/act/ActDao.xml` | High
3 | File | `/admin/?page=maintenance/brand` | High
4 | File | `/admin/?page=user/list` | High
5 | File | `/admin/?page=user/manage` | High
6 | File | `/admin/?page=user/manage_user&id=3` | High
7 | File | `/admin/course.php` | High
8 | File | `/admin/courses/manage_course.php` | High
9 | File | `/admin/courses/view_course.php` | High
10 | File | `/admin/curriculum/view_curriculum.php` | High
11 | File | `/admin/departments/manage_department.php` | High
12 | File | `/admin/index.php` | High
13 | File | `/admin/ind_backstage.php` | High
14 | File | `/admin/list_onlineuser.php` | High
15 | File | `/admin/manage-pages.php` | High
16 | File | `/admin/manage-users.php` | High
17 | File | `/admin/offenses/view_details.php` | High
18 | File | `/admin/options-theme.php` | High
19 | File | `/admin/report/index.php` | High
20 | File | `/admin/reportupload.aspx` | High
21 | File | `/admin/services/view_service.php` | High
22 | File | `/admin/settings/` | High
23 | File | `/admin/singlelogin.php?submit=1` | High
24 | File | `/admin/students/view_details.php` | High
25 | File | `/admin/students/view_student.php` | High
26 | File | `/admin/subject.php` | High
27 | File | `/admin/theme-edit.php` | High
28 | File | `/admin/upload/img` | High
29 | File | `/admin/user/manage_user.php` | High
30 | File | `/adms/admin/?page=user/manage_user` | High
31 | File | `/adplanet/PlanetCommentList` | High
32 | File | `/adplanet/PlanetUser` | High
33 | File | `/ajax.php?action=save_company` | High
34 | File | `/ample/app/ajax/member_data.php` | High
35 | File | `/api/browserextension/UpdatePassword/` | High
36 | File | `/api/upload.php` | High
2 | File | `/admin/?page=maintenance/brand` | High
3 | File | `/admin/?page=user/list` | High
4 | File | `/admin/?page=user/manage` | High
5 | File | `/admin/?page=user/manage_user&id=3` | High
6 | File | `/admin/course.php` | High
7 | File | `/admin/courses/manage_course.php` | High
8 | File | `/admin/courses/view_course.php` | High
9 | File | `/admin/curriculum/view_curriculum.php` | High
10 | File | `/admin/departments/manage_department.php` | High
11 | File | `/admin/index.php` | High
12 | File | `/admin/ind_backstage.php` | High
13 | File | `/admin/list_onlineuser.php` | High
14 | File | `/admin/manage-pages.php` | High
15 | File | `/admin/manage-users.php` | High
16 | File | `/admin/offenses/view_details.php` | High
17 | File | `/admin/options-theme.php` | High
18 | File | `/admin/report/index.php` | High
19 | File | `/admin/reportupload.aspx` | High
20 | File | `/admin/services/view_service.php` | High
21 | File | `/admin/settings/` | High
22 | File | `/admin/singlelogin.php?submit=1` | High
23 | File | `/admin/students/view_details.php` | High
24 | File | `/admin/students/view_student.php` | High
25 | File | `/admin/subject.php` | High
26 | File | `/admin/theme-edit.php` | High
27 | File | `/admin/upload/img` | High
28 | File | `/admin/user/manage_user.php` | High
29 | File | `/adms/admin/?page=user/manage_user` | High
30 | File | `/adplanet/PlanetCommentList` | High
31 | File | `/adplanet/PlanetUser` | High
32 | File | `/ajax.php?action=save_company` | High
33 | File | `/ample/app/ajax/member_data.php` | High
34 | File | `/api/browserextension/UpdatePassword/` | High
35 | File | `/api/trackedEntityInstances` | High
36 | File | `/api/v1/terminal/sessions/?limit=1` | High
37 | File | `/article/DelectArticleById/` | High
38 | File | `/auth/auth.php?user=1` | High
39 | File | `/b2b-supermarket/catalog/all-products` | High
40 | File | `/b2b-supermarket/shopping-cart` | High
41 | File | `/catalog/compare` | High
42 | File | `/cgi-bin/cstecgi.cgi` | High
43 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
44 | File | `/cgi-bin/kerbynet` | High
41 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
42 | File | `/catalog/compare` | High
43 | File | `/cgi-bin/cstecgi.cgi` | High
44 | File | `/cgi-bin/cstecgi.cgi?action=login` | High
45 | File | `/cgi-bin/mainfunction.cgi` | High
46 | File | `/classes/Master.php` | High
47 | File | `/classes/Master.php?f=delete_category` | High
@ -507,19 +507,26 @@ ID | Type | Indicator | Confidence
59 | File | `/classes/Users.php?f=save` | High
60 | File | `/clinic/disease_symptoms_view.php` | High
61 | File | `/config,admin.jsp` | High
62 | File | `/download/image` | High
63 | File | `/DXR.axd` | Medium
64 | File | `/endpoint/add-guest.php` | High
65 | File | `/endpoint/add-user.php` | High
66 | File | `/endpoint/delete-user.php` | High
67 | File | `/fax/fax_send.php` | High
68 | File | `/file-manager/delete.php` | High
69 | File | `/file-manager/upload.php` | High
70 | File | `/forum/away.php` | High
71 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
72 | ... | ... | ...
62 | File | `/config/getuser` | High
63 | File | `/debug/pprof` | Medium
64 | File | `/download/image` | High
65 | File | `/DXR.axd` | Medium
66 | File | `/endpoint/add-guest.php` | High
67 | File | `/endpoint/add-user.php` | High
68 | File | `/endpoint/delete-user.php` | High
69 | File | `/fax/fax_send.php` | High
70 | File | `/file-manager/delete.php` | High
71 | File | `/file-manager/upload.php` | High
72 | File | `/forum/away.php` | High
73 | File | `/general/ipanel/menu_code.php?MENU_TYPE=FAV` | High
74 | File | `/goform/goform_get_cmd_process` | High
75 | File | `/HNAP1/` | Low
76 | File | `/inc/topBarNav.php` | High
77 | File | `/index.php` | Medium
78 | File | `/index.php?page=member` | High
79 | ... | ... | ...
There are 632 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
There are 691 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
## References
@ -540,4 +547,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
## License
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
(c) [1997-2024](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!

7454
actors/Qakbot/README.md
查看文件

文件差异内容过多而无法显示 加载差异

某些文件未显示,因为此 diff 中更改的文件太多 显示更多