Update March 2023
This commit is contained in:
parent
b78aaf637e
commit
8b9009e483
|
@ -59,7 +59,8 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
25 | [43.245.196.124](https://vuldb.com/?ip.43.245.196.124) | - | Cache Panda | High
|
||||
26 | [45.62.112.161](https://vuldb.com/?ip.45.62.112.161) | 45.62.112.161.16clouds.com | Cloud Hopper | High
|
||||
27 | [45.77.28.124](https://vuldb.com/?ip.45.77.28.124) | 45.77.28.124.vultrusercontent.com | LODEINFO | High
|
||||
28 | ... | ... | ... | ...
|
||||
28 | [45.138.157.83](https://vuldb.com/?ip.45.138.157.83) | google.com.tm | A41APT | High
|
||||
29 | ... | ... | ... | ...
|
||||
|
||||
There are 110 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -112,10 +113,9 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/v2/quantum/save-data-upload-big-file` | High
|
||||
29 | File | `4.edu.php` | Medium
|
||||
30 | File | `adclick.php` | Medium
|
||||
31 | ... | ... | ...
|
||||
30 | ... | ... | ...
|
||||
|
||||
There are 260 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 257 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -129,6 +129,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://securelist.com/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/101519/
|
||||
* https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-i/
|
||||
* https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-ii/
|
||||
* https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks
|
||||
* https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html
|
||||
* https://www.threatminer.org/report.php?q=Accenture-Hogfish-Threat-Analysis.pdf&y=2018
|
||||
* https://www.threatminer.org/report.php?q=cloud-hopper-indicators-of-compromise-v3-PwC.pdf&y=2017
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -79,40 +79,44 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin/submit-articles` | High
|
||||
3 | File | `/ad_js.php` | Medium
|
||||
4 | File | `/api/v2/cli/commands` | High
|
||||
5 | File | `/app/options.py` | High
|
||||
6 | File | `/attachments` | Medium
|
||||
7 | File | `/bsms_ci/index.php/book` | High
|
||||
8 | File | `/cgi-bin/login.cgi` | High
|
||||
9 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
10 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
11 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
12 | File | `/dashboard/reports/logs/view` | High
|
||||
13 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/etc/hosts` | Medium
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/goform/setmac` | High
|
||||
18 | File | `/goform/wizard_end` | High
|
||||
19 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
20 | File | `/index/jobfairol/show/` | High
|
||||
21 | File | `/librarian/bookdetails.php` | High
|
||||
22 | File | `/manage-apartment.php` | High
|
||||
23 | File | `/medicines/profile.php` | High
|
||||
24 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
25 | File | `/pages/apply_vacancy.php` | High
|
||||
26 | File | `/proc/<PID>/mem` | High
|
||||
27 | File | `/project/PROJECTNAME/reports/` | High
|
||||
28 | File | `/proxy` | Low
|
||||
29 | File | `/spip.php` | Medium
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/upload` | Low
|
||||
33 | ... | ... | ...
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/v2/cli/commands` | High
|
||||
10 | File | `/app/options.py` | High
|
||||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/book` | High
|
||||
14 | File | `/cgi-bin/login.cgi` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
26 | File | `/index/jobfairol/show/` | High
|
||||
27 | File | `/manage-apartment.php` | High
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/pages/apply_vacancy.php` | High
|
||||
31 | File | `/proc/<PID>/mem` | High
|
||||
32 | File | `/project/PROJECTNAME/reports/` | High
|
||||
33 | File | `/proxy` | Low
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 316 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -2217,31 +2217,31 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/admin.php?action=themeinstall` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/controller/JobLogController.java` | High
|
||||
5 | File | `/admin/index2.html` | High
|
||||
6 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/api/audits` | Medium
|
||||
10 | File | `/api/resource/Item?fields` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/APR/signup.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/kerbynet` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/cgi-bin/wapopen` | High
|
||||
17 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
18 | File | `/controller/OnlinePreviewController.java` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
21 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
22 | File | `/env` | Low
|
||||
23 | File | `/etc/sudoers` | Medium
|
||||
24 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
27 | File | `/fos/admin/index.php?page=menu` | High
|
||||
28 | File | `/goform/WifiBasicSet` | High
|
||||
4 | File | `/admin/index2.html` | High
|
||||
5 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/api/audits` | Medium
|
||||
9 | File | `/api/resource/Item?fields` | High
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/APR/signup.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/kerbynet` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
17 | File | `/controller/OnlinePreviewController.java` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
20 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
21 | File | `/env` | Low
|
||||
22 | File | `/etc/sudoers` | Medium
|
||||
23 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/goform/WifiBasicSet` | High
|
||||
28 | File | `/goform/WifiGuestSet` | High
|
||||
29 | File | `/hardware` | Medium
|
||||
30 | File | `/home/masterConsole` | High
|
||||
31 | File | `/home/sendBroadcast` | High
|
||||
|
@ -2267,7 +2267,7 @@ ID | Type | Indicator | Confidence
|
|||
51 | File | `/sacco_shield/manage_payment.php` | High
|
||||
52 | ... | ... | ...
|
||||
|
||||
There are 451 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 453 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Algeria Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [IL](https://vuldb.com/?country.il)
|
||||
* ...
|
||||
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -37,9 +37,12 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
14 | [41.109.120.0](https://vuldb.com/?ip.41.109.120.0) | - | - | High
|
||||
15 | [41.109.128.0](https://vuldb.com/?ip.41.109.128.0) | - | - | High
|
||||
16 | [41.110.0.0](https://vuldb.com/?ip.41.110.0.0) | - | - | High
|
||||
17 | ... | ... | ... | ...
|
||||
17 | [41.191.252.0](https://vuldb.com/?ip.41.191.252.0) | - | - | High
|
||||
18 | [41.200.0.0](https://vuldb.com/?ip.41.200.0.0) | - | - | High
|
||||
19 | [41.210.64.0](https://vuldb.com/?ip.41.210.64.0) | - | - | High
|
||||
20 | ... | ... | ... | ...
|
||||
|
||||
There are 63 more IOC items available. Please use our online service to access the data.
|
||||
There are 74 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -50,11 +53,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -62,75 +65,77 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/acms/admin/cargo_types/view_cargo_type.php` | High
|
||||
2 | File | `/admin/addemployee.php` | High
|
||||
3 | File | `/admin/index.php` | High
|
||||
4 | File | `/appliance/users?action=edit` | High
|
||||
5 | File | `/bin/boa` | Medium
|
||||
6 | File | `/ci_spms/admin/category` | High
|
||||
7 | File | `/config.cgi?webmin` | High
|
||||
8 | File | `/filemanager/upload.php` | High
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/hrm/employeeadd.php` | High
|
||||
11 | File | `/idm/admin/changeself.jsp` | High
|
||||
12 | File | `/idm/includes/helpServer.jsp` | High
|
||||
13 | File | `/if.cgi` | Low
|
||||
14 | File | `/include/chart_generator.php` | High
|
||||
15 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
16 | File | `/modules/profile/index.php` | High
|
||||
17 | File | `/news.dtl.php` | High
|
||||
18 | File | `/product_list.php` | High
|
||||
19 | File | `/setup` | Low
|
||||
20 | File | `/spip.php` | Medium
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
|
||||
23 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
24 | File | `/_vti_pvt/access.cnf` | High
|
||||
25 | File | `5.2.9\syscrb.exe` | High
|
||||
26 | File | `a-b-membres.php` | High
|
||||
27 | File | `act.php` | Low
|
||||
28 | File | `adclick.php` | Medium
|
||||
29 | File | `admin` | Low
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | File | `admin/index.php?id=filesmanager` | High
|
||||
32 | File | `admin/index.php?id=snippets&action=edit_snippet&filename=google-analytics` | High
|
||||
33 | File | `admin/movieview.php` | High
|
||||
34 | File | `advanced_search_results.php` | High
|
||||
35 | File | `advertiser/login_confirm.asp` | High
|
||||
36 | File | `agb.php` | Low
|
||||
37 | File | `ajax_calls.php` | High
|
||||
38 | File | `akocomments.php` | High
|
||||
39 | File | `api.php` | Low
|
||||
40 | File | `attendancy.php` | High
|
||||
41 | File | `auction\auction_common.php` | High
|
||||
42 | File | `auth-gss2.c` | Medium
|
||||
43 | File | `awstats.pl` | Medium
|
||||
44 | File | `a_login.php` | Medium
|
||||
45 | File | `backup.php` | Medium
|
||||
46 | File | `bannerclick.php` | High
|
||||
47 | File | `bfd/vms-alpha.c` | High
|
||||
48 | File | `board.html` | Medium
|
||||
49 | File | `books.php` | Medium
|
||||
50 | File | `bp_ncom.php` | Medium
|
||||
51 | File | `browsecats.php` | High
|
||||
52 | File | `browser/liferay/browser.html?Type` | High
|
||||
53 | File | `c-client/imap4r1.c` | High
|
||||
54 | File | `carbon/admin/login.jsp` | High
|
||||
55 | File | `category.cfm` | Medium
|
||||
56 | File | `category_list.php` | High
|
||||
57 | File | `ce_t4t.cc` | Medium
|
||||
58 | File | `cgi-bin/DownloadCfg/RouterCfm.cfg` | High
|
||||
59 | File | `Cgi/private.py` | High
|
||||
60 | File | `city.asp` | Medium
|
||||
61 | ... | ... | ...
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `.htaccess` | Medium
|
||||
3 | File | `/acms/admin/cargo_types/view_cargo_type.php` | High
|
||||
4 | File | `/Admin/add-student.php` | High
|
||||
5 | File | `/admin/addemployee.php` | High
|
||||
6 | File | `/admin/api/admin/articles/` | High
|
||||
7 | File | `/Admin/login.php` | High
|
||||
8 | File | `/admin/showbad.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/apilog.php` | Medium
|
||||
12 | File | `/appliance/users?action=edit` | High
|
||||
13 | File | `/APR/login.php` | High
|
||||
14 | File | `/bin/httpd` | Medium
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/connectors/index.php` | High
|
||||
18 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
19 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
20 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
21 | File | `/etc/default` | Medium
|
||||
22 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
23 | File | `/footer.inc.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/items/view_item.php` | High
|
||||
33 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
34 | File | `/lookin/info` | Medium
|
||||
35 | File | `/manager/index.php` | High
|
||||
36 | File | `/medical/inventories.php` | High
|
||||
37 | File | `/modules/profile/index.php` | High
|
||||
38 | File | `/modules/projects/vw_files.php` | High
|
||||
39 | File | `/modules/public/calendar.php` | High
|
||||
40 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
41 | File | `/newsDia.php` | Medium
|
||||
42 | File | `/out.php` | Medium
|
||||
43 | File | `/php-opos/index.php` | High
|
||||
44 | File | `/proxy` | Low
|
||||
45 | File | `/public/launchNewWindow.jsp` | High
|
||||
46 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
47 | File | `/reports/rwservlet` | High
|
||||
48 | File | `/sacco_shield/manage_user.php` | High
|
||||
49 | File | `/spip.php` | Medium
|
||||
50 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
51 | File | `/staff/bookdetails.php` | High
|
||||
52 | File | `/uncpath/` | Medium
|
||||
53 | File | `/user/update_booking.php` | High
|
||||
54 | File | `/usr/bin/at` | Medium
|
||||
55 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
56 | File | `/wireless/security.asp` | High
|
||||
57 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
58 | File | `01article.php` | High
|
||||
59 | File | `AbstractScheduleJob.java` | High
|
||||
60 | File | `actionphp/download.File.php` | High
|
||||
61 | File | `activenews_view.asp` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 535 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 545 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_dz.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_dz.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
# AsynRAT - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [AsynRAT](https://vuldb.com/?actor.asynrat). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.asynrat](https://vuldb.com/?actor.asynrat)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with AsynRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of AsynRAT.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [185.254.37.238](https://vuldb.com/?ip.185.254.37.238) | - | - | High
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _AsynRAT_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://isc.sans.edu/forums/diary/AsynRAT+Trojan+Bill+Payment+Pago+de+la+factura/29626/
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with AsyncRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
|
|
|
@ -26,7 +26,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
3 | [45.12.71.34](https://vuldb.com/?ip.45.12.71.34) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more IOC items available. Please use our online service to access the data.
|
||||
There are 5 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -59,6 +59,7 @@ There are 12 more IOA items available (file, library, argument, input value, pat
|
|||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_bv.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_bv.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1426,18 +1426,19 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/tmp` | Low
|
||||
14 | File | `account-signup.php` | High
|
||||
15 | File | `account/signup.php` | High
|
||||
16 | File | `action.php` | Medium
|
||||
17 | File | `addentry.php` | Medium
|
||||
18 | File | `admin-ajax.php` | High
|
||||
19 | File | `admin.php` | Medium
|
||||
20 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
21 | File | `admin/admin_editor.php` | High
|
||||
22 | File | `admin/conf_users_edit.php` | High
|
||||
23 | File | `adminer.php` | Medium
|
||||
16 | File | `addentry.php` | Medium
|
||||
17 | File | `admin-ajax.php` | High
|
||||
18 | File | `admin.php` | Medium
|
||||
19 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
20 | File | `admin/admin_editor.php` | High
|
||||
21 | File | `admin/conf_users_edit.php` | High
|
||||
22 | File | `adminer.php` | Medium
|
||||
23 | File | `articulo.php` | Medium
|
||||
24 | File | `blocks/block-Old_Articles.php` | High
|
||||
25 | ... | ... | ...
|
||||
25 | File | `bp_ncom.php` | Medium
|
||||
26 | ... | ... | ...
|
||||
|
||||
There are 214 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 215 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -78,16 +78,15 @@ ID | Type | Indicator | Confidence
|
|||
23 | File | `/images/` | Medium
|
||||
24 | File | `/isms/classes/Users.php` | High
|
||||
25 | File | `/login` | Low
|
||||
26 | File | `/MagickCore/quantize.c` | High
|
||||
27 | File | `/mc` | Low
|
||||
28 | File | `/mkshop/Men/profile.php` | High
|
||||
29 | File | `/modules/profile/index.php` | High
|
||||
30 | File | `/ofrs/admin/?page=teams/view_team` | High
|
||||
31 | File | `/one_church/userregister.php` | High
|
||||
32 | File | `/out.php` | Medium
|
||||
33 | ... | ... | ...
|
||||
26 | File | `/mc` | Low
|
||||
27 | File | `/mkshop/Men/profile.php` | High
|
||||
28 | File | `/modules/profile/index.php` | High
|
||||
29 | File | `/ofrs/admin/?page=teams/view_team` | High
|
||||
30 | File | `/one_church/userregister.php` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 277 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -83,11 +83,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -97,33 +98,34 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/APR/login.php` | High
|
||||
4 | File | `/APR/signup.php` | High
|
||||
5 | File | `/as/authorization.oauth2` | High
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/DXR.axd` | Medium
|
||||
8 | File | `/filemanager/php/connector.php` | High
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/mims/login.php` | High
|
||||
11 | File | `/php-scrm/login.php` | High
|
||||
12 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
13 | File | `/textpattern/index.php` | High
|
||||
14 | File | `/tmp` | Low
|
||||
15 | File | `account-signup.php` | High
|
||||
16 | File | `account/signup.php` | High
|
||||
17 | File | `addentry.php` | Medium
|
||||
18 | File | `admin.php` | Medium
|
||||
19 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
20 | File | `admin/admin_editor.php` | High
|
||||
21 | File | `admin/conf_users_edit.php` | High
|
||||
22 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
23 | File | `admin/TemplateController.java` | High
|
||||
24 | File | `AndroidManifest.xml` | High
|
||||
25 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
|
||||
26 | File | `blocks/block-Old_Articles.php` | High
|
||||
27 | ... | ... | ...
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/as/authorization.oauth2` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/filemanager/php/connector.php` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/HNAP1/SetClientInfo` | High
|
||||
13 | File | `/mims/login.php` | High
|
||||
14 | File | `/php-scrm/login.php` | High
|
||||
15 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
16 | File | `/textpattern/index.php` | High
|
||||
17 | File | `/tmp` | Low
|
||||
18 | File | `account-signup.php` | High
|
||||
19 | File | `account/signup.php` | High
|
||||
20 | File | `addentry.php` | Medium
|
||||
21 | File | `admin.php` | Medium
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
25 | File | `admin/TemplateController.java` | High
|
||||
26 | File | `adminer.php` | Medium
|
||||
27 | File | `AndroidManifest.xml` | High
|
||||
28 | ... | ... | ...
|
||||
|
||||
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 235 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -75,44 +75,43 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/add-fee.php` | High
|
||||
5 | File | `/admin/baojia_list.php` | High
|
||||
6 | File | `/admin/loginc.php` | High
|
||||
7 | File | `/anony/mjpg.cgi` | High
|
||||
8 | File | `/api/common/ping` | High
|
||||
9 | File | `/api/v2/open/rowsInfo` | High
|
||||
10 | File | `/appointments/update_status.php` | High
|
||||
11 | File | `/binbloom-master/src/helpers.c` | High
|
||||
12 | File | `/bookings/update_status.php` | High
|
||||
13 | File | `/classes/Users.php?f=delete_client` | High
|
||||
14 | File | `/contacts/listcontacts.php` | High
|
||||
15 | File | `/Core/Ap4File.cpp` | High
|
||||
16 | File | `/data/app` | Medium
|
||||
17 | File | `/dede/file_manage_control.php` | High
|
||||
18 | File | `/depotHead/list` | High
|
||||
19 | File | `/etc/openshift/server_priv.pem` | High
|
||||
20 | File | `/etc/os-release` | High
|
||||
21 | File | `/etc/pki/pulp/nodes/` | High
|
||||
22 | File | `/forms/web_runScript` | High
|
||||
23 | File | `/fs/nfsd/nfs4proc.c` | High
|
||||
24 | File | `/garage/php_action/createBrand.php` | High
|
||||
25 | File | `/general/search.php?searchtype=simple` | High
|
||||
26 | File | `/goform/AddSysLogRule` | High
|
||||
27 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
28 | File | `/goform/qossetting` | High
|
||||
29 | File | `/goform/setAutoPing` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/hss/?page=product_per_brand` | High
|
||||
32 | File | `/isomedia/meta.c` | High
|
||||
33 | File | `/meetings/listmeetings.php` | High
|
||||
34 | File | `/odlms/?page=appointments/view_appointment` | High
|
||||
35 | File | `/odlms/classes/Users.php?f=delete` | High
|
||||
36 | File | `/one/siteinfo.php` | High
|
||||
37 | File | `/proc/*/exe` | Medium
|
||||
38 | File | `/projects/listprojects.php` | High
|
||||
39 | File | `/release-x64/otfccdump+0x4adcdb` | High
|
||||
40 | File | `/release-x64/otfccdump+0x6e41b8` | High
|
||||
41 | File | `/release-x64/otfccdump+0x6e412a` | High
|
||||
42 | ... | ... | ...
|
||||
7 | File | `/api/common/ping` | High
|
||||
8 | File | `/api/v2/open/rowsInfo` | High
|
||||
9 | File | `/appointments/update_status.php` | High
|
||||
10 | File | `/binbloom-master/src/helpers.c` | High
|
||||
11 | File | `/bookings/update_status.php` | High
|
||||
12 | File | `/classes/Users.php?f=delete_client` | High
|
||||
13 | File | `/contacts/listcontacts.php` | High
|
||||
14 | File | `/Core/Ap4File.cpp` | High
|
||||
15 | File | `/data/app` | Medium
|
||||
16 | File | `/dede/file_manage_control.php` | High
|
||||
17 | File | `/depotHead/list` | High
|
||||
18 | File | `/etc/openshift/server_priv.pem` | High
|
||||
19 | File | `/etc/os-release` | High
|
||||
20 | File | `/etc/pki/pulp/nodes/` | High
|
||||
21 | File | `/forms/web_runScript` | High
|
||||
22 | File | `/fs/nfsd/nfs4proc.c` | High
|
||||
23 | File | `/garage/php_action/createBrand.php` | High
|
||||
24 | File | `/general/search.php?searchtype=simple` | High
|
||||
25 | File | `/goform/AddSysLogRule` | High
|
||||
26 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
27 | File | `/goform/qossetting` | High
|
||||
28 | File | `/goform/setAutoPing` | High
|
||||
29 | File | `/hrm/employeeview.php` | High
|
||||
30 | File | `/hss/?page=product_per_brand` | High
|
||||
31 | File | `/isomedia/meta.c` | High
|
||||
32 | File | `/meetings/listmeetings.php` | High
|
||||
33 | File | `/odlms/?page=appointments/view_appointment` | High
|
||||
34 | File | `/odlms/classes/Users.php?f=delete` | High
|
||||
35 | File | `/one/siteinfo.php` | High
|
||||
36 | File | `/proc/*/exe` | Medium
|
||||
37 | File | `/projects/listprojects.php` | High
|
||||
38 | File | `/release-x64/otfccdump+0x4adcdb` | High
|
||||
39 | File | `/release-x64/otfccdump+0x6e41b8` | High
|
||||
40 | File | `/release-x64/otfccdump+0x6e412a` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -33,14 +33,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-27, CWE-29 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,50 +51,47 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/admin.php/update/getFile.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/content/index` | High
|
||||
6 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/edit-doc.php` | High
|
||||
9 | File | `/admin/index3.php` | High
|
||||
10 | File | `/admin/login.php` | High
|
||||
11 | File | `/admin/main/mod-blog` | High
|
||||
12 | File | `/admin/manage_user.php` | High
|
||||
13 | File | `/admin/navbar.php` | High
|
||||
14 | File | `/admin/patient.php` | High
|
||||
15 | File | `/admin/view_order.php` | High
|
||||
16 | File | `/admin1/config/update` | High
|
||||
17 | File | `/admin1/file/download` | High
|
||||
18 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
19 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
20 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
21 | File | `/adms/classes/Users.php` | High
|
||||
22 | File | `/agc/vicidial.php` | High
|
||||
23 | File | `/ajax/update_certificate` | High
|
||||
24 | File | `/alphaware/summary.php` | High
|
||||
25 | File | `/api/admin/system/store/order/list` | High
|
||||
26 | File | `/api/admin/user/list` | High
|
||||
27 | File | `/api/jmeter/download/files` | High
|
||||
28 | File | `/APR/login.php` | High
|
||||
29 | File | `/APR/signup.php` | High
|
||||
30 | File | `/billing/home.php` | High
|
||||
31 | File | `/boat/login.php` | High
|
||||
32 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
33 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
34 | File | `/data/config.ftp.php` | High
|
||||
35 | File | `/databases/database/edit` | High
|
||||
36 | File | `/databases/database/list` | High
|
||||
37 | File | `/databases/table/columns` | High
|
||||
38 | File | `/databases/table/list` | High
|
||||
39 | File | `/dist/index.js` | High
|
||||
40 | File | `/editor/index.php` | High
|
||||
41 | File | `/edoc/doctor/patient.php` | High
|
||||
42 | File | `/eduauth/student/search.php` | High
|
||||
43 | File | `/etc/init.d/openfire` | High
|
||||
44 | File | `/files/import` | High
|
||||
45 | File | `/file_manager/login.php` | High
|
||||
46 | ... | ... | ...
|
||||
5 | File | `/admin/ajax.php` | High
|
||||
6 | File | `/admin/content/index` | High
|
||||
7 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
8 | File | `/admin/delete_user.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/edit-doc.php` | High
|
||||
11 | File | `/admin/index3.php` | High
|
||||
12 | File | `/admin/login.php` | High
|
||||
13 | File | `/admin/main/mod-blog` | High
|
||||
14 | File | `/admin/manage_user.php` | High
|
||||
15 | File | `/admin/navbar.php` | High
|
||||
16 | File | `/admin/patient.php` | High
|
||||
17 | File | `/admin/upload` | High
|
||||
18 | File | `/admin/view_order.php` | High
|
||||
19 | File | `/admin1/config/update` | High
|
||||
20 | File | `/admin1/file/download` | High
|
||||
21 | File | `/agc/vicidial.php` | High
|
||||
22 | File | `/ajax/update_certificate` | High
|
||||
23 | File | `/alphaware/summary.php` | High
|
||||
24 | File | `/api/admin/system/store/order/list` | High
|
||||
25 | File | `/api/admin/user/list` | High
|
||||
26 | File | `/api/jmeter/download/files` | High
|
||||
27 | File | `/APR/login.php` | High
|
||||
28 | File | `/APR/signup.php` | High
|
||||
29 | File | `/billing/home.php` | High
|
||||
30 | File | `/boat/login.php` | High
|
||||
31 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
32 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
33 | File | `/data/config.ftp.php` | High
|
||||
34 | File | `/databases/database/edit` | High
|
||||
35 | File | `/databases/database/list` | High
|
||||
36 | File | `/databases/table/columns` | High
|
||||
37 | File | `/databases/table/list` | High
|
||||
38 | File | `/dist/index.js` | High
|
||||
39 | File | `/editor/index.php` | High
|
||||
40 | File | `/edoc/doctor/patient.php` | High
|
||||
41 | File | `/eduauth/student/search.php` | High
|
||||
42 | File | `/etc/init.d/openfire` | High
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 372 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -31,14 +31,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,42 +47,42 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `.htaccess` | Medium
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/api/admin/articles/` | High
|
||||
5 | File | `/admin/conferences/list/` | High
|
||||
6 | File | `/admin/edit_admin_details.php?id=admin` | High
|
||||
7 | File | `/admin/generalsettings.php` | High
|
||||
8 | File | `/Admin/login.php` | High
|
||||
9 | File | `/admin/payment.php` | High
|
||||
10 | File | `/admin/reports.php` | High
|
||||
11 | File | `/admin/showbad.php` | High
|
||||
12 | File | `/apilog.php` | Medium
|
||||
13 | File | `/cgi-bin/kerbynet` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/hrm/employeeadd.php` | High
|
||||
23 | File | `/hrm/employeeview.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/Items/*/RemoteImages/Download` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/conferences/list/` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/showbad.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/bin/httpd` | Medium
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/connectors/index.php` | High
|
||||
15 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/home/masterConsole` | High
|
||||
22 | File | `/home/sendBroadcast` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/items/view_item.php` | High
|
||||
27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
28 | File | `/lists/admin/` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/MagickCore/image.c` | High
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/newsDia.php` | Medium
|
||||
37 | File | `/out.php` | Medium
|
||||
28 | File | `/lookin/info` | Medium
|
||||
29 | File | `/manager/index.php` | High
|
||||
30 | File | `/medical/inventories.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/modules/public/calendar.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/newsDia.php` | Medium
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
|
@ -91,23 +91,23 @@ ID | Type | Indicator | Confidence
|
|||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
45 | File | `/staff/bookdetails.php` | High
|
||||
46 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/user/update_booking.php` | High
|
||||
48 | File | `/WEB-INF/web.xml` | High
|
||||
49 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `AdClass.php` | Medium
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | ... | ... | ...
|
||||
|
||||
There are 524 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 529 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -161,10 +161,9 @@ ID | Type | Indicator | Confidence
|
|||
48 | File | `/video-sharing-script/watch-video.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/xxl-job-admin/jobinfo` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | ... | ... | ...
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 452 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 445 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
# FakeCalls - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [FakeCalls](https://vuldb.com/?actor.fakecalls). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.fakecalls](https://vuldb.com/?actor.fakecalls)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of FakeCalls.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [182.16.42.18](https://vuldb.com/?ip.182.16.42.18) | - | - | High
|
||||
2 | [192.168.99.33](https://vuldb.com/?ip.192.168.99.33) | - | - | High
|
||||
3 | [192.168.99.186](https://vuldb.com/?ip.192.168.99.186) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://research.checkpoint.com/2023/south-korean-android-banking-menace-fakecalls/
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with FritzFrog:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 18 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -337,7 +337,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -346,44 +346,43 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/index2.html` | High
|
||||
3 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
4 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
5 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
6 | File | `/APR/signup.php` | High
|
||||
7 | File | `/as/authorization.oauth2` | High
|
||||
8 | File | `/bin/httpd` | Medium
|
||||
9 | File | `/bin/sh` | Low
|
||||
10 | File | `/boat/login.php` | High
|
||||
11 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/cimom` | Low
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/controller/OnlinePreviewController.java` | High
|
||||
18 | File | `/data/wps.setup.json` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/ecshop/admin/template.php` | High
|
||||
21 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/forum/PostPrivateMessage` | High
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/home/sendBroadcast` | High
|
||||
26 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
27 | File | `/IISADMPWD` | Medium
|
||||
28 | File | `/Moosikay/order.php` | High
|
||||
29 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
30 | File | `/net-banking/customer_transactions.php` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
33 | File | `/php-opos/index.php` | High
|
||||
34 | File | `/public/login.htm` | High
|
||||
35 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
36 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
37 | ... | ... | ...
|
||||
2 | File | `/admin/delete_user.php` | High
|
||||
3 | File | `/admin/index2.html` | High
|
||||
4 | File | `/admin/patient.php` | High
|
||||
5 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/APR/login.php` | High
|
||||
9 | File | `/APR/signup.php` | High
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/bin/sh` | Low
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
14 | File | `/cgi-bin/luci/api/auth` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/cimom` | Low
|
||||
18 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
19 | File | `/controller/OnlinePreviewController.java` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/DXR.axd` | Medium
|
||||
22 | File | `/ecshop/admin/template.php` | High
|
||||
23 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
24 | File | `/etc/sudoers` | Medium
|
||||
25 | File | `/filemanager/php/connector.php` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/forum/PostPrivateMessage` | High
|
||||
28 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
29 | File | `/IISADMPWD` | Medium
|
||||
30 | File | `/Moosikay/order.php` | High
|
||||
31 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
32 | File | `/net-banking/customer_transactions.php` | High
|
||||
33 | File | `/out.php` | Medium
|
||||
34 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
35 | File | `/php-opos/index.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 322 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 308 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -159,7 +159,7 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 386 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -278,8 +278,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -289,41 +288,40 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/Admin/add-student.php` | High
|
||||
2 | File | `/advanced-tools/nova/bin/netwatch` | High
|
||||
3 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
4 | File | `/boat/login.php` | High
|
||||
5 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
6 | File | `/cgi-bin/R14.2/easy1350.pl` | High
|
||||
7 | File | `/cgi-bin/R14.2/log.pl` | High
|
||||
8 | File | `/ebics-server/ebics.aspx` | High
|
||||
9 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
10 | File | `/files/import` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/hrm/controller/employee.php` | High
|
||||
13 | File | `/hrm/employeeadd.php` | High
|
||||
14 | File | `/hrm/employeeview.php` | High
|
||||
15 | File | `/ims/login.php` | High
|
||||
16 | File | `/login/index.php` | High
|
||||
17 | File | `/mhds/clinic/view_details.php` | High
|
||||
18 | File | `/Moosikay/order.php` | High
|
||||
19 | File | `/nova/bin/detnet` | High
|
||||
20 | File | `/out.php` | Medium
|
||||
21 | File | `/php-opos/index.php` | High
|
||||
22 | File | `/resources//../` | High
|
||||
23 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
24 | File | `/sys/dict/queryTableData` | High
|
||||
25 | File | `/tmp/boa-temp` | High
|
||||
26 | File | `/tourism/rate_review.php` | High
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/view-property.php` | High
|
||||
29 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
30 | File | `action.php` | Medium
|
||||
31 | File | `adclick.php` | Medium
|
||||
32 | File | `admin.jcomments.php` | High
|
||||
33 | ... | ... | ...
|
||||
1 | File | `//` | Low
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/advanced-tools/nova/bin/netwatch` | High
|
||||
4 | File | `/api/jmeter/download/files` | High
|
||||
5 | File | `/api/v1/attack/falco` | High
|
||||
6 | File | `/APR/login.php` | High
|
||||
7 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
8 | File | `/boat/login.php` | High
|
||||
9 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
10 | File | `/cgi-bin/R14.2/easy1350.pl` | High
|
||||
11 | File | `/cgi-bin/R14.2/log.pl` | High
|
||||
12 | File | `/DXR.axd` | Medium
|
||||
13 | File | `/ebics-server/ebics.aspx` | High
|
||||
14 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
15 | File | `/files/import` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/HNAP1/SetClientInfo` | High
|
||||
18 | File | `/ims/login.php` | High
|
||||
19 | File | `/librarian/bookdetails.php` | High
|
||||
20 | File | `/login/index.php` | High
|
||||
21 | File | `/mhds/clinic/view_details.php` | High
|
||||
22 | File | `/Moosikay/order.php` | High
|
||||
23 | File | `/nova/bin/detnet` | High
|
||||
24 | File | `/out.php` | Medium
|
||||
25 | File | `/php-opos/index.php` | High
|
||||
26 | File | `/resources//../` | High
|
||||
27 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
28 | File | `/sys/dict/queryTableData` | High
|
||||
29 | File | `/tmp/boa-temp` | High
|
||||
30 | File | `/tourism/rate_review.php` | High
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 274 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -49,12 +49,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -64,24 +64,24 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/edit-doc.php` | High
|
||||
3 | File | `/as/authorization.oauth2` | High
|
||||
4 | File | `/blogengine/api/posts` | High
|
||||
5 | File | `/cgi-bin/api-get_line_status` | High
|
||||
6 | File | `/cgi-bin/luci` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
9 | File | `/cgi-bin/upload_vpntar` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/cgi/trustclustermaster.cgi` | High
|
||||
12 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
13 | File | `/debug/pprof` | Medium
|
||||
14 | File | `/DXR.axd` | Medium
|
||||
15 | File | `/export` | Low
|
||||
16 | File | `/filemanager/php/connector.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/goform/SetPptpServerCfg` | High
|
||||
19 | File | `/h/calendar` | Medium
|
||||
20 | File | `/hrm/controller/employee.php` | High
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/api-get_line_status` | High
|
||||
7 | File | `/cgi-bin/luci` | High
|
||||
8 | File | `/cgi-bin/luci/api/auth` | High
|
||||
9 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
10 | File | `/cgi-bin/upload_vpntar` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/cgi/trustclustermaster.cgi` | High
|
||||
13 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/DXR.axd` | Medium
|
||||
16 | File | `/export` | Low
|
||||
17 | File | `/filemanager/php/connector.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/goform/SetPptpServerCfg` | High
|
||||
20 | File | `/h/calendar` | Medium
|
||||
21 | File | `/js/app.js` | Medium
|
||||
22 | File | `/login/index.php` | High
|
||||
23 | File | `/obs/book.php` | High
|
||||
|
@ -96,7 +96,7 @@ ID | Type | Indicator | Confidence
|
|||
32 | File | `/usr/bin/tddp` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 283 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -52,22 +52,23 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/cgi-bin/admin/testserver.cgi` | High
|
||||
3 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
|
||||
4 | File | `/export` | Low
|
||||
5 | File | `/icingaweb2/navigation/add` | High
|
||||
6 | File | `/recordings/index.php` | High
|
||||
7 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
8 | File | `/spip.php` | Medium
|
||||
9 | File | `/student/bookdetails.php` | High
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `/wp-admin/admin-ajax.php` | High
|
||||
12 | File | `adclick.php` | Medium
|
||||
13 | File | `agent/Core/Controller/SendRequest.cpp` | High
|
||||
14 | File | `api_poller.php` | High
|
||||
15 | File | `arformcontroller.php` | High
|
||||
16 | File | `attachmentlibrary.php` | High
|
||||
17 | File | `backend/Login/load/` | High
|
||||
18 | ... | ... | ...
|
||||
5 | File | `/forum/away.php` | High
|
||||
6 | File | `/icingaweb2/navigation/add` | High
|
||||
7 | File | `/recordings/index.php` | High
|
||||
8 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
9 | File | `/spip.php` | Medium
|
||||
10 | File | `/student/bookdetails.php` | High
|
||||
11 | File | `/uncpath/` | Medium
|
||||
12 | File | `/wp-admin/admin-ajax.php` | High
|
||||
13 | File | `adclick.php` | Medium
|
||||
14 | File | `agent/Core/Controller/SendRequest.cpp` | High
|
||||
15 | File | `api_poller.php` | High
|
||||
16 | File | `arformcontroller.php` | High
|
||||
17 | File | `attachmentlibrary.php` | High
|
||||
18 | File | `backend/Login/load/` | High
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 150 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 153 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -104,7 +104,7 @@ ID | Type | Indicator | Confidence
|
|||
34 | File | `ajax/api/hook/decodeArguments` | High
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 299 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 301 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
# Nauru Unknown - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Nauru Unknown](https://vuldb.com/?actor.nauru_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.nauru_unknown](https://vuldb.com/?actor.nauru_unknown)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Nauru Unknown.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [43.230.6.0](https://vuldb.com/?ip.43.230.6.0) | - | - | High
|
||||
2 | [57.70.182.0](https://vuldb.com/?ip.57.70.182.0) | - | - | High
|
||||
3 | [57.70.208.0](https://vuldb.com/?ip.57.70.208.0) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_nr.netset
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -91,59 +91,58 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `.../gogo/` | Medium
|
||||
3 | File | `.procmailrc` | Medium
|
||||
4 | File | `//proc/kcore` | Medium
|
||||
5 | File | `/admin.php/Admin/adminadd.html` | High
|
||||
6 | File | `/admin/` | Low
|
||||
7 | File | `/Admin/add-student.php` | High
|
||||
8 | File | `/admin/communitymanagement.php` | High
|
||||
9 | File | `/admin/contenttemp` | High
|
||||
10 | File | `/admin/extended` | High
|
||||
11 | File | `/admin/featured.php` | High
|
||||
12 | File | `/admin/generalsettings.php` | High
|
||||
13 | File | `/admin/login.php` | High
|
||||
14 | File | `/admin/modules/system/custom_field.php` | High
|
||||
15 | File | `/admin/newsletter1.php` | High
|
||||
16 | File | `/admin/payment.php` | High
|
||||
17 | File | `/admin/settings/save.php` | High
|
||||
18 | File | `/admin/students/manage.php` | High
|
||||
19 | File | `/admin/students/view_student.php` | High
|
||||
20 | File | `/admin/usermanagement.php` | High
|
||||
21 | File | `/api/addusers` | High
|
||||
22 | File | `/api/crontab` | Medium
|
||||
23 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
24 | File | `/api/user/upsert/<uuid>` | High
|
||||
25 | File | `/appliance/users?action=edit` | High
|
||||
26 | File | `/apply.cgi` | Medium
|
||||
27 | File | `/backup.pl` | Medium
|
||||
28 | File | `/cgi-bin/wapopen` | High
|
||||
29 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
30 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
31 | File | `/cgi-mod/lookup.cgi` | High
|
||||
32 | File | `/dashboard/updatelogo.php` | High
|
||||
33 | File | `/designer/add/layout` | High
|
||||
34 | File | `/edoc/doctor/patient.php` | High
|
||||
35 | File | `/etc/ldap.conf` | High
|
||||
36 | File | `/etc/shadow` | Medium
|
||||
37 | File | `/filemanager/upload/drop` | High
|
||||
38 | File | `/goform/addUserName` | High
|
||||
39 | File | `/goform/delAd` | High
|
||||
40 | File | `/goform/wifiSSIDset` | High
|
||||
41 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
42 | File | `/h/calendar` | Medium
|
||||
43 | File | `/h/compose` | Medium
|
||||
44 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
45 | File | `/index.asp` | Medium
|
||||
46 | File | `/index.php` | Medium
|
||||
47 | File | `/jfinal_cms/system/role/list` | High
|
||||
48 | File | `/librarian/bookdetails.php` | High
|
||||
49 | File | `/loginVaLidation.php` | High
|
||||
50 | File | `/manage-apartment.php` | High
|
||||
51 | File | `/manager/index.php` | High
|
||||
52 | File | `/mkshop/Men/profile.php` | High
|
||||
53 | File | `/Moosikay/order.php` | High
|
||||
54 | File | `/Noxen-master/users.php` | High
|
||||
55 | ... | ... | ...
|
||||
5 | File | `/?ajax-request=jnews` | High
|
||||
6 | File | `/admin.php/Admin/adminadd.html` | High
|
||||
7 | File | `/admin/` | Low
|
||||
8 | File | `/Admin/add-student.php` | High
|
||||
9 | File | `/admin/communitymanagement.php` | High
|
||||
10 | File | `/admin/contenttemp` | High
|
||||
11 | File | `/admin/extended` | High
|
||||
12 | File | `/admin/featured.php` | High
|
||||
13 | File | `/admin/generalsettings.php` | High
|
||||
14 | File | `/admin/login.php` | High
|
||||
15 | File | `/admin/modules/system/custom_field.php` | High
|
||||
16 | File | `/admin/newsletter1.php` | High
|
||||
17 | File | `/admin/payment.php` | High
|
||||
18 | File | `/admin/settings/save.php` | High
|
||||
19 | File | `/admin/students/manage.php` | High
|
||||
20 | File | `/admin/students/view_student.php` | High
|
||||
21 | File | `/admin/usermanagement.php` | High
|
||||
22 | File | `/api/addusers` | High
|
||||
23 | File | `/api/crontab` | Medium
|
||||
24 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
25 | File | `/api/user/upsert/<uuid>` | High
|
||||
26 | File | `/appliance/users?action=edit` | High
|
||||
27 | File | `/apply.cgi` | Medium
|
||||
28 | File | `/backup.pl` | Medium
|
||||
29 | File | `/cgi-bin/wapopen` | High
|
||||
30 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
31 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
32 | File | `/cgi-mod/lookup.cgi` | High
|
||||
33 | File | `/dashboard/updatelogo.php` | High
|
||||
34 | File | `/designer/add/layout` | High
|
||||
35 | File | `/edoc/doctor/patient.php` | High
|
||||
36 | File | `/etc/ldap.conf` | High
|
||||
37 | File | `/etc/shadow` | Medium
|
||||
38 | File | `/filemanager/upload/drop` | High
|
||||
39 | File | `/goform/addUserName` | High
|
||||
40 | File | `/goform/delAd` | High
|
||||
41 | File | `/goform/wifiSSIDset` | High
|
||||
42 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
43 | File | `/h/calendar` | Medium
|
||||
44 | File | `/h/compose` | Medium
|
||||
45 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
46 | File | `/index.asp` | Medium
|
||||
47 | File | `/index.php` | Medium
|
||||
48 | File | `/jfinal_cms/system/role/list` | High
|
||||
49 | File | `/librarian/bookdetails.php` | High
|
||||
50 | File | `/loginVaLidation.php` | High
|
||||
51 | File | `/manage-apartment.php` | High
|
||||
52 | File | `/manager/index.php` | High
|
||||
53 | File | `/mkshop/Men/profile.php` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 475 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 474 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -115,7 +115,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 23 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -139,34 +139,34 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/ctcprotocol/Protocol` | High
|
||||
15 | File | `/dashboard/menu-list.php` | High
|
||||
16 | File | `/data/remove` | Medium
|
||||
17 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/goforms/rlminfo` | High
|
||||
20 | File | `/Items/*/RemoteImages/Download` | High
|
||||
21 | File | `/menu.html` | Medium
|
||||
22 | File | `/navigate/navigate_download.php` | High
|
||||
23 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
24 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
25 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
26 | File | `/out.php` | Medium
|
||||
27 | File | `/password.html` | High
|
||||
28 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
29 | File | `/proc/ioports` | High
|
||||
30 | File | `/property-list/property_view.php` | High
|
||||
31 | File | `/ptms/classes/Users.php` | High
|
||||
32 | File | `/resources//../` | High
|
||||
33 | File | `/rest/api/2/search` | High
|
||||
34 | File | `/s/` | Low
|
||||
35 | File | `/scripts/cpan_config` | High
|
||||
36 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
37 | File | `/spip.php` | Medium
|
||||
38 | File | `/sys/dict/queryTableData` | High
|
||||
39 | File | `/tmp` | Low
|
||||
40 | File | `/uncpath/` | Medium
|
||||
41 | File | `/vloggers_merch/?p=view_product` | High
|
||||
17 | File | `/ebics-server/ebics.aspx` | High
|
||||
18 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/goforms/rlminfo` | High
|
||||
21 | File | `/HNAP1/SetClientInfo` | High
|
||||
22 | File | `/Items/*/RemoteImages/Download` | High
|
||||
23 | File | `/menu.html` | Medium
|
||||
24 | File | `/navigate/navigate_download.php` | High
|
||||
25 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
26 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
27 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/password.html` | High
|
||||
30 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
31 | File | `/property-list/property_view.php` | High
|
||||
32 | File | `/ptms/classes/Users.php` | High
|
||||
33 | File | `/resources//../` | High
|
||||
34 | File | `/rest/api/2/search` | High
|
||||
35 | File | `/s/` | Low
|
||||
36 | File | `/scripts/cpan_config` | High
|
||||
37 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
38 | File | `/shell` | Low
|
||||
39 | File | `/spip.php` | Medium
|
||||
40 | File | `/sys/dict/queryTableData` | High
|
||||
41 | File | `/tmp` | Low
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 366 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -442,7 +442,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -456,9 +456,9 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/alphaware/summary.php` | High
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/as/authorization.oauth2` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/APR/signup.php` | High
|
||||
10 | File | `/boat/login.php` | High
|
||||
11 | File | `/cgi-bin/luci/api/auth` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
|
@ -476,12 +476,13 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
25 | File | `/textpattern/index.php` | High
|
||||
26 | File | `/tmp` | Low
|
||||
27 | File | `/video-sharing-script/watch-video.php` | High
|
||||
28 | File | `account-signup.php` | High
|
||||
29 | File | `account/signup.php` | High
|
||||
30 | ... | ... | ...
|
||||
27 | File | `account-signup.php` | High
|
||||
28 | File | `account/signup.php` | High
|
||||
29 | File | `AcquisiAction.class.php` | High
|
||||
30 | File | `addentry.php` | Medium
|
||||
31 | ... | ... | ...
|
||||
|
||||
There are 258 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 259 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
There are 18 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -2633,13 +2633,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-27, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -2649,17 +2650,17 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/api/admin/system/store/order/list` | High
|
||||
4 | File | `/api/jmeter/download/files` | High
|
||||
5 | File | `/APR/login.php` | High
|
||||
6 | File | `/as/authorization.oauth2` | High
|
||||
7 | File | `/boat/login.php` | High
|
||||
8 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
9 | File | `/cgi-bin/luci/api/auth` | High
|
||||
10 | File | `/cgi-bin/wapopen` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/cimom` | Low
|
||||
13 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
3 | File | `/admin/delete_user.php` | High
|
||||
4 | File | `/admin/patient.php` | High
|
||||
5 | File | `/api/admin/system/store/order/list` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/as/authorization.oauth2` | High
|
||||
9 | File | `/boat/login.php` | High
|
||||
10 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
11 | File | `/cgi-bin/luci/api/auth` | High
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/DXR.axd` | Medium
|
||||
15 | File | `/ecshop/admin/template.php` | High
|
||||
16 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
|
@ -2675,15 +2676,19 @@ ID | Type | Indicator | Confidence
|
|||
26 | File | `/net-banking/customer_transactions.php` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/php-opos/index.php` | High
|
||||
29 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
30 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
31 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
32 | File | `/tmp/boa-temp` | High
|
||||
33 | File | `/tourism/rate_review.php` | High
|
||||
34 | File | `/uncpath/` | Medium
|
||||
35 | ... | ... | ...
|
||||
29 | File | `/public/launchNewWindow.jsp` | High
|
||||
30 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
31 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
32 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
33 | File | `/tmp/boa-temp` | High
|
||||
34 | File | `/tourism/rate_review.php` | High
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/wp-admin/admin-ajax.php` | High
|
||||
37 | File | `/wp-admin/options.php` | High
|
||||
38 | File | `/wp-json` | Medium
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 295 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 334 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -67,54 +67,70 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/admin.php/Admin/adminadd.html` | High
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
5 | File | `/admin/api/theme-edit/` | High
|
||||
6 | File | `/admin/article/list_approve` | High
|
||||
7 | File | `/admin/folderrollpicture/list` | High
|
||||
8 | File | `/admin/settings/save.php` | High
|
||||
9 | File | `/api/index.php` | High
|
||||
10 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
11 | File | `/api/upload-resource` | High
|
||||
12 | File | `/apply.cgi` | Medium
|
||||
13 | File | `/bd_genie_create_account.cgi` | High
|
||||
14 | File | `/csms/classes/Master.php?f=delete_booking` | High
|
||||
15 | File | `/dev/mem` | Medium
|
||||
16 | File | `/dev/mmz_userdev` | High
|
||||
17 | File | `/diagnostic/editcategory.php` | High
|
||||
18 | File | `/etc/crash` | Medium
|
||||
19 | File | `/etc/passwd` | Medium
|
||||
20 | File | `/goform/addUserName` | High
|
||||
21 | File | `/goform/delAd` | High
|
||||
22 | File | `/goform/SysToolReboot` | High
|
||||
23 | File | `/goform/SysToolRestoreSet` | High
|
||||
24 | File | `/goform/WifiBasicSet` | High
|
||||
25 | File | `/goform/wifiSSIDset` | High
|
||||
26 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
27 | File | `/h/search?action` | High
|
||||
28 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
29 | File | `/HNAP1` | Low
|
||||
1 | File | `/admin.php/Admin/adminadd.html` | High
|
||||
2 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
3 | File | `/admin/api/theme-edit/` | High
|
||||
4 | File | `/admin/settings/save.php` | High
|
||||
5 | File | `/ad_js.php` | Medium
|
||||
6 | File | `/agc/vicidial.php` | High
|
||||
7 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||||
8 | File | `/api/index.php` | High
|
||||
9 | File | `/apply.cgi` | Medium
|
||||
10 | File | `/APR/signup.php` | High
|
||||
11 | File | `/aux` | Low
|
||||
12 | File | `/categorypage.php` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/cha.php` | Medium
|
||||
15 | File | `/College/admin/teacher.php` | High
|
||||
16 | File | `/dev/mem` | Medium
|
||||
17 | File | `/drivers/block/floppy.c` | High
|
||||
18 | File | `/etc/config/product.ini` | High
|
||||
19 | File | `/etc/crash` | Medium
|
||||
20 | File | `/etc/passwd` | Medium
|
||||
21 | File | `/etc/shadow` | Medium
|
||||
22 | File | `/fos/admin/ajax.php` | High
|
||||
23 | File | `/goform/addUserName` | High
|
||||
24 | File | `/goform/delAd` | High
|
||||
25 | File | `/goform/SysToolReboot` | High
|
||||
26 | File | `/goform/SysToolRestoreSet` | High
|
||||
27 | File | `/goform/WifiBasicSet` | High
|
||||
28 | File | `/goform/wifiSSIDset` | High
|
||||
29 | File | `/gpac/src/bifs/unquantize.c` | High
|
||||
30 | File | `/hss/admin/categories/view_category.php` | High
|
||||
31 | File | `/htdocs/upnpinc/gena.php` | High
|
||||
32 | File | `/index.asp` | Medium
|
||||
33 | File | `/index.php` | Medium
|
||||
34 | File | `/index.php?module=entities/fields&entities_id=24` | High
|
||||
35 | File | `/jfinal_cms/system/role/list` | High
|
||||
36 | File | `/login/index.php` | High
|
||||
37 | File | `/medicines/profile.php` | High
|
||||
38 | File | `/menu.html` | Medium
|
||||
39 | File | `/module/report_event/index.php` | High
|
||||
40 | File | `/pdfalto/src/pdfalto.cc` | High
|
||||
41 | File | `/php-sms/admin/quotes/manage_remark.php` | High
|
||||
42 | File | `/phpinventory/edituser.php` | High
|
||||
43 | File | `/php_action/createProduct.php` | High
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/index.php?module=entities/fields&entities_id=24` | High
|
||||
33 | File | `/login/index.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/menu.html` | Medium
|
||||
36 | File | `/Moosikay/order.php` | High
|
||||
37 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
38 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
39 | File | `/pdfalto/src/pdfalto.cc` | High
|
||||
40 | File | `/philosophy/admin/login.php` | High
|
||||
41 | File | `/php-opos/login.php` | High
|
||||
42 | File | `/php-sms/admin/quotes/manage_remark.php` | High
|
||||
43 | File | `/priv_mgt.html` | High
|
||||
44 | File | `/queuing/index.php?page=display` | High
|
||||
45 | File | `/release-x64/otfccdump+0x6e1fc8` | High
|
||||
46 | ... | ... | ...
|
||||
45 | File | `/sys/duplicate/check` | High
|
||||
46 | File | `/tmp/app/.env` | High
|
||||
47 | File | `/ui/cbpc/login` | High
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/users/delete/2` | High
|
||||
50 | File | `/usr/sbin/httpd` | High
|
||||
51 | File | `/usr/sbin/nagios` | High
|
||||
52 | File | `/var/tmp/audacity-$USER` | High
|
||||
53 | File | `/webman/info.cgi` | High
|
||||
54 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
55 | File | `3G/UMTS` | Low
|
||||
56 | File | `aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java` | High
|
||||
57 | File | `account_change.php` | High
|
||||
58 | File | `ad.php` | Low
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `add_product.php` | High
|
||||
61 | File | `admin/partials/ajax/add_field_to_form.php` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 545 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -76,7 +76,7 @@ ID | Type | Indicator | Confidence
|
|||
23 | File | `admin_feature.php` | High
|
||||
24 | ... | ... | ...
|
||||
|
||||
There are 201 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 203 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [EG](https://vuldb.com/?country.eg)
|
||||
* ...
|
||||
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -58,40 +58,40 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/apply.cgi` | Medium
|
||||
3 | File | `/as/authorization.oauth2` | High
|
||||
4 | File | `/blogengine/api/posts` | High
|
||||
5 | File | `/cgi-bin/api-get_line_status` | High
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
8 | File | `/cgi-bin/upload_vpntar` | High
|
||||
9 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
10 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
11 | File | `/DXR.axd` | Medium
|
||||
12 | File | `/export` | Low
|
||||
13 | File | `/filemanager/php/connector.php` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/goform/delAd` | High
|
||||
16 | File | `/h/calendar` | Medium
|
||||
17 | File | `/login/index.php` | High
|
||||
18 | File | `/Moosikay/order.php` | High
|
||||
19 | File | `/obs/book.php` | High
|
||||
20 | File | `/products/view_product.php` | High
|
||||
21 | File | `/public/login.htm` | High
|
||||
22 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
23 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
24 | File | `/services/view_service.php` | High
|
||||
25 | File | `/shell` | Low
|
||||
26 | File | `/spip.php` | Medium
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/usr/bin/tddp` | High
|
||||
29 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
30 | File | `/webman/info.cgi` | High
|
||||
31 | File | `/wp-admin/admin-ajax.php` | High
|
||||
32 | File | `/wp-admin/options.php` | High
|
||||
2 | File | `/admin/patient.php` | High
|
||||
3 | File | `/apply.cgi` | Medium
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/api-get_line_status` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
9 | File | `/cgi-bin/upload_vpntar` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
12 | File | `/DXR.axd` | Medium
|
||||
13 | File | `/export` | Low
|
||||
14 | File | `/filemanager/php/connector.php` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/goform/delAd` | High
|
||||
17 | File | `/h/calendar` | Medium
|
||||
18 | File | `/login/index.php` | High
|
||||
19 | File | `/Moosikay/order.php` | High
|
||||
20 | File | `/obs/book.php` | High
|
||||
21 | File | `/products/view_product.php` | High
|
||||
22 | File | `/public/login.htm` | High
|
||||
23 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
24 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
25 | File | `/services/view_service.php` | High
|
||||
26 | File | `/shell` | Low
|
||||
27 | File | `/spip.php` | Medium
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/usr/bin/tddp` | High
|
||||
30 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
31 | File | `/webman/info.cgi` | High
|
||||
32 | File | `/wp-admin/admin-ajax.php` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 284 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 281 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Tick:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [KR](https://vuldb.com/?country.kr)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [KR](https://vuldb.com/?country.kr)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -18,12 +18,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [61.106.60.47](https://vuldb.com/?ip.61.106.60.47) | - | - | High
|
||||
2 | [110.45.203.133](https://vuldb.com/?ip.110.45.203.133) | - | - | High
|
||||
3 | [154.223.179.14](https://vuldb.com/?ip.154.223.179.14) | - | - | High
|
||||
1 | [58.230.118.78](https://vuldb.com/?ip.58.230.118.78) | mail.booksr.co.kr | - | High
|
||||
2 | [61.106.60.47](https://vuldb.com/?ip.61.106.60.47) | - | - | High
|
||||
3 | [103.127.124.76](https://vuldb.com/?ip.103.127.124.76) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more IOC items available. Please use our online service to access the data.
|
||||
There are 8 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -31,12 +31,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
2 | T1204.001 | CWE-601 | Open Redirect | High
|
||||
3 | T1505 | CWE-89 | SQL Injection | High
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -45,11 +45,11 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/forum/away.php` | High
|
||||
2 | File | `/uncpath/` | Medium
|
||||
3 | File | `data/gbconfiguration.dat` | High
|
||||
2 | File | `/login.html` | Medium
|
||||
3 | File | `/register/abort` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 12 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 21 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -57,6 +57,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
|
||||
* https://blogs.jpcert.or.jp/ja/2019/02/tick-activity.html
|
||||
* https://github.com/blackorbird/APT_REPORT/blob/master/summary/2021/mpressioncss_ta_report_2020_5_en.pdf
|
||||
* https://www.welivesecurity.com/2023/03/14/slow-ticking-time-bomb-tick-apt-group-dlp-software-developer-east-asia/
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
The following _campaigns_ are known and can be associated with TrickBot:
|
||||
|
||||
* AnchorMail
|
||||
* Bitzlato
|
||||
|
||||
## Countries
|
||||
|
||||
|
@ -27,204 +28,279 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [3.209.171.143](https://vuldb.com/?ip.3.209.171.143) | ec2-3-209-171-143.compute-1.amazonaws.com | - | Medium
|
||||
2 | [3.217.175.153](https://vuldb.com/?ip.3.217.175.153) | ec2-3-217-175-153.compute-1.amazonaws.com | - | Medium
|
||||
3 | [3.224.145.145](https://vuldb.com/?ip.3.224.145.145) | ec2-3-224-145-145.compute-1.amazonaws.com | - | Medium
|
||||
4 | [3.231.23.10](https://vuldb.com/?ip.3.231.23.10) | ec2-3-231-23-10.compute-1.amazonaws.com | - | Medium
|
||||
5 | [5.1.81.68](https://vuldb.com/?ip.5.1.81.68) | mx4.tarifvergleichbhv.net | - | High
|
||||
6 | [5.2.70.145](https://vuldb.com/?ip.5.2.70.145) | merlinsbeard.co.uk | - | High
|
||||
7 | [5.2.72.84](https://vuldb.com/?ip.5.2.72.84) | cipixia.com | - | High
|
||||
8 | [5.2.75.93](https://vuldb.com/?ip.5.2.75.93) | - | - | High
|
||||
9 | [5.2.75.167](https://vuldb.com/?ip.5.2.75.167) | coms.a9v34.com.cn | - | High
|
||||
10 | [5.2.76.122](https://vuldb.com/?ip.5.2.76.122) | mx3.ximple.eu | - | High
|
||||
11 | [5.2.78.118](https://vuldb.com/?ip.5.2.78.118) | - | - | High
|
||||
12 | [5.34.177.50](https://vuldb.com/?ip.5.34.177.50) | unallocated.layer6.net | - | High
|
||||
13 | [5.34.178.126](https://vuldb.com/?ip.5.34.178.126) | yhlas111410.pserver.ru | - | High
|
||||
14 | [5.39.47.22](https://vuldb.com/?ip.5.39.47.22) | mail.dmgs.site | - | High
|
||||
15 | [5.53.124.49](https://vuldb.com/?ip.5.53.124.49) | dgbtechnologies.com | - | High
|
||||
16 | [5.59.205.32](https://vuldb.com/?ip.5.59.205.32) | dhcp-32-205-59-5.metro86.ru | - | High
|
||||
17 | [5.133.179.108](https://vuldb.com/?ip.5.133.179.108) | 5-133-179-108.freeucouponsnow.ru | - | High
|
||||
18 | [5.149.253.99](https://vuldb.com/?ip.5.149.253.99) | - | - | High
|
||||
19 | [5.152.175.57](https://vuldb.com/?ip.5.152.175.57) | - | - | High
|
||||
20 | [5.182.210.30](https://vuldb.com/?ip.5.182.210.30) | realestatepromotion.ru | - | High
|
||||
21 | [5.182.210.109](https://vuldb.com/?ip.5.182.210.109) | - | - | High
|
||||
22 | [5.182.210.132](https://vuldb.com/?ip.5.182.210.132) | - | - | High
|
||||
23 | [5.182.210.178](https://vuldb.com/?ip.5.182.210.178) | mail.rainingdreams.to | - | High
|
||||
24 | [5.182.210.226](https://vuldb.com/?ip.5.182.210.226) | - | - | High
|
||||
25 | [5.182.210.230](https://vuldb.com/?ip.5.182.210.230) | - | - | High
|
||||
26 | [5.182.210.246](https://vuldb.com/?ip.5.182.210.246) | - | - | High
|
||||
27 | [5.182.210.254](https://vuldb.com/?ip.5.182.210.254) | n01-nlam.kdktech.com | - | High
|
||||
28 | [5.182.211.44](https://vuldb.com/?ip.5.182.211.44) | - | - | High
|
||||
29 | [5.196.247.14](https://vuldb.com/?ip.5.196.247.14) | ip14.ip-5-196-247.eu | - | High
|
||||
30 | [5.199.173.152](https://vuldb.com/?ip.5.199.173.152) | - | - | High
|
||||
31 | [5.230.22.40](https://vuldb.com/?ip.5.230.22.40) | - | - | High
|
||||
32 | [5.255.96.217](https://vuldb.com/?ip.5.255.96.217) | vps11.host1.be | - | High
|
||||
33 | [5.255.96.218](https://vuldb.com/?ip.5.255.96.218) | - | - | High
|
||||
34 | [8.247.119.126](https://vuldb.com/?ip.8.247.119.126) | - | - | High
|
||||
35 | [8.253.38.248](https://vuldb.com/?ip.8.253.38.248) | - | - | High
|
||||
36 | [8.253.140.118](https://vuldb.com/?ip.8.253.140.118) | - | - | High
|
||||
37 | [8.253.141.249](https://vuldb.com/?ip.8.253.141.249) | - | - | High
|
||||
38 | [8.253.154.236](https://vuldb.com/?ip.8.253.154.236) | - | - | High
|
||||
39 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
|
||||
40 | [14.241.244.60](https://vuldb.com/?ip.14.241.244.60) | - | - | High
|
||||
41 | [18.213.79.189](https://vuldb.com/?ip.18.213.79.189) | ec2-18-213-79-189.compute-1.amazonaws.com | - | Medium
|
||||
42 | [18.233.90.151](https://vuldb.com/?ip.18.233.90.151) | ec2-18-233-90-151.compute-1.amazonaws.com | - | Medium
|
||||
43 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
|
||||
44 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
|
||||
45 | [23.3.125.111](https://vuldb.com/?ip.23.3.125.111) | a23-3-125-111.deploy.static.akamaitechnologies.com | - | High
|
||||
46 | [23.19.31.135](https://vuldb.com/?ip.23.19.31.135) | - | - | High
|
||||
47 | [23.19.227.147](https://vuldb.com/?ip.23.19.227.147) | - | - | High
|
||||
48 | [23.20.220.174](https://vuldb.com/?ip.23.20.220.174) | ec2-23-20-220-174.compute-1.amazonaws.com | - | Medium
|
||||
49 | [23.21.27.29](https://vuldb.com/?ip.23.21.27.29) | ec2-23-21-27-29.compute-1.amazonaws.com | - | Medium
|
||||
50 | [23.21.48.44](https://vuldb.com/?ip.23.21.48.44) | ec2-23-21-48-44.compute-1.amazonaws.com | - | Medium
|
||||
51 | [23.21.121.219](https://vuldb.com/?ip.23.21.121.219) | ec2-23-21-121-219.compute-1.amazonaws.com | - | Medium
|
||||
52 | [23.21.252.4](https://vuldb.com/?ip.23.21.252.4) | ec2-23-21-252-4.compute-1.amazonaws.com | - | Medium
|
||||
53 | [23.23.83.153](https://vuldb.com/?ip.23.23.83.153) | ec2-23-23-83-153.compute-1.amazonaws.com | - | Medium
|
||||
54 | [23.23.243.154](https://vuldb.com/?ip.23.23.243.154) | ec2-23-23-243-154.compute-1.amazonaws.com | - | Medium
|
||||
55 | [23.46.150.43](https://vuldb.com/?ip.23.46.150.43) | a23-46-150-43.deploy.static.akamaitechnologies.com | - | High
|
||||
56 | [23.46.150.58](https://vuldb.com/?ip.23.46.150.58) | a23-46-150-58.deploy.static.akamaitechnologies.com | - | High
|
||||
57 | [23.46.150.81](https://vuldb.com/?ip.23.46.150.81) | a23-46-150-81.deploy.static.akamaitechnologies.com | - | High
|
||||
58 | [23.62.6.161](https://vuldb.com/?ip.23.62.6.161) | a23-62-6-161.deploy.static.akamaitechnologies.com | - | High
|
||||
59 | [23.62.6.170](https://vuldb.com/?ip.23.62.6.170) | a23-62-6-170.deploy.static.akamaitechnologies.com | - | High
|
||||
60 | [23.94.233.210](https://vuldb.com/?ip.23.94.233.210) | 23-94-233-210-host.colocrossing.com | - | High
|
||||
61 | [23.95.97.59](https://vuldb.com/?ip.23.95.97.59) | 23-95-97-59-host.colocrossing.com | - | High
|
||||
62 | [23.95.231.187](https://vuldb.com/?ip.23.95.231.187) | 23-95-231-187-host.colocrossing.com | - | High
|
||||
63 | [23.96.30.229](https://vuldb.com/?ip.23.96.30.229) | - | - | High
|
||||
64 | [23.160.192.125](https://vuldb.com/?ip.23.160.192.125) | unknown.ip-xfer.net | - | High
|
||||
65 | [23.160.193.106](https://vuldb.com/?ip.23.160.193.106) | unknown.ip-xfer.net | - | High
|
||||
66 | [23.202.231.166](https://vuldb.com/?ip.23.202.231.166) | a23-202-231-166.deploy.static.akamaitechnologies.com | - | High
|
||||
67 | [23.217.138.107](https://vuldb.com/?ip.23.217.138.107) | a23-217-138-107.deploy.static.akamaitechnologies.com | - | High
|
||||
68 | [24.162.214.166](https://vuldb.com/?ip.24.162.214.166) | cpe-24-162-214-166.elp.res.rr.com | - | High
|
||||
69 | [27.72.107.215](https://vuldb.com/?ip.27.72.107.215) | dynamic-adsl.viettel.vn | - | High
|
||||
70 | [27.147.173.227](https://vuldb.com/?ip.27.147.173.227) | 173.227.cetus.link3.net | - | High
|
||||
71 | [30.10.121.157](https://vuldb.com/?ip.30.10.121.157) | - | - | High
|
||||
72 | [31.131.21.184](https://vuldb.com/?ip.31.131.21.184) | - | - | High
|
||||
73 | [31.131.26.122](https://vuldb.com/?ip.31.131.26.122) | - | - | High
|
||||
74 | [31.134.60.181](https://vuldb.com/?ip.31.134.60.181) | 31-134-60-181.telico.pl | - | High
|
||||
75 | [31.134.124.90](https://vuldb.com/?ip.31.134.124.90) | - | - | High
|
||||
76 | [31.172.177.90](https://vuldb.com/?ip.31.172.177.90) | poczta.mp-lift.pl | - | High
|
||||
77 | [31.184.253.6](https://vuldb.com/?ip.31.184.253.6) | - | - | High
|
||||
78 | [31.184.253.37](https://vuldb.com/?ip.31.184.253.37) | models9.vixgrafica.de | - | High
|
||||
79 | [31.202.132.22](https://vuldb.com/?ip.31.202.132.22) | - | - | High
|
||||
80 | [31.211.85.110](https://vuldb.com/?ip.31.211.85.110) | - | - | High
|
||||
81 | [31.214.138.207](https://vuldb.com/?ip.31.214.138.207) | f0a4213918138.rev.snt.net.pl | - | High
|
||||
82 | [34.117.59.81](https://vuldb.com/?ip.34.117.59.81) | 81.59.117.34.bc.googleusercontent.com | - | Medium
|
||||
83 | [34.160.111.145](https://vuldb.com/?ip.34.160.111.145) | 145.111.160.34.bc.googleusercontent.com | - | Medium
|
||||
84 | [34.192.250.175](https://vuldb.com/?ip.34.192.250.175) | ec2-34-192-250-175.compute-1.amazonaws.com | - | Medium
|
||||
85 | [34.196.181.158](https://vuldb.com/?ip.34.196.181.158) | ec2-34-196-181-158.compute-1.amazonaws.com | - | Medium
|
||||
86 | [34.198.132.204](https://vuldb.com/?ip.34.198.132.204) | ec2-34-198-132-204.compute-1.amazonaws.com | - | Medium
|
||||
87 | [34.233.102.38](https://vuldb.com/?ip.34.233.102.38) | ec2-34-233-102-38.compute-1.amazonaws.com | - | Medium
|
||||
88 | [36.37.176.6](https://vuldb.com/?ip.36.37.176.6) | - | - | High
|
||||
89 | [36.66.115.180](https://vuldb.com/?ip.36.66.115.180) | - | - | High
|
||||
90 | [36.66.188.251](https://vuldb.com/?ip.36.66.188.251) | - | - | High
|
||||
91 | [36.89.85.103](https://vuldb.com/?ip.36.89.85.103) | - | - | High
|
||||
92 | [36.89.106.69](https://vuldb.com/?ip.36.89.106.69) | - | - | High
|
||||
93 | [36.89.191.119](https://vuldb.com/?ip.36.89.191.119) | - | - | High
|
||||
94 | [36.89.193.181](https://vuldb.com/?ip.36.89.193.181) | - | - | High
|
||||
95 | [36.89.193.235](https://vuldb.com/?ip.36.89.193.235) | - | - | High
|
||||
96 | [36.89.228.201](https://vuldb.com/?ip.36.89.228.201) | - | - | High
|
||||
97 | [36.89.243.241](https://vuldb.com/?ip.36.89.243.241) | - | - | High
|
||||
98 | [36.91.45.10](https://vuldb.com/?ip.36.91.45.10) | - | - | High
|
||||
99 | [36.91.87.227](https://vuldb.com/?ip.36.91.87.227) | - | - | High
|
||||
100 | [36.91.88.164](https://vuldb.com/?ip.36.91.88.164) | - | - | High
|
||||
101 | [36.91.117.231](https://vuldb.com/?ip.36.91.117.231) | - | - | High
|
||||
102 | [36.91.186.235](https://vuldb.com/?ip.36.91.186.235) | - | - | High
|
||||
103 | [36.94.27.124](https://vuldb.com/?ip.36.94.27.124) | - | - | High
|
||||
104 | [36.94.33.102](https://vuldb.com/?ip.36.94.33.102) | - | - | High
|
||||
105 | [36.94.100.202](https://vuldb.com/?ip.36.94.100.202) | - | - | High
|
||||
106 | [36.95.23.89](https://vuldb.com/?ip.36.95.23.89) | - | - | High
|
||||
107 | [36.95.27.243](https://vuldb.com/?ip.36.95.27.243) | - | - | High
|
||||
108 | [37.7.123.244](https://vuldb.com/?ip.37.7.123.244) | apn-37-7-123-244.dynamic.gprs.plus.pl | - | High
|
||||
109 | [37.44.212.179](https://vuldb.com/?ip.37.44.212.179) | - | - | High
|
||||
110 | [37.44.212.216](https://vuldb.com/?ip.37.44.212.216) | - | - | High
|
||||
111 | [37.59.183.142](https://vuldb.com/?ip.37.59.183.142) | - | - | High
|
||||
112 | [37.228.70.134](https://vuldb.com/?ip.37.228.70.134) | - | - | High
|
||||
113 | [37.228.117.146](https://vuldb.com/?ip.37.228.117.146) | metobor.ru | - | High
|
||||
114 | [37.228.117.250](https://vuldb.com/?ip.37.228.117.250) | janome.ru | - | High
|
||||
115 | [37.230.112.146](https://vuldb.com/?ip.37.230.112.146) | audiotop.ru | - | High
|
||||
116 | [37.230.114.93](https://vuldb.com/?ip.37.230.114.93) | admin1.fvds.ru | - | High
|
||||
117 | [37.230.114.248](https://vuldb.com/?ip.37.230.114.248) | kosmolot.com | - | High
|
||||
118 | [37.230.115.129](https://vuldb.com/?ip.37.230.115.129) | dvcarry.fvds.ru | - | High
|
||||
119 | [37.230.115.133](https://vuldb.com/?ip.37.230.115.133) | wdai.io | - | High
|
||||
120 | [37.230.115.138](https://vuldb.com/?ip.37.230.115.138) | i2.com | - | High
|
||||
121 | [37.230.115.171](https://vuldb.com/?ip.37.230.115.171) | geobrox.com | - | High
|
||||
122 | [37.230.115.184](https://vuldb.com/?ip.37.230.115.184) | 21922vdscom.com | - | High
|
||||
123 | [38.132.99.174](https://vuldb.com/?ip.38.132.99.174) | - | - | High
|
||||
124 | [41.77.134.250](https://vuldb.com/?ip.41.77.134.250) | cliente6386477933.clubnet.mz | - | High
|
||||
125 | [41.175.22.226](https://vuldb.com/?ip.41.175.22.226) | - | - | High
|
||||
126 | [41.243.29.182](https://vuldb.com/?ip.41.243.29.182) | 182-29-243-41.r.airtel.cd | - | High
|
||||
127 | [43.245.216.116](https://vuldb.com/?ip.43.245.216.116) | - | - | High
|
||||
128 | [45.5.152.39](https://vuldb.com/?ip.45.5.152.39) | - | - | High
|
||||
129 | [45.6.16.68](https://vuldb.com/?ip.45.6.16.68) | - | - | High
|
||||
130 | [45.14.226.115](https://vuldb.com/?ip.45.14.226.115) | - | - | High
|
||||
131 | [45.36.99.184](https://vuldb.com/?ip.45.36.99.184) | cpe-45-36-99-184.triad.res.rr.com | - | High
|
||||
132 | [45.66.11.116](https://vuldb.com/?ip.45.66.11.116) | vm1488716.2ssd.had.wf | - | High
|
||||
133 | [45.80.148.30](https://vuldb.com/?ip.45.80.148.30) | - | - | High
|
||||
134 | [45.89.127.92](https://vuldb.com/?ip.45.89.127.92) | - | - | High
|
||||
135 | [45.115.172.105](https://vuldb.com/?ip.45.115.172.105) | - | - | High
|
||||
136 | [45.125.1.34](https://vuldb.com/?ip.45.125.1.34) | 45.125.1.34.static.xtom.hk | - | High
|
||||
137 | [45.127.222.8](https://vuldb.com/?ip.45.127.222.8) | - | - | High
|
||||
138 | [45.137.151.198](https://vuldb.com/?ip.45.137.151.198) | ourdiaspora.net | - | High
|
||||
139 | [45.138.158.32](https://vuldb.com/?ip.45.138.158.32) | - | - | High
|
||||
140 | [45.142.213.58](https://vuldb.com/?ip.45.142.213.58) | vm372119.pq.hosting | - | High
|
||||
141 | [45.144.113.168](https://vuldb.com/?ip.45.144.113.168) | - | - | High
|
||||
142 | [45.148.120.153](https://vuldb.com/?ip.45.148.120.153) | - | - | High
|
||||
143 | [45.148.120.195](https://vuldb.com/?ip.45.148.120.195) | pe195.peryon.web.tr | - | High
|
||||
144 | [45.155.173.242](https://vuldb.com/?ip.45.155.173.242) | - | - | High
|
||||
145 | [45.160.145.11](https://vuldb.com/?ip.45.160.145.11) | - | - | High
|
||||
146 | [45.160.145.179](https://vuldb.com/?ip.45.160.145.179) | - | - | High
|
||||
147 | [45.160.145.216](https://vuldb.com/?ip.45.160.145.216) | - | - | High
|
||||
148 | [45.167.249.126](https://vuldb.com/?ip.45.167.249.126) | - | - | High
|
||||
149 | [45.178.142.14](https://vuldb.com/?ip.45.178.142.14) | - | - | High
|
||||
150 | [45.201.134.202](https://vuldb.com/?ip.45.201.134.202) | - | - | High
|
||||
151 | [45.224.214.34](https://vuldb.com/?ip.45.224.214.34) | clientes-214-34.intercommtech.com.br | - | High
|
||||
152 | [45.229.71.211](https://vuldb.com/?ip.45.229.71.211) | static-45-229-71-211.extrememt.com.br | - | High
|
||||
153 | [45.234.248.154](https://vuldb.com/?ip.45.234.248.154) | 45.-234.248-154.rev.voanet.br | - | High
|
||||
154 | [46.4.167.250](https://vuldb.com/?ip.46.4.167.250) | ip-subnet46-4-167.unassigned.theideahosting.net | - | High
|
||||
155 | [46.8.21.10](https://vuldb.com/?ip.46.8.21.10) | 53980.web.hosting-russia.ru | - | High
|
||||
156 | [46.8.21.113](https://vuldb.com/?ip.46.8.21.113) | 64403.web.hosting-russia.ru | - | High
|
||||
157 | [46.30.41.229](https://vuldb.com/?ip.46.30.41.229) | vm494526.eurodir.ru | - | High
|
||||
158 | [46.30.45.208](https://vuldb.com/?ip.46.30.45.208) | vm418209.eurodir.ru | - | High
|
||||
159 | [46.99.175.149](https://vuldb.com/?ip.46.99.175.149) | - | - | High
|
||||
160 | [46.99.175.217](https://vuldb.com/?ip.46.99.175.217) | - | - | High
|
||||
161 | [46.99.188.223](https://vuldb.com/?ip.46.99.188.223) | - | - | High
|
||||
162 | [46.209.140.220](https://vuldb.com/?ip.46.209.140.220) | - | - | High
|
||||
163 | [46.237.117.193](https://vuldb.com/?ip.46.237.117.193) | - | - | High
|
||||
164 | [46.254.128.174](https://vuldb.com/?ip.46.254.128.174) | 46.254.128.174.lanultra.net | - | High
|
||||
165 | [49.156.34.134](https://vuldb.com/?ip.49.156.34.134) | - | - | High
|
||||
166 | [49.176.188.184](https://vuldb.com/?ip.49.176.188.184) | static-n49-176-188-184.bla2.nsw.optusnet.com.au | - | High
|
||||
167 | [50.16.229.140](https://vuldb.com/?ip.50.16.229.140) | ec2-50-16-229-140.compute-1.amazonaws.com | - | Medium
|
||||
168 | [50.19.247.198](https://vuldb.com/?ip.50.19.247.198) | ec2-50-19-247-198.compute-1.amazonaws.com | - | Medium
|
||||
169 | [51.38.101.194](https://vuldb.com/?ip.51.38.101.194) | - | - | High
|
||||
170 | [51.68.247.62](https://vuldb.com/?ip.51.68.247.62) | ip62.ip-51-68-247.eu | - | High
|
||||
171 | [51.77.92.215](https://vuldb.com/?ip.51.77.92.215) | - | - | High
|
||||
172 | [51.81.112.144](https://vuldb.com/?ip.51.81.112.144) | - | - | High
|
||||
173 | [51.81.113.25](https://vuldb.com/?ip.51.81.113.25) | - | - | High
|
||||
174 | [51.89.73.159](https://vuldb.com/?ip.51.89.73.159) | theladbible.site | - | High
|
||||
175 | [51.89.115.101](https://vuldb.com/?ip.51.89.115.101) | secure-3111.buzztary.com | - | High
|
||||
176 | [51.89.115.108](https://vuldb.com/?ip.51.89.115.108) | coms.jt120.com.cn | - | High
|
||||
177 | [51.89.115.110](https://vuldb.com/?ip.51.89.115.110) | pocket-usage.nationfox.net | - | High
|
||||
178 | [51.89.115.112](https://vuldb.com/?ip.51.89.115.112) | brides-crude.nationfox.net | - | High
|
||||
179 | [51.89.115.116](https://vuldb.com/?ip.51.89.115.116) | tombe.nationfox.net | - | High
|
||||
180 | [51.89.115.121](https://vuldb.com/?ip.51.89.115.121) | mail1.cmailer.online | - | High
|
||||
181 | [51.89.115.124](https://vuldb.com/?ip.51.89.115.124) | mta.ga-emailcamel.com | - | High
|
||||
182 | [51.89.177.20](https://vuldb.com/?ip.51.89.177.20) | ip20.ip-51-89-177.eu | - | High
|
||||
183 | [51.159.23.217](https://vuldb.com/?ip.51.159.23.217) | jambold.co.uk | - | High
|
||||
184 | [51.254.25.115](https://vuldb.com/?ip.51.254.25.115) | ip115.ip-51-254-25.eu | - | High
|
||||
185 | [51.254.69.244](https://vuldb.com/?ip.51.254.69.244) | - | - | High
|
||||
186 | [51.254.83.17](https://vuldb.com/?ip.51.254.83.17) | ip17.ip-51-254-83.eu | - | High
|
||||
187 | [51.254.164.243](https://vuldb.com/?ip.51.254.164.243) | amortizserv.info | - | High
|
||||
188 | [51.254.164.244](https://vuldb.com/?ip.51.254.164.244) | y9gs.gaurented.com | - | High
|
||||
189 | [51.254.164.245](https://vuldb.com/?ip.51.254.164.245) | ip245.ip-51-254-164.eu | - | High
|
||||
190 | [51.254.164.249](https://vuldb.com/?ip.51.254.164.249) | ip249.ip-51-254-164.eu | - | High
|
||||
191 | [52.0.197.231](https://vuldb.com/?ip.52.0.197.231) | ec2-52-0-197-231.compute-1.amazonaws.com | - | Medium
|
||||
192 | [52.20.78.240](https://vuldb.com/?ip.52.20.78.240) | ec2-52-20-78-240.compute-1.amazonaws.com | - | Medium
|
||||
193 | [52.20.197.7](https://vuldb.com/?ip.52.20.197.7) | ec2-52-20-197-7.compute-1.amazonaws.com | - | Medium
|
||||
194 | [52.44.169.135](https://vuldb.com/?ip.52.44.169.135) | ec2-52-44-169-135.compute-1.amazonaws.com | - | Medium
|
||||
195 | [52.55.255.113](https://vuldb.com/?ip.52.55.255.113) | ec2-52-55-255-113.compute-1.amazonaws.com | - | Medium
|
||||
196 | ... | ... | ... | ...
|
||||
1 | [3.130.204.160](https://vuldb.com/?ip.3.130.204.160) | ec2-3-130-204-160.us-east-2.compute.amazonaws.com | Bitzlato | Medium
|
||||
2 | [3.131.233.90](https://vuldb.com/?ip.3.131.233.90) | ec2-3-131-233-90.us-east-2.compute.amazonaws.com | Bitzlato | Medium
|
||||
3 | [3.209.171.143](https://vuldb.com/?ip.3.209.171.143) | ec2-3-209-171-143.compute-1.amazonaws.com | - | Medium
|
||||
4 | [3.217.175.153](https://vuldb.com/?ip.3.217.175.153) | ec2-3-217-175-153.compute-1.amazonaws.com | - | Medium
|
||||
5 | [3.224.145.145](https://vuldb.com/?ip.3.224.145.145) | ec2-3-224-145-145.compute-1.amazonaws.com | - | Medium
|
||||
6 | [3.231.23.10](https://vuldb.com/?ip.3.231.23.10) | ec2-3-231-23-10.compute-1.amazonaws.com | - | Medium
|
||||
7 | [5.1.81.68](https://vuldb.com/?ip.5.1.81.68) | mx4.tarifvergleichbhv.net | - | High
|
||||
8 | [5.2.70.145](https://vuldb.com/?ip.5.2.70.145) | merlinsbeard.co.uk | - | High
|
||||
9 | [5.2.72.84](https://vuldb.com/?ip.5.2.72.84) | cipixia.com | - | High
|
||||
10 | [5.2.75.93](https://vuldb.com/?ip.5.2.75.93) | - | - | High
|
||||
11 | [5.2.75.167](https://vuldb.com/?ip.5.2.75.167) | coms.a9v34.com.cn | - | High
|
||||
12 | [5.2.76.122](https://vuldb.com/?ip.5.2.76.122) | mx3.ximple.eu | - | High
|
||||
13 | [5.2.78.118](https://vuldb.com/?ip.5.2.78.118) | - | - | High
|
||||
14 | [5.34.177.50](https://vuldb.com/?ip.5.34.177.50) | unallocated.layer6.net | - | High
|
||||
15 | [5.34.178.126](https://vuldb.com/?ip.5.34.178.126) | yhlas111410.pserver.ru | - | High
|
||||
16 | [5.39.47.22](https://vuldb.com/?ip.5.39.47.22) | mail.dmgs.site | - | High
|
||||
17 | [5.53.124.49](https://vuldb.com/?ip.5.53.124.49) | dgbtechnologies.com | - | High
|
||||
18 | [5.59.205.32](https://vuldb.com/?ip.5.59.205.32) | dhcp-32-205-59-5.metro86.ru | - | High
|
||||
19 | [5.79.68.107](https://vuldb.com/?ip.5.79.68.107) | - | Bitzlato | High
|
||||
20 | [5.79.68.108](https://vuldb.com/?ip.5.79.68.108) | - | Bitzlato | High
|
||||
21 | [5.79.68.109](https://vuldb.com/?ip.5.79.68.109) | - | Bitzlato | High
|
||||
22 | [5.79.68.110](https://vuldb.com/?ip.5.79.68.110) | - | Bitzlato | High
|
||||
23 | [5.133.179.108](https://vuldb.com/?ip.5.133.179.108) | 5-133-179-108.freeucouponsnow.ru | - | High
|
||||
24 | [5.149.253.99](https://vuldb.com/?ip.5.149.253.99) | - | - | High
|
||||
25 | [5.152.175.57](https://vuldb.com/?ip.5.152.175.57) | - | - | High
|
||||
26 | [5.182.210.30](https://vuldb.com/?ip.5.182.210.30) | realestatepromotion.ru | - | High
|
||||
27 | [5.182.210.109](https://vuldb.com/?ip.5.182.210.109) | - | - | High
|
||||
28 | [5.182.210.132](https://vuldb.com/?ip.5.182.210.132) | - | - | High
|
||||
29 | [5.182.210.178](https://vuldb.com/?ip.5.182.210.178) | mail.rainingdreams.to | - | High
|
||||
30 | [5.182.210.226](https://vuldb.com/?ip.5.182.210.226) | - | - | High
|
||||
31 | [5.182.210.230](https://vuldb.com/?ip.5.182.210.230) | - | - | High
|
||||
32 | [5.182.210.246](https://vuldb.com/?ip.5.182.210.246) | - | - | High
|
||||
33 | [5.182.210.254](https://vuldb.com/?ip.5.182.210.254) | n01-nlam.kdktech.com | - | High
|
||||
34 | [5.182.211.44](https://vuldb.com/?ip.5.182.211.44) | - | - | High
|
||||
35 | [5.196.247.14](https://vuldb.com/?ip.5.196.247.14) | ip14.ip-5-196-247.eu | - | High
|
||||
36 | [5.199.173.152](https://vuldb.com/?ip.5.199.173.152) | - | - | High
|
||||
37 | [5.230.22.40](https://vuldb.com/?ip.5.230.22.40) | - | - | High
|
||||
38 | [5.255.96.217](https://vuldb.com/?ip.5.255.96.217) | vps11.host1.be | - | High
|
||||
39 | [5.255.96.218](https://vuldb.com/?ip.5.255.96.218) | - | - | High
|
||||
40 | [8.247.119.126](https://vuldb.com/?ip.8.247.119.126) | - | - | High
|
||||
41 | [8.253.38.248](https://vuldb.com/?ip.8.253.38.248) | - | - | High
|
||||
42 | [8.253.140.118](https://vuldb.com/?ip.8.253.140.118) | - | - | High
|
||||
43 | [8.253.141.249](https://vuldb.com/?ip.8.253.141.249) | - | - | High
|
||||
44 | [8.253.154.236](https://vuldb.com/?ip.8.253.154.236) | - | - | High
|
||||
45 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
|
||||
46 | [14.241.244.60](https://vuldb.com/?ip.14.241.244.60) | - | - | High
|
||||
47 | [18.213.79.189](https://vuldb.com/?ip.18.213.79.189) | ec2-18-213-79-189.compute-1.amazonaws.com | - | Medium
|
||||
48 | [18.213.250.117](https://vuldb.com/?ip.18.213.250.117) | ec2-18-213-250-117.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
49 | [18.215.128.143](https://vuldb.com/?ip.18.215.128.143) | ec2-18-215-128-143.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
50 | [18.233.90.151](https://vuldb.com/?ip.18.233.90.151) | ec2-18-233-90-151.compute-1.amazonaws.com | - | Medium
|
||||
51 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
|
||||
52 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
|
||||
53 | [23.3.125.111](https://vuldb.com/?ip.23.3.125.111) | a23-3-125-111.deploy.static.akamaitechnologies.com | - | High
|
||||
54 | [23.19.31.135](https://vuldb.com/?ip.23.19.31.135) | - | - | High
|
||||
55 | [23.19.227.147](https://vuldb.com/?ip.23.19.227.147) | - | - | High
|
||||
56 | [23.20.220.174](https://vuldb.com/?ip.23.20.220.174) | ec2-23-20-220-174.compute-1.amazonaws.com | - | Medium
|
||||
57 | [23.20.239.12](https://vuldb.com/?ip.23.20.239.12) | ec2-23-20-239-12.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
58 | [23.21.27.29](https://vuldb.com/?ip.23.21.27.29) | ec2-23-21-27-29.compute-1.amazonaws.com | - | Medium
|
||||
59 | [23.21.48.44](https://vuldb.com/?ip.23.21.48.44) | ec2-23-21-48-44.compute-1.amazonaws.com | - | Medium
|
||||
60 | [23.21.121.219](https://vuldb.com/?ip.23.21.121.219) | ec2-23-21-121-219.compute-1.amazonaws.com | - | Medium
|
||||
61 | [23.21.252.4](https://vuldb.com/?ip.23.21.252.4) | ec2-23-21-252-4.compute-1.amazonaws.com | - | Medium
|
||||
62 | [23.23.83.153](https://vuldb.com/?ip.23.23.83.153) | ec2-23-23-83-153.compute-1.amazonaws.com | - | Medium
|
||||
63 | [23.23.243.154](https://vuldb.com/?ip.23.23.243.154) | ec2-23-23-243-154.compute-1.amazonaws.com | - | Medium
|
||||
64 | [23.46.150.43](https://vuldb.com/?ip.23.46.150.43) | a23-46-150-43.deploy.static.akamaitechnologies.com | - | High
|
||||
65 | [23.46.150.58](https://vuldb.com/?ip.23.46.150.58) | a23-46-150-58.deploy.static.akamaitechnologies.com | - | High
|
||||
66 | [23.46.150.81](https://vuldb.com/?ip.23.46.150.81) | a23-46-150-81.deploy.static.akamaitechnologies.com | - | High
|
||||
67 | [23.62.6.161](https://vuldb.com/?ip.23.62.6.161) | a23-62-6-161.deploy.static.akamaitechnologies.com | - | High
|
||||
68 | [23.62.6.170](https://vuldb.com/?ip.23.62.6.170) | a23-62-6-170.deploy.static.akamaitechnologies.com | - | High
|
||||
69 | [23.94.233.210](https://vuldb.com/?ip.23.94.233.210) | 23-94-233-210-host.colocrossing.com | - | High
|
||||
70 | [23.95.97.59](https://vuldb.com/?ip.23.95.97.59) | 23-95-97-59-host.colocrossing.com | - | High
|
||||
71 | [23.95.231.187](https://vuldb.com/?ip.23.95.231.187) | 23-95-231-187-host.colocrossing.com | - | High
|
||||
72 | [23.96.30.229](https://vuldb.com/?ip.23.96.30.229) | - | - | High
|
||||
73 | [23.160.192.125](https://vuldb.com/?ip.23.160.192.125) | unknown.ip-xfer.net | - | High
|
||||
74 | [23.160.193.106](https://vuldb.com/?ip.23.160.193.106) | unknown.ip-xfer.net | - | High
|
||||
75 | [23.202.231.166](https://vuldb.com/?ip.23.202.231.166) | a23-202-231-166.deploy.static.akamaitechnologies.com | - | High
|
||||
76 | [23.202.231.167](https://vuldb.com/?ip.23.202.231.167) | a23-202-231-167.deploy.static.akamaitechnologies.com | Bitzlato | High
|
||||
77 | [23.217.138.107](https://vuldb.com/?ip.23.217.138.107) | a23-217-138-107.deploy.static.akamaitechnologies.com | - | High
|
||||
78 | [23.217.138.108](https://vuldb.com/?ip.23.217.138.108) | a23-217-138-108.deploy.static.akamaitechnologies.com | Bitzlato | High
|
||||
79 | [24.162.214.166](https://vuldb.com/?ip.24.162.214.166) | cpe-24-162-214-166.elp.res.rr.com | - | High
|
||||
80 | [27.72.107.215](https://vuldb.com/?ip.27.72.107.215) | dynamic-adsl.viettel.vn | - | High
|
||||
81 | [27.147.173.227](https://vuldb.com/?ip.27.147.173.227) | 173.227.cetus.link3.net | - | High
|
||||
82 | [30.10.121.157](https://vuldb.com/?ip.30.10.121.157) | - | - | High
|
||||
83 | [31.31.204.59](https://vuldb.com/?ip.31.31.204.59) | cluster25.reg.ru | Bitzlato | High
|
||||
84 | [31.31.204.61](https://vuldb.com/?ip.31.31.204.61) | parking.reg.ru | Bitzlato | High
|
||||
85 | [31.131.21.184](https://vuldb.com/?ip.31.131.21.184) | - | - | High
|
||||
86 | [31.131.26.122](https://vuldb.com/?ip.31.131.26.122) | - | - | High
|
||||
87 | [31.134.60.181](https://vuldb.com/?ip.31.134.60.181) | 31-134-60-181.telico.pl | - | High
|
||||
88 | [31.134.124.90](https://vuldb.com/?ip.31.134.124.90) | - | - | High
|
||||
89 | [31.172.177.90](https://vuldb.com/?ip.31.172.177.90) | poczta.mp-lift.pl | - | High
|
||||
90 | [31.184.253.6](https://vuldb.com/?ip.31.184.253.6) | - | - | High
|
||||
91 | [31.184.253.37](https://vuldb.com/?ip.31.184.253.37) | models9.vixgrafica.de | - | High
|
||||
92 | [31.202.132.22](https://vuldb.com/?ip.31.202.132.22) | - | - | High
|
||||
93 | [31.211.85.110](https://vuldb.com/?ip.31.211.85.110) | - | - | High
|
||||
94 | [31.214.138.207](https://vuldb.com/?ip.31.214.138.207) | f0a4213918138.rev.snt.net.pl | - | High
|
||||
95 | [31.220.16.53](https://vuldb.com/?ip.31.220.16.53) | - | Bitzlato | High
|
||||
96 | [34.117.59.81](https://vuldb.com/?ip.34.117.59.81) | 81.59.117.34.bc.googleusercontent.com | - | Medium
|
||||
97 | [34.160.111.145](https://vuldb.com/?ip.34.160.111.145) | 145.111.160.34.bc.googleusercontent.com | - | Medium
|
||||
98 | [34.192.250.175](https://vuldb.com/?ip.34.192.250.175) | ec2-34-192-250-175.compute-1.amazonaws.com | - | Medium
|
||||
99 | [34.196.181.158](https://vuldb.com/?ip.34.196.181.158) | ec2-34-196-181-158.compute-1.amazonaws.com | - | Medium
|
||||
100 | [34.198.132.204](https://vuldb.com/?ip.34.198.132.204) | ec2-34-198-132-204.compute-1.amazonaws.com | - | Medium
|
||||
101 | [34.233.102.38](https://vuldb.com/?ip.34.233.102.38) | ec2-34-233-102-38.compute-1.amazonaws.com | - | Medium
|
||||
102 | [36.37.176.6](https://vuldb.com/?ip.36.37.176.6) | - | - | High
|
||||
103 | [36.66.115.180](https://vuldb.com/?ip.36.66.115.180) | - | - | High
|
||||
104 | [36.66.188.251](https://vuldb.com/?ip.36.66.188.251) | - | - | High
|
||||
105 | [36.89.85.103](https://vuldb.com/?ip.36.89.85.103) | - | - | High
|
||||
106 | [36.89.106.69](https://vuldb.com/?ip.36.89.106.69) | - | - | High
|
||||
107 | [36.89.191.119](https://vuldb.com/?ip.36.89.191.119) | - | - | High
|
||||
108 | [36.89.193.181](https://vuldb.com/?ip.36.89.193.181) | - | - | High
|
||||
109 | [36.89.193.235](https://vuldb.com/?ip.36.89.193.235) | - | - | High
|
||||
110 | [36.89.228.201](https://vuldb.com/?ip.36.89.228.201) | - | - | High
|
||||
111 | [36.89.243.241](https://vuldb.com/?ip.36.89.243.241) | - | - | High
|
||||
112 | [36.91.45.10](https://vuldb.com/?ip.36.91.45.10) | - | - | High
|
||||
113 | [36.91.87.227](https://vuldb.com/?ip.36.91.87.227) | - | - | High
|
||||
114 | [36.91.88.164](https://vuldb.com/?ip.36.91.88.164) | - | - | High
|
||||
115 | [36.91.117.231](https://vuldb.com/?ip.36.91.117.231) | - | - | High
|
||||
116 | [36.91.186.235](https://vuldb.com/?ip.36.91.186.235) | - | - | High
|
||||
117 | [36.94.27.124](https://vuldb.com/?ip.36.94.27.124) | - | - | High
|
||||
118 | [36.94.33.102](https://vuldb.com/?ip.36.94.33.102) | - | - | High
|
||||
119 | [36.94.100.202](https://vuldb.com/?ip.36.94.100.202) | - | - | High
|
||||
120 | [36.95.23.89](https://vuldb.com/?ip.36.95.23.89) | - | - | High
|
||||
121 | [36.95.27.243](https://vuldb.com/?ip.36.95.27.243) | - | - | High
|
||||
122 | [37.7.123.244](https://vuldb.com/?ip.37.7.123.244) | apn-37-7-123-244.dynamic.gprs.plus.pl | - | High
|
||||
123 | [37.44.212.179](https://vuldb.com/?ip.37.44.212.179) | - | - | High
|
||||
124 | [37.44.212.216](https://vuldb.com/?ip.37.44.212.216) | - | - | High
|
||||
125 | [37.48.65.136](https://vuldb.com/?ip.37.48.65.136) | - | Bitzlato | High
|
||||
126 | [37.48.65.143](https://vuldb.com/?ip.37.48.65.143) | - | Bitzlato | High
|
||||
127 | [37.48.65.145](https://vuldb.com/?ip.37.48.65.145) | - | Bitzlato | High
|
||||
128 | [37.48.65.148](https://vuldb.com/?ip.37.48.65.148) | - | Bitzlato | High
|
||||
129 | [37.48.65.149](https://vuldb.com/?ip.37.48.65.149) | - | Bitzlato | High
|
||||
130 | [37.48.65.150](https://vuldb.com/?ip.37.48.65.150) | - | Bitzlato | High
|
||||
131 | [37.48.65.151](https://vuldb.com/?ip.37.48.65.151) | - | Bitzlato | High
|
||||
132 | [37.48.65.152](https://vuldb.com/?ip.37.48.65.152) | - | Bitzlato | High
|
||||
133 | [37.48.65.153](https://vuldb.com/?ip.37.48.65.153) | - | Bitzlato | High
|
||||
134 | [37.48.65.154](https://vuldb.com/?ip.37.48.65.154) | - | Bitzlato | High
|
||||
135 | [37.48.65.155](https://vuldb.com/?ip.37.48.65.155) | - | Bitzlato | High
|
||||
136 | [37.59.183.142](https://vuldb.com/?ip.37.59.183.142) | - | - | High
|
||||
137 | [37.228.70.134](https://vuldb.com/?ip.37.228.70.134) | - | - | High
|
||||
138 | [37.228.117.146](https://vuldb.com/?ip.37.228.117.146) | metobor.ru | - | High
|
||||
139 | [37.228.117.250](https://vuldb.com/?ip.37.228.117.250) | janome.ru | - | High
|
||||
140 | [37.230.112.146](https://vuldb.com/?ip.37.230.112.146) | audiotop.ru | - | High
|
||||
141 | [37.230.114.93](https://vuldb.com/?ip.37.230.114.93) | admin1.fvds.ru | - | High
|
||||
142 | [37.230.114.248](https://vuldb.com/?ip.37.230.114.248) | kosmolot.com | - | High
|
||||
143 | [37.230.115.129](https://vuldb.com/?ip.37.230.115.129) | dvcarry.fvds.ru | - | High
|
||||
144 | [37.230.115.133](https://vuldb.com/?ip.37.230.115.133) | wdai.io | - | High
|
||||
145 | [37.230.115.138](https://vuldb.com/?ip.37.230.115.138) | i2.com | - | High
|
||||
146 | [37.230.115.171](https://vuldb.com/?ip.37.230.115.171) | geobrox.com | - | High
|
||||
147 | [37.230.115.184](https://vuldb.com/?ip.37.230.115.184) | 21922vdscom.com | - | High
|
||||
148 | [38.132.99.174](https://vuldb.com/?ip.38.132.99.174) | - | - | High
|
||||
149 | [41.77.134.250](https://vuldb.com/?ip.41.77.134.250) | cliente6386477933.clubnet.mz | - | High
|
||||
150 | [41.175.22.226](https://vuldb.com/?ip.41.175.22.226) | - | - | High
|
||||
151 | [41.243.29.182](https://vuldb.com/?ip.41.243.29.182) | 182-29-243-41.r.airtel.cd | - | High
|
||||
152 | [43.245.216.116](https://vuldb.com/?ip.43.245.216.116) | - | - | High
|
||||
153 | [45.5.152.39](https://vuldb.com/?ip.45.5.152.39) | - | - | High
|
||||
154 | [45.6.16.68](https://vuldb.com/?ip.45.6.16.68) | - | - | High
|
||||
155 | [45.14.226.115](https://vuldb.com/?ip.45.14.226.115) | - | - | High
|
||||
156 | [45.36.99.184](https://vuldb.com/?ip.45.36.99.184) | cpe-45-36-99-184.triad.res.rr.com | - | High
|
||||
157 | [45.66.11.116](https://vuldb.com/?ip.45.66.11.116) | vm1488716.2ssd.had.wf | - | High
|
||||
158 | [45.77.55.61](https://vuldb.com/?ip.45.77.55.61) | 45.77.55.61.vultrusercontent.com | Bitzlato | High
|
||||
159 | [45.80.148.30](https://vuldb.com/?ip.45.80.148.30) | - | - | High
|
||||
160 | [45.89.127.92](https://vuldb.com/?ip.45.89.127.92) | - | - | High
|
||||
161 | [45.115.172.105](https://vuldb.com/?ip.45.115.172.105) | - | - | High
|
||||
162 | [45.125.1.34](https://vuldb.com/?ip.45.125.1.34) | 45.125.1.34.static.xtom.hk | - | High
|
||||
163 | [45.127.222.8](https://vuldb.com/?ip.45.127.222.8) | - | - | High
|
||||
164 | [45.137.151.198](https://vuldb.com/?ip.45.137.151.198) | ourdiaspora.net | - | High
|
||||
165 | [45.138.158.32](https://vuldb.com/?ip.45.138.158.32) | - | - | High
|
||||
166 | [45.142.213.58](https://vuldb.com/?ip.45.142.213.58) | vm372119.pq.hosting | - | High
|
||||
167 | [45.144.113.168](https://vuldb.com/?ip.45.144.113.168) | - | - | High
|
||||
168 | [45.148.120.153](https://vuldb.com/?ip.45.148.120.153) | - | - | High
|
||||
169 | [45.148.120.195](https://vuldb.com/?ip.45.148.120.195) | pe195.peryon.web.tr | - | High
|
||||
170 | [45.155.173.242](https://vuldb.com/?ip.45.155.173.242) | - | - | High
|
||||
171 | [45.160.145.11](https://vuldb.com/?ip.45.160.145.11) | - | - | High
|
||||
172 | [45.160.145.179](https://vuldb.com/?ip.45.160.145.179) | - | - | High
|
||||
173 | [45.160.145.216](https://vuldb.com/?ip.45.160.145.216) | - | - | High
|
||||
174 | [45.167.249.126](https://vuldb.com/?ip.45.167.249.126) | - | - | High
|
||||
175 | [45.178.142.14](https://vuldb.com/?ip.45.178.142.14) | - | - | High
|
||||
176 | [45.201.134.202](https://vuldb.com/?ip.45.201.134.202) | - | - | High
|
||||
177 | [45.224.214.34](https://vuldb.com/?ip.45.224.214.34) | clientes-214-34.intercommtech.com.br | - | High
|
||||
178 | [45.229.71.211](https://vuldb.com/?ip.45.229.71.211) | static-45-229-71-211.extrememt.com.br | - | High
|
||||
179 | [45.234.248.154](https://vuldb.com/?ip.45.234.248.154) | 45.-234.248-154.rev.voanet.br | - | High
|
||||
180 | [46.4.167.250](https://vuldb.com/?ip.46.4.167.250) | ip-subnet46-4-167.unassigned.theideahosting.net | - | High
|
||||
181 | [46.8.21.10](https://vuldb.com/?ip.46.8.21.10) | 53980.web.hosting-russia.ru | - | High
|
||||
182 | [46.8.21.113](https://vuldb.com/?ip.46.8.21.113) | 64403.web.hosting-russia.ru | - | High
|
||||
183 | [46.30.41.229](https://vuldb.com/?ip.46.30.41.229) | vm494526.eurodir.ru | - | High
|
||||
184 | [46.30.45.208](https://vuldb.com/?ip.46.30.45.208) | vm418209.eurodir.ru | - | High
|
||||
185 | [46.99.175.149](https://vuldb.com/?ip.46.99.175.149) | - | - | High
|
||||
186 | [46.99.175.217](https://vuldb.com/?ip.46.99.175.217) | - | - | High
|
||||
187 | [46.99.188.223](https://vuldb.com/?ip.46.99.188.223) | - | - | High
|
||||
188 | [46.166.182.54](https://vuldb.com/?ip.46.166.182.54) | suggest-wrong.shamrockuser.com | Bitzlato | High
|
||||
189 | [46.166.182.62](https://vuldb.com/?ip.46.166.182.62) | all-multiuser.aboveoption.com | Bitzlato | High
|
||||
190 | [46.209.140.220](https://vuldb.com/?ip.46.209.140.220) | - | - | High
|
||||
191 | [46.237.117.193](https://vuldb.com/?ip.46.237.117.193) | - | - | High
|
||||
192 | [46.254.128.174](https://vuldb.com/?ip.46.254.128.174) | 46.254.128.174.lanultra.net | - | High
|
||||
193 | [49.156.34.134](https://vuldb.com/?ip.49.156.34.134) | - | - | High
|
||||
194 | [49.176.188.184](https://vuldb.com/?ip.49.176.188.184) | static-n49-176-188-184.bla2.nsw.optusnet.com.au | - | High
|
||||
195 | [50.16.229.140](https://vuldb.com/?ip.50.16.229.140) | ec2-50-16-229-140.compute-1.amazonaws.com | - | Medium
|
||||
196 | [50.19.247.198](https://vuldb.com/?ip.50.19.247.198) | ec2-50-19-247-198.compute-1.amazonaws.com | - | Medium
|
||||
197 | [50.63.202.53](https://vuldb.com/?ip.50.63.202.53) | 53.202.63.50.host.secureserver.net | Bitzlato | High
|
||||
198 | [50.63.202.64](https://vuldb.com/?ip.50.63.202.64) | 64.202.63.50.host.secureserver.net | Bitzlato | High
|
||||
199 | [50.63.202.65](https://vuldb.com/?ip.50.63.202.65) | 65.202.63.50.host.secureserver.net | Bitzlato | High
|
||||
200 | [50.63.202.69](https://vuldb.com/?ip.50.63.202.69) | 69.202.63.50.host.secureserver.net | Bitzlato | High
|
||||
201 | [50.63.202.93](https://vuldb.com/?ip.50.63.202.93) | 93.202.63.50.host.secureserver.net | Bitzlato | High
|
||||
202 | [51.38.101.194](https://vuldb.com/?ip.51.38.101.194) | - | - | High
|
||||
203 | [51.68.247.62](https://vuldb.com/?ip.51.68.247.62) | ip62.ip-51-68-247.eu | - | High
|
||||
204 | [51.77.92.215](https://vuldb.com/?ip.51.77.92.215) | - | - | High
|
||||
205 | [51.81.112.144](https://vuldb.com/?ip.51.81.112.144) | - | - | High
|
||||
206 | [51.81.113.25](https://vuldb.com/?ip.51.81.113.25) | - | - | High
|
||||
207 | [51.89.73.159](https://vuldb.com/?ip.51.89.73.159) | theladbible.site | - | High
|
||||
208 | [51.89.115.101](https://vuldb.com/?ip.51.89.115.101) | secure-3111.buzztary.com | - | High
|
||||
209 | [51.89.115.108](https://vuldb.com/?ip.51.89.115.108) | coms.jt120.com.cn | - | High
|
||||
210 | [51.89.115.110](https://vuldb.com/?ip.51.89.115.110) | pocket-usage.nationfox.net | - | High
|
||||
211 | [51.89.115.112](https://vuldb.com/?ip.51.89.115.112) | brides-crude.nationfox.net | - | High
|
||||
212 | [51.89.115.116](https://vuldb.com/?ip.51.89.115.116) | tombe.nationfox.net | - | High
|
||||
213 | [51.89.115.121](https://vuldb.com/?ip.51.89.115.121) | mail1.cmailer.online | - | High
|
||||
214 | [51.89.115.124](https://vuldb.com/?ip.51.89.115.124) | mta.ga-emailcamel.com | - | High
|
||||
215 | [51.89.177.20](https://vuldb.com/?ip.51.89.177.20) | ip20.ip-51-89-177.eu | - | High
|
||||
216 | [51.159.23.217](https://vuldb.com/?ip.51.159.23.217) | jambold.co.uk | - | High
|
||||
217 | [51.254.25.115](https://vuldb.com/?ip.51.254.25.115) | ip115.ip-51-254-25.eu | - | High
|
||||
218 | [51.254.69.244](https://vuldb.com/?ip.51.254.69.244) | - | - | High
|
||||
219 | [51.254.83.17](https://vuldb.com/?ip.51.254.83.17) | ip17.ip-51-254-83.eu | - | High
|
||||
220 | [51.254.164.243](https://vuldb.com/?ip.51.254.164.243) | amortizserv.info | - | High
|
||||
221 | [51.254.164.244](https://vuldb.com/?ip.51.254.164.244) | y9gs.gaurented.com | - | High
|
||||
222 | [51.254.164.245](https://vuldb.com/?ip.51.254.164.245) | ip245.ip-51-254-164.eu | - | High
|
||||
223 | [51.254.164.249](https://vuldb.com/?ip.51.254.164.249) | ip249.ip-51-254-164.eu | - | High
|
||||
224 | [52.0.197.231](https://vuldb.com/?ip.52.0.197.231) | ec2-52-0-197-231.compute-1.amazonaws.com | - | Medium
|
||||
225 | [52.0.217.44](https://vuldb.com/?ip.52.0.217.44) | ec2-52-0-217-44.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
226 | [52.4.209.250](https://vuldb.com/?ip.52.4.209.250) | ec2-52-4-209-250.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
227 | [52.6.128.155](https://vuldb.com/?ip.52.6.128.155) | ec2-52-6-128-155.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
228 | [52.20.78.240](https://vuldb.com/?ip.52.20.78.240) | ec2-52-20-78-240.compute-1.amazonaws.com | - | Medium
|
||||
229 | [52.20.197.7](https://vuldb.com/?ip.52.20.197.7) | ec2-52-20-197-7.compute-1.amazonaws.com | - | Medium
|
||||
230 | [52.44.169.135](https://vuldb.com/?ip.52.44.169.135) | ec2-52-44-169-135.compute-1.amazonaws.com | - | Medium
|
||||
231 | [52.54.24.134](https://vuldb.com/?ip.52.54.24.134) | ec2-52-54-24-134.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
232 | [52.55.255.113](https://vuldb.com/?ip.52.55.255.113) | ec2-52-55-255-113.compute-1.amazonaws.com | - | Medium
|
||||
233 | [52.73.179.54](https://vuldb.com/?ip.52.73.179.54) | ec2-52-73-179-54.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
234 | [52.202.139.131](https://vuldb.com/?ip.52.202.139.131) | ec2-52-202-139-131.compute-1.amazonaws.com | - | Medium
|
||||
235 | [52.204.109.97](https://vuldb.com/?ip.52.204.109.97) | ec2-52-204-109-97.compute-1.amazonaws.com | - | Medium
|
||||
236 | [52.206.161.133](https://vuldb.com/?ip.52.206.161.133) | ec2-52-206-161-133.compute-1.amazonaws.com | - | Medium
|
||||
237 | [52.206.178.1](https://vuldb.com/?ip.52.206.178.1) | ec2-52-206-178-1.compute-1.amazonaws.com | - | Medium
|
||||
238 | [53.182.82.27](https://vuldb.com/?ip.53.182.82.27) | - | - | High
|
||||
239 | [54.39.106.25](https://vuldb.com/?ip.54.39.106.25) | ns560342.ip-54-39-106.net | - | High
|
||||
240 | [54.111.105.80](https://vuldb.com/?ip.54.111.105.80) | - | - | High
|
||||
241 | [54.161.222.85](https://vuldb.com/?ip.54.161.222.85) | ec2-54-161-222-85.compute-1.amazonaws.com | Bitzlato | Medium
|
||||
242 | [54.204.36.156](https://vuldb.com/?ip.54.204.36.156) | ec2-54-204-36-156.compute-1.amazonaws.com | - | Medium
|
||||
243 | [54.221.253.252](https://vuldb.com/?ip.54.221.253.252) | ec2-54-221-253-252.compute-1.amazonaws.com | - | Medium
|
||||
244 | [54.225.159.35](https://vuldb.com/?ip.54.225.159.35) | ec2-54-225-159-35.compute-1.amazonaws.com | - | Medium
|
||||
245 | [54.235.124.112](https://vuldb.com/?ip.54.235.124.112) | ec2-54-235-124-112.compute-1.amazonaws.com | - | Medium
|
||||
246 | [54.235.203.7](https://vuldb.com/?ip.54.235.203.7) | ec2-54-235-203-7.compute-1.amazonaws.com | - | Medium
|
||||
247 | [54.235.220.229](https://vuldb.com/?ip.54.235.220.229) | ec2-54-235-220-229.compute-1.amazonaws.com | - | Medium
|
||||
248 | [54.243.147.226](https://vuldb.com/?ip.54.243.147.226) | ec2-54-243-147-226.compute-1.amazonaws.com | - | Medium
|
||||
249 | [54.243.198.12](https://vuldb.com/?ip.54.243.198.12) | ec2-54-243-198-12.compute-1.amazonaws.com | - | Medium
|
||||
250 | [54.243.208.112](https://vuldb.com/?ip.54.243.208.112) | ec2-54-243-208-112.compute-1.amazonaws.com | - | Medium
|
||||
251 | [58.97.72.83](https://vuldb.com/?ip.58.97.72.83) | 58-97-72-83.static.asianet.co.th | - | High
|
||||
252 | [60.51.47.65](https://vuldb.com/?ip.60.51.47.65) | - | - | High
|
||||
253 | [61.69.102.170](https://vuldb.com/?ip.61.69.102.170) | 61-69-102-170.mel.static-ipl.aapt.com.au | - | High
|
||||
254 | [62.64.9.237](https://vuldb.com/?ip.62.64.9.237) | clients-62.64.9.237.misp.ru | - | High
|
||||
255 | [62.69.241.103](https://vuldb.com/?ip.62.69.241.103) | 62-69-241-103.internetia.net.pl | - | High
|
||||
256 | [62.99.76.213](https://vuldb.com/?ip.62.99.76.213) | 213.62-99-76.static.clientes.euskaltel.es | - | High
|
||||
257 | [62.99.79.77](https://vuldb.com/?ip.62.99.79.77) | 77.62-99-79.static.clientes.euskaltel.es | - | High
|
||||
258 | [62.109.2.172](https://vuldb.com/?ip.62.109.2.172) | megamart24.ru | - | High
|
||||
259 | [62.109.6.188](https://vuldb.com/?ip.62.109.6.188) | velomarket31.ru | - | High
|
||||
260 | [62.109.14.24](https://vuldb.com/?ip.62.109.14.24) | btc-manager1.ru | - | High
|
||||
261 | [62.109.16.17](https://vuldb.com/?ip.62.109.16.17) | jl.ru5 | - | High
|
||||
262 | [62.109.22.2](https://vuldb.com/?ip.62.109.22.2) | youavto.ru | - | High
|
||||
263 | [62.109.22.172](https://vuldb.com/?ip.62.109.22.172) | map4child.fvds.ru | - | High
|
||||
264 | [62.109.24.176](https://vuldb.com/?ip.62.109.24.176) | api.etkrasnodar.ru | - | High
|
||||
265 | [62.109.24.242](https://vuldb.com/?ip.62.109.24.242) | cadtain.ru | - | High
|
||||
266 | [62.109.25.11](https://vuldb.com/?ip.62.109.25.11) | vsefilmy.xyz | - | High
|
||||
267 | [62.109.26.121](https://vuldb.com/?ip.62.109.26.121) | shekaa.fvds.ru | - | High
|
||||
268 | [62.109.26.208](https://vuldb.com/?ip.62.109.26.208) | botsutetiana20195.vps | - | High
|
||||
269 | [62.109.26.251](https://vuldb.com/?ip.62.109.26.251) | oiltrend.ru | - | High
|
||||
270 | [62.109.27.196](https://vuldb.com/?ip.62.109.27.196) | ru.gorbacheff.fvds.ru | - | High
|
||||
271 | ... | ... | ... | ...
|
||||
|
||||
There are 778 more IOC items available. Please use our online service to access the data.
|
||||
There are 1078 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -235,7 +311,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
@ -254,39 +330,40 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/conferences/list/` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/submit-articles` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/admin/system/store/order/list` | High
|
||||
10 | File | `/api/audits` | Medium
|
||||
11 | File | `/api/sys_username_passwd.cmd` | High
|
||||
12 | File | `/apply.cgi` | Medium
|
||||
13 | File | `/attachments` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php` | High
|
||||
16 | File | `/bsms_ci/index.php/book` | High
|
||||
17 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
20 | File | `/env` | Low
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/etc/quagga` | Medium
|
||||
23 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/FreshRSS/p/ext.php` | High
|
||||
26 | File | `/goform/CertListInfo` | High
|
||||
27 | File | `/goform/fast_setting_wifi_set` | High
|
||||
28 | File | `/goform/L7Im` | Medium
|
||||
29 | File | `/goform/NatStaticSetting` | High
|
||||
30 | File | `/goform/SafeClientFilter` | High
|
||||
31 | File | `/goform/SafeMacFilter` | High
|
||||
32 | File | `/goform/SafeUrlFilter` | High
|
||||
33 | File | `/goform/setMacFilterCfg` | High
|
||||
34 | File | `/goform/SysToolReboot` | High
|
||||
35 | File | `/goform/SysToolRestoreSet` | High
|
||||
36 | File | `/goform/VirtualSer` | High
|
||||
37 | ... | ... | ...
|
||||
7 | File | `/alphaware/summary.php` | High
|
||||
8 | File | `/api/admin/system/store/order/list` | High
|
||||
9 | File | `/api/audits` | Medium
|
||||
10 | File | `/apply.cgi` | Medium
|
||||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/book` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/env` | Low
|
||||
18 | File | `/etc/hosts` | Medium
|
||||
19 | File | `/etc/quagga` | Medium
|
||||
20 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/FreshRSS/p/ext.php` | High
|
||||
23 | File | `/goform/CertListInfo` | High
|
||||
24 | File | `/goform/fast_setting_wifi_set` | High
|
||||
25 | File | `/goform/L7Im` | Medium
|
||||
26 | File | `/goform/NatStaticSetting` | High
|
||||
27 | File | `/goform/SafeClientFilter` | High
|
||||
28 | File | `/goform/SafeMacFilter` | High
|
||||
29 | File | `/goform/SafeUrlFilter` | High
|
||||
30 | File | `/goform/setMacFilterCfg` | High
|
||||
31 | File | `/goform/SysToolReboot` | High
|
||||
32 | File | `/goform/SysToolRestoreSet` | High
|
||||
33 | File | `/goform/VirtualSer` | High
|
||||
34 | File | `/hardware` | Medium
|
||||
35 | File | `/horde/util/go.php` | High
|
||||
36 | File | `/leave_system/admin/?page=maintenance/department` | High
|
||||
37 | File | `/lib` | Low
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 320 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 323 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -335,6 +412,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blogs.infoblox.com/cyber-threat-intelligence/ransomware-attacks-target-healthcare-sector/
|
||||
* https://community.blueliv.com/#!/s/611a51a282df413eb235470a
|
||||
* https://community.blueliv.com/#!/s/60414fc982df413eaf34607d
|
||||
* https://ddanchev.blogspot.com/2023/02/exposing-trickbots-bitzlato.html
|
||||
* https://feodotracker.abuse.ch/downloads/ipblocklist.csv
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-08-19%20Trickbot%20IOCs
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-10-20%20Trickbot%20IOCs
|
||||
|
|
|
@ -70,7 +70,7 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `admin/dashboard.php` | High
|
||||
10 | ... | ... | ...
|
||||
|
||||
There are 73 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 74 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [AF](https://vuldb.com/?country.af)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
|
|
@ -16,10 +16,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [DK](https://vuldb.com/?country.dk)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -325,14 +325,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-35 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -340,50 +339,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `$HOME/.printers` | High
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/CPE` | Low
|
||||
4 | File | `/forum/PostPrivateMessage` | High
|
||||
5 | File | `/home/cavesConsole` | High
|
||||
6 | File | `/home/kickPlayer` | High
|
||||
7 | File | `/home/masterConsole` | High
|
||||
8 | File | `/home/sendBroadcast` | High
|
||||
9 | File | `/login/index.php` | High
|
||||
10 | File | `/oews/classes/Master.php?f=update_cart` | High
|
||||
11 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
12 | File | `/output/outdbg.c` | High
|
||||
13 | File | `/output/outieee.c` | High
|
||||
14 | File | `/param.file.tgz` | High
|
||||
15 | File | `/password/reset` | High
|
||||
16 | File | `/ptippage.cgi` | High
|
||||
17 | File | `/ptipupgrade.cgi` | High
|
||||
18 | File | `/royal_event/userregister.php` | High
|
||||
19 | File | `/setnetworksettings/IPAddress` | High
|
||||
20 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
21 | File | `/u/username.json` | High
|
||||
22 | File | `/user/s.php` | Medium
|
||||
23 | File | `/user/updatePwd` | High
|
||||
24 | File | `/wireless/basic.asp` | High
|
||||
25 | File | `/wireless/guestnetwork.asp` | High
|
||||
26 | File | `01article.php` | High
|
||||
27 | File | `add-locker-form.php` | High
|
||||
28 | File | `admin/abc.php` | High
|
||||
29 | File | `admin/add_payment.php` | High
|
||||
30 | File | `admin/approve_user.php` | High
|
||||
31 | File | `admin/disapprove_user.php` | High
|
||||
32 | File | `admin/expense_report.php` | High
|
||||
33 | File | `admin/forget_password.php` | High
|
||||
34 | File | `admin/make_payments.php` | High
|
||||
35 | File | `admin/manage_user.php` | High
|
||||
36 | File | `admin/page-login.php` | High
|
||||
37 | File | `admin/practice_pdf.php` | High
|
||||
38 | File | `admin\model\catalog\download.php` | High
|
||||
39 | File | `admin_class.php` | High
|
||||
40 | File | `agent/listener/templates/tail.html` | High
|
||||
41 | File | `ajax_invoice.php` | High
|
||||
42 | ... | ... | ...
|
||||
1 | File | `$GIT_DIR/objects` | High
|
||||
2 | File | `/+CSCOE+/logon.html` | High
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/add-new.php` | High
|
||||
7 | File | `/admin/admin.php` | High
|
||||
8 | File | `/admin/ajax.php` | High
|
||||
9 | File | `/admin/content/index` | High
|
||||
10 | File | `/admin/doctors.php` | High
|
||||
11 | File | `/admin/edit-doc.php` | High
|
||||
12 | File | `/admin/index3.php` | High
|
||||
13 | File | `/admin/login.php` | High
|
||||
14 | File | `/admin/patient.php` | High
|
||||
15 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
16 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
17 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
18 | File | `/adms/classes/Users.php` | High
|
||||
19 | File | `/alphaware/summary.php` | High
|
||||
20 | File | `/api/admin/system/store/order/list` | High
|
||||
21 | File | `/apply.cgi` | Medium
|
||||
22 | File | `/APR/login.php` | High
|
||||
23 | File | `/APR/signup.php` | High
|
||||
24 | File | `/backup.pl` | Medium
|
||||
25 | File | `/bin/httpd` | Medium
|
||||
26 | File | `/boat/login.php` | High
|
||||
27 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
28 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
29 | File | `/data/config.ftp.php` | High
|
||||
30 | File | `/ecshop/admin/template.php` | High
|
||||
31 | File | `/editor/index.php` | High
|
||||
32 | File | `/edoc/doctor/patient.php` | High
|
||||
33 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
34 | File | `/file_manager/login.php` | High
|
||||
35 | File | `/fos/admin/ajax.php?action=save_settings` | High
|
||||
36 | File | `/goform/SetSysTimeCfg` | High
|
||||
37 | File | `/home/cavesConsole` | High
|
||||
38 | File | `/Moosikay/order.php` | High
|
||||
39 | File | `/oews/classes/Master.php?f=update_cart` | High
|
||||
40 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
41 | File | `/param.file.tgz` | High
|
||||
42 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
43 | File | `/philosophy/admin/login.php` | High
|
||||
44 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
45 | File | `/php-opos/index.php` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 364 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -790,20 +790,20 @@ ID | Type | Indicator | Confidence
|
|||
36 | File | `/MIME/INBOX-MM-1/` | High
|
||||
37 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
38 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
39 | File | `/out.php` | Medium
|
||||
40 | File | `/php-opos/index.php` | High
|
||||
41 | File | `/project/PROJECTNAME/reports/` | High
|
||||
42 | File | `/proxy` | Low
|
||||
43 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
44 | File | `/reports/rwservlet` | High
|
||||
45 | File | `/reservation/add_message.php` | High
|
||||
46 | File | `/spip.php` | Medium
|
||||
47 | File | `/tmp` | Low
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/var/log/nginx` | High
|
||||
39 | File | `/php-opos/index.php` | High
|
||||
40 | File | `/project/PROJECTNAME/reports/` | High
|
||||
41 | File | `/proxy` | Low
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/reservation/add_message.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/tmp` | Low
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/var/log/nginx` | High
|
||||
49 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 437 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
33800
actors/Unknown/README.md
33800
actors/Unknown/README.md
File diff suppressed because it is too large
Load Diff
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,12 +47,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `adclick.php` | Medium
|
||||
2 | File | `comersus_backoffice_searchitemform.asp` | High
|
||||
3 | File | `data/gbconfiguration.dat` | High
|
||||
1 | File | `/fax/fax_send.php` | High
|
||||
2 | File | `adclick.php` | Medium
|
||||
3 | File | `comersus_backoffice_searchitemform.asp` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 22 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 24 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -121,7 +121,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -130,49 +130,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/theme-edit/` | High
|
||||
4 | File | `/admin/image/list` | High
|
||||
5 | File | `/admin/submit-articles` | High
|
||||
6 | File | `/admin/transactions/update_status.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/ad_js.php` | Medium
|
||||
9 | File | `/attachments` | Medium
|
||||
10 | File | `/bsms_ci/index.php/book` | High
|
||||
11 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
12 | File | `/cms/category/list` | High
|
||||
13 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/Default/Bd` | Medium
|
||||
16 | File | `/ebics-server/ebics.aspx` | High
|
||||
17 | File | `/egroupware/index.php` | High
|
||||
18 | File | `/etc/hosts` | Medium
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forums/editforum.php` | High
|
||||
21 | File | `/goform/CertListInfo` | High
|
||||
22 | File | `/goform/setmac` | High
|
||||
23 | File | `/goform/wizard_end` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/index.php?module=entities/entities` | High
|
||||
27 | File | `/manage-apartment.php` | High
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/pages/apply_vacancy.php` | High
|
||||
32 | File | `/param.file.tgz` | High
|
||||
33 | File | `/proxy` | Low
|
||||
34 | File | `/public_html/users.php` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/sys/duplicate/check` | High
|
||||
37 | File | `/tmp` | Low
|
||||
38 | File | `/uncpath/` | Medium
|
||||
39 | File | `/upload` | Low
|
||||
40 | File | `/user/s.php` | Medium
|
||||
41 | File | `/var/log/nginx` | High
|
||||
42 | ... | ... | ...
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/Admin/add-student.php` | High
|
||||
6 | File | `/admin/api/theme-edit/` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/image/list` | High
|
||||
9 | File | `/admin/index3.php` | High
|
||||
10 | File | `/admin/submit-articles` | High
|
||||
11 | File | `/admin/transactions/update_status.php` | High
|
||||
12 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
13 | File | `/alphaware/summary.php` | High
|
||||
14 | File | `/attachments` | Medium
|
||||
15 | File | `/boat/login.php` | High
|
||||
16 | File | `/bsms_ci/index.php/book` | High
|
||||
17 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
18 | File | `/cms/category/list` | High
|
||||
19 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/Default/Bd` | Medium
|
||||
22 | File | `/ebics-server/ebics.aspx` | High
|
||||
23 | File | `/egroupware/index.php` | High
|
||||
24 | File | `/etc/hosts` | Medium
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/forums/editforum.php` | High
|
||||
27 | File | `/goform/CertListInfo` | High
|
||||
28 | File | `/goform/setmac` | High
|
||||
29 | File | `/goform/wizard_end` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/index.php?module=entities/entities` | High
|
||||
33 | File | `/manage-apartment.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/pages/apply_vacancy.php` | High
|
||||
38 | File | `/param.file.tgz` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public_html/users.php` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/sys/duplicate/check` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 377 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -67,43 +67,43 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/cbs/system/ShowAdvanced.do` | High
|
||||
8 | File | `/cgi-bin/editBookmark` | High
|
||||
9 | File | `/cgi-bin/loaddata.py` | High
|
||||
10 | File | `/cgi-sys/FormMail-clone.cgi` | High
|
||||
11 | File | `/debug` | Low
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/DXR.axd` | Medium
|
||||
14 | File | `/etc/passwd` | Medium
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/getcfg.php` | Medium
|
||||
17 | File | `/goform/setmac` | High
|
||||
18 | File | `/goform/setportList` | High
|
||||
19 | File | `/goform/setVLAN` | High
|
||||
20 | File | `/goform/wlanPrimaryNetwork` | High
|
||||
21 | File | `/GponForm/usb_Form?script/` | High
|
||||
22 | File | `/groups/31-twitter-basics` | High
|
||||
23 | File | `/login` | Low
|
||||
24 | File | `/login/index.php` | High
|
||||
25 | File | `/modules/profile/index.php` | High
|
||||
26 | File | `/sys/dict/queryTableData` | High
|
||||
27 | File | `/tmp` | Low
|
||||
28 | File | `/tmp/before` | Medium
|
||||
29 | File | `/User/saveUser` | High
|
||||
30 | File | `/usr/bin/vmware-mount` | High
|
||||
31 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
32 | File | `/WEB-INF/web.xml` | High
|
||||
33 | File | `/_vti_pvt/access.cnf` | High
|
||||
34 | File | `3/qq_connect2.0/API/class/ErrorCase.class.php` | High
|
||||
35 | File | `accountsettings_add.html` | High
|
||||
36 | File | `aclient.exe` | Medium
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `addentry.php` | Medium
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | File | `admin.php?c=update&f=unzip` | High
|
||||
41 | File | `admin/ajax/op_kandidat.php` | High
|
||||
42 | File | `admin/conf_users_edit.php` | High
|
||||
43 | File | `admin/domain-fields/` | High
|
||||
44 | File | `admin/index.asp` | High
|
||||
45 | File | `admin/news.php` | High
|
||||
46 | File | `AdminLoginInterceptor.java` | High
|
||||
10 | File | `/debug` | Low
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/DXR.axd` | Medium
|
||||
13 | File | `/etc/passwd` | Medium
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/getcfg.php` | Medium
|
||||
16 | File | `/goform/setmac` | High
|
||||
17 | File | `/goform/setportList` | High
|
||||
18 | File | `/goform/setVLAN` | High
|
||||
19 | File | `/goform/wlanPrimaryNetwork` | High
|
||||
20 | File | `/GponForm/usb_Form?script/` | High
|
||||
21 | File | `/groups/31-twitter-basics` | High
|
||||
22 | File | `/login` | Low
|
||||
23 | File | `/login/index.php` | High
|
||||
24 | File | `/modules/profile/index.php` | High
|
||||
25 | File | `/sys/dict/queryTableData` | High
|
||||
26 | File | `/tmp` | Low
|
||||
27 | File | `/tmp/before` | Medium
|
||||
28 | File | `/User/saveUser` | High
|
||||
29 | File | `/usr/bin/vmware-mount` | High
|
||||
30 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
31 | File | `/WEB-INF/web.xml` | High
|
||||
32 | File | `/_vti_pvt/access.cnf` | High
|
||||
33 | File | `3/qq_connect2.0/API/class/ErrorCase.class.php` | High
|
||||
34 | File | `accountsettings_add.html` | High
|
||||
35 | File | `aclient.exe` | Medium
|
||||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `addentry.php` | Medium
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin.php?c=update&f=unzip` | High
|
||||
40 | File | `admin/ajax/op_kandidat.php` | High
|
||||
41 | File | `admin/conf_users_edit.php` | High
|
||||
42 | File | `admin/domain-fields/` | High
|
||||
43 | File | `admin/index.asp` | High
|
||||
44 | File | `admin/news.php` | High
|
||||
45 | File | `AdminLoginInterceptor.java` | High
|
||||
46 | File | `admins.js` | Medium
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 410 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
|
|
@ -65,7 +65,7 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `avrc_pars_tg.cc` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 65 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 66 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,187 @@
|
|||
# Bitzlato - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the campaign known as _Bitzlato_. The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor](https://vuldb.com/?actor)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bitzlato:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
These _actors_ are associated with Bitzlato or other actors linked to the campaign.
|
||||
|
||||
ID | Actor | Confidence
|
||||
-- | ----- | ----------
|
||||
1 | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Bitzlato.
|
||||
|
||||
ID | IP address | Hostname | Actor | Confidence
|
||||
-- | ---------- | -------- | ----- | ----------
|
||||
1 | [3.130.204.160](https://vuldb.com/?ip.3.130.204.160) | ec2-3-130-204-160.us-east-2.compute.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
2 | [3.131.233.90](https://vuldb.com/?ip.3.131.233.90) | ec2-3-131-233-90.us-east-2.compute.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
3 | [5.79.68.107](https://vuldb.com/?ip.5.79.68.107) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
4 | [5.79.68.108](https://vuldb.com/?ip.5.79.68.108) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
5 | [5.79.68.109](https://vuldb.com/?ip.5.79.68.109) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
6 | [5.79.68.110](https://vuldb.com/?ip.5.79.68.110) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
7 | [18.213.250.117](https://vuldb.com/?ip.18.213.250.117) | ec2-18-213-250-117.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
8 | [18.215.128.143](https://vuldb.com/?ip.18.215.128.143) | ec2-18-215-128-143.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
9 | [23.20.239.12](https://vuldb.com/?ip.23.20.239.12) | ec2-23-20-239-12.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
10 | [23.202.231.167](https://vuldb.com/?ip.23.202.231.167) | a23-202-231-167.deploy.static.akamaitechnologies.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
11 | [23.217.138.108](https://vuldb.com/?ip.23.217.138.108) | a23-217-138-108.deploy.static.akamaitechnologies.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
12 | [31.31.204.59](https://vuldb.com/?ip.31.31.204.59) | cluster25.reg.ru | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
13 | [31.31.204.61](https://vuldb.com/?ip.31.31.204.61) | parking.reg.ru | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
14 | [31.220.16.53](https://vuldb.com/?ip.31.220.16.53) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
15 | [37.48.65.136](https://vuldb.com/?ip.37.48.65.136) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
16 | [37.48.65.143](https://vuldb.com/?ip.37.48.65.143) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
17 | [37.48.65.145](https://vuldb.com/?ip.37.48.65.145) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
18 | [37.48.65.148](https://vuldb.com/?ip.37.48.65.148) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
19 | [37.48.65.149](https://vuldb.com/?ip.37.48.65.149) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
20 | [37.48.65.150](https://vuldb.com/?ip.37.48.65.150) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
21 | [37.48.65.151](https://vuldb.com/?ip.37.48.65.151) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
22 | [37.48.65.152](https://vuldb.com/?ip.37.48.65.152) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
23 | [37.48.65.153](https://vuldb.com/?ip.37.48.65.153) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
24 | [37.48.65.154](https://vuldb.com/?ip.37.48.65.154) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
25 | [37.48.65.155](https://vuldb.com/?ip.37.48.65.155) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
26 | [45.77.55.61](https://vuldb.com/?ip.45.77.55.61) | 45.77.55.61.vultrusercontent.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
27 | [46.166.182.54](https://vuldb.com/?ip.46.166.182.54) | suggest-wrong.shamrockuser.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
28 | [46.166.182.62](https://vuldb.com/?ip.46.166.182.62) | all-multiuser.aboveoption.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
29 | [50.63.202.53](https://vuldb.com/?ip.50.63.202.53) | 53.202.63.50.host.secureserver.net | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
30 | [50.63.202.64](https://vuldb.com/?ip.50.63.202.64) | 64.202.63.50.host.secureserver.net | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
31 | [50.63.202.65](https://vuldb.com/?ip.50.63.202.65) | 65.202.63.50.host.secureserver.net | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
32 | [50.63.202.69](https://vuldb.com/?ip.50.63.202.69) | 69.202.63.50.host.secureserver.net | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
33 | [50.63.202.93](https://vuldb.com/?ip.50.63.202.93) | 93.202.63.50.host.secureserver.net | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
34 | [52.0.217.44](https://vuldb.com/?ip.52.0.217.44) | ec2-52-0-217-44.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
35 | [52.4.209.250](https://vuldb.com/?ip.52.4.209.250) | ec2-52-4-209-250.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
36 | [52.6.128.155](https://vuldb.com/?ip.52.6.128.155) | ec2-52-6-128-155.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
37 | [52.54.24.134](https://vuldb.com/?ip.52.54.24.134) | ec2-52-54-24-134.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
38 | [52.73.179.54](https://vuldb.com/?ip.52.73.179.54) | ec2-52-73-179-54.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
39 | [54.161.222.85](https://vuldb.com/?ip.54.161.222.85) | ec2-54-161-222-85.compute-1.amazonaws.com | [TrickBot](https://vuldb.com/?actor.trickbot) | Medium
|
||||
40 | [70.39.125.243](https://vuldb.com/?ip.70.39.125.243) | force.instantlyprogress5.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
41 | [74.208.236.102](https://vuldb.com/?ip.74.208.236.102) | 74-208-236-102.elastic-ssl.ui-r.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
42 | [78.41.204.28](https://vuldb.com/?ip.78.41.204.28) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
43 | [78.41.204.34](https://vuldb.com/?ip.78.41.204.34) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
44 | [78.41.204.37](https://vuldb.com/?ip.78.41.204.37) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
45 | [78.41.204.39](https://vuldb.com/?ip.78.41.204.39) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
46 | [81.171.22.4](https://vuldb.com/?ip.81.171.22.4) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
47 | [81.171.22.5](https://vuldb.com/?ip.81.171.22.5) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
48 | [81.171.22.6](https://vuldb.com/?ip.81.171.22.6) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
49 | [81.171.22.7](https://vuldb.com/?ip.81.171.22.7) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
50 | [85.159.233.44](https://vuldb.com/?ip.85.159.233.44) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
51 | [91.195.240.13](https://vuldb.com/?ip.91.195.240.13) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
52 | [95.183.53.20](https://vuldb.com/?ip.95.183.53.20) | hosted-by.solarcom.ch | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
53 | [95.211.75.10](https://vuldb.com/?ip.95.211.75.10) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
54 | [95.211.75.16](https://vuldb.com/?ip.95.211.75.16) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
55 | [95.211.75.25](https://vuldb.com/?ip.95.211.75.25) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
56 | [95.211.75.26](https://vuldb.com/?ip.95.211.75.26) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
57 | [96.47.230.67](https://vuldb.com/?ip.96.47.230.67) | 96.47.230.67.static.rivalserver.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
58 | [96.47.230.68](https://vuldb.com/?ip.96.47.230.68) | 96.47.230.68.static.rivalserver.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
59 | [96.47.230.69](https://vuldb.com/?ip.96.47.230.69) | 96.47.230.69.static.rivalserver.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
60 | [96.47.230.70](https://vuldb.com/?ip.96.47.230.70) | 96.47.230.70.static.rivalserver.com | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
61 | [103.41.71.252](https://vuldb.com/?ip.103.41.71.252) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
62 | [104.18.40.76](https://vuldb.com/?ip.104.18.40.76) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
63 | [104.18.40.160](https://vuldb.com/?ip.104.18.40.160) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
64 | [104.18.41.76](https://vuldb.com/?ip.104.18.41.76) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
65 | [104.18.41.160](https://vuldb.com/?ip.104.18.41.160) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
66 | [104.18.42.185](https://vuldb.com/?ip.104.18.42.185) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
67 | [104.18.43.185](https://vuldb.com/?ip.104.18.43.185) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
68 | [104.18.44.185](https://vuldb.com/?ip.104.18.44.185) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
69 | [104.18.44.206](https://vuldb.com/?ip.104.18.44.206) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
70 | [104.18.45.185](https://vuldb.com/?ip.104.18.45.185) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
71 | [104.18.45.206](https://vuldb.com/?ip.104.18.45.206) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
72 | [104.18.49.28](https://vuldb.com/?ip.104.18.49.28) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
73 | [104.18.52.227](https://vuldb.com/?ip.104.18.52.227) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
74 | [104.18.53.227](https://vuldb.com/?ip.104.18.53.227) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
75 | [104.18.62.120](https://vuldb.com/?ip.104.18.62.120) | - | [TrickBot](https://vuldb.com/?actor.trickbot) | High
|
||||
76 | ... | ... | ... | ...
|
||||
|
||||
There are 300 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used within Bitzlato. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration during Bitzlato. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/ad_js.php` | Medium
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/app/options.py` | High
|
||||
10 | File | `/attachments` | Medium
|
||||
11 | File | `/boat/login.php` | High
|
||||
12 | File | `/bsms_ci/index.php/book` | High
|
||||
13 | File | `/cgi-bin/login.cgi` | High
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/dashboard/reports/logs/view` | High
|
||||
18 | File | `/dashboard/updatelogo.php` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/etc/openshift/server_priv.pem` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/setmac` | High
|
||||
25 | File | `/goform/wizard_end` | High
|
||||
26 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/index/jobfairol/show/` | High
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/manage-apartment.php` | High
|
||||
31 | File | `/medicines/profile.php` | High
|
||||
32 | File | `/mkshop/Men/profile.php` | High
|
||||
33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
34 | File | `/Noxen-master/users.php` | High
|
||||
35 | File | `/pages/apply_vacancy.php` | High
|
||||
36 | File | `/proc/<PID>/mem` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the campaign and the associated activities:
|
||||
|
||||
* https://ddanchev.blogspot.com/2023/02/exposing-trickbots-bitzlato.html
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -129,7 +129,7 @@ ID | Type | Indicator | Confidence
|
|||
56 | File | `apply.cgi` | Medium
|
||||
57 | ... | ... | ...
|
||||
|
||||
There are 497 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 501 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -151,10 +151,10 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -166,39 +166,43 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/api/blade-log/api/list` | High
|
||||
3 | File | `/apply.cgi` | Medium
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/bsms_ci/index.php/book` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
9 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/login/index.php` | High
|
||||
13 | File | `/medicines/profile.php` | High
|
||||
14 | File | `/obs/book.php` | High
|
||||
15 | File | `/products/view_product.php` | High
|
||||
16 | File | `/public/login.htm` | High
|
||||
17 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
18 | File | `/shell` | Low
|
||||
19 | File | `/spip.php` | Medium
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | File | `/usr/bin/pkexec` | High
|
||||
22 | File | `/usr/bin/tddp` | High
|
||||
23 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
24 | File | `/video-sharing-script/watch-video.php` | High
|
||||
25 | File | `/wp-admin/admin-ajax.php` | High
|
||||
26 | File | `/wp-admin/options.php` | High
|
||||
27 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
28 | File | `adclick.php` | Medium
|
||||
29 | File | `admin.jcomments.php` | High
|
||||
30 | File | `admin/add_payment.php` | High
|
||||
31 | File | `admin/disapprove_user.php` | High
|
||||
32 | ... | ... | ...
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/patient.php` | High
|
||||
7 | File | `/alphaware/summary.php` | High
|
||||
8 | File | `/api/blade-log/api/list` | High
|
||||
9 | File | `/apply.cgi` | Medium
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/boat/login.php` | High
|
||||
12 | File | `/bsms_ci/index.php/book` | High
|
||||
13 | File | `/cgi-bin/luci/api/auth` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/filemanager/php/connector.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/medicines/profile.php` | High
|
||||
20 | File | `/products/view_product.php` | High
|
||||
21 | File | `/public/login.htm` | High
|
||||
22 | File | `/reservation/add_message.php` | High
|
||||
23 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
24 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
25 | File | `/shell` | Low
|
||||
26 | File | `/spip.php` | Medium
|
||||
27 | File | `/usr/bin/pkexec` | High
|
||||
28 | File | `/usr/bin/tddp` | High
|
||||
29 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
30 | File | `/video-sharing-script/watch-video.php` | High
|
||||
31 | File | `/wp-admin/admin-ajax.php` | High
|
||||
32 | File | `/wp-admin/options.php` | High
|
||||
33 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
34 | File | `AcquisiAction.class.php` | High
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 304 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,7 +9,6 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CVE-2021-44077:
|
||||
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* [IR](https://vuldb.com/?country.ir)
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -41,11 +40,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -53,51 +52,67 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.forward` | Medium
|
||||
2 | File | `/addQuestion.php` | High
|
||||
3 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
4 | File | `/admin/api/theme-edit/` | High
|
||||
5 | File | `/admin/article/list_approve` | High
|
||||
6 | File | `/admin/communitymanagement.php` | High
|
||||
7 | File | `/admin/folderrollpicture/list` | High
|
||||
8 | File | `/api/index.php` | High
|
||||
9 | File | `/api/plugin/upload` | High
|
||||
10 | File | `/api/upload-resource` | High
|
||||
11 | File | `/apply.cgi` | Medium
|
||||
12 | File | `/bd_genie_create_account.cgi` | High
|
||||
13 | File | `/conf/users` | Medium
|
||||
14 | File | `/csms/classes/Master.php?f=delete_booking` | High
|
||||
15 | File | `/dev/mem` | Medium
|
||||
16 | File | `/dev/mmz_userdev` | High
|
||||
17 | File | `/diagnostic/editcategory.php` | High
|
||||
1 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
2 | File | `/admin/api/theme-edit/` | High
|
||||
3 | File | `/ad_js.php` | Medium
|
||||
4 | File | `/agc/vicidial.php` | High
|
||||
5 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||||
6 | File | `/api/index.php` | High
|
||||
7 | File | `/apply.cgi` | Medium
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/aux` | Low
|
||||
10 | File | `/categorypage.php` | High
|
||||
11 | File | `/cha.php` | Medium
|
||||
12 | File | `/College/admin/teacher.php` | High
|
||||
13 | File | `/csms/classes/Master.php?f=delete_booking` | High
|
||||
14 | File | `/dev/mem` | Medium
|
||||
15 | File | `/dev/mmz_userdev` | High
|
||||
16 | File | `/diagnostic/editcategory.php` | High
|
||||
17 | File | `/drivers/block/floppy.c` | High
|
||||
18 | File | `/etc/config/product.ini` | High
|
||||
19 | File | `/etc/crash` | Medium
|
||||
20 | File | `/etc/passwd` | Medium
|
||||
21 | File | `/goform/aspForm` | High
|
||||
22 | File | `/goform/SysToolReboot` | High
|
||||
23 | File | `/goform/SysToolRestoreSet` | High
|
||||
24 | File | `/goform/WifiBasicSet` | High
|
||||
25 | File | `/h/search?action` | High
|
||||
21 | File | `/etc/shadow` | Medium
|
||||
22 | File | `/fos/admin/ajax.php` | High
|
||||
23 | File | `/goform/SysToolReboot` | High
|
||||
24 | File | `/goform/SysToolRestoreSet` | High
|
||||
25 | File | `/goform/WifiBasicSet` | High
|
||||
26 | File | `/h/search?action=voicemail&action=listen` | High
|
||||
27 | File | `/HNAP1` | Low
|
||||
28 | File | `/hss/admin/categories/view_category.php` | High
|
||||
29 | File | `/htdocs/upnpinc/gena.php` | High
|
||||
30 | File | `/index.php` | Medium
|
||||
31 | File | `/index.php?module=entities/fields&entities_id=24` | High
|
||||
32 | File | `/login.php` | Medium
|
||||
33 | File | `/login/index.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/menu.html` | Medium
|
||||
36 | File | `/module/report_event/index.php` | High
|
||||
37 | File | `/Moosikay/order.php` | High
|
||||
29 | File | `/index.php` | Medium
|
||||
30 | File | `/index.php?module=entities/fields&entities_id=24` | High
|
||||
31 | File | `/login/index.php` | High
|
||||
32 | File | `/medicines/profile.php` | High
|
||||
33 | File | `/menu.html` | Medium
|
||||
34 | File | `/module/report_event/index.php` | High
|
||||
35 | File | `/Moosikay/order.php` | High
|
||||
36 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
37 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
38 | File | `/pdfalto/src/pdfalto.cc` | High
|
||||
39 | File | `/phpinventory/edituser.php` | High
|
||||
40 | File | `/php_action/createProduct.php` | High
|
||||
41 | File | `/queuing/index.php?page=display` | High
|
||||
42 | File | `/release-x64/otfccdump+0x6e1fc8` | High
|
||||
43 | ... | ... | ...
|
||||
39 | File | `/philosophy/admin/login.php` | High
|
||||
40 | File | `/php-opos/login.php` | High
|
||||
41 | File | `/priv_mgt.html` | High
|
||||
42 | File | `/queuing/index.php?page=display` | High
|
||||
43 | File | `/resources//../` | High
|
||||
44 | File | `/sys/duplicate/check` | High
|
||||
45 | File | `/tmp/app/.env` | High
|
||||
46 | File | `/ui/cbpc/login` | High
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/users/delete/2` | High
|
||||
50 | File | `/usr/sbin/httpd` | High
|
||||
51 | File | `/usr/sbin/nagios` | High
|
||||
52 | File | `/var/tmp/audacity-$USER` | High
|
||||
53 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
54 | File | `3G/UMTS` | Low
|
||||
55 | File | `aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java` | High
|
||||
56 | File | `account_change.php` | High
|
||||
57 | File | `ad.php` | Low
|
||||
58 | File | `adclick.php` | Medium
|
||||
59 | ... | ... | ...
|
||||
|
||||
There are 376 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 517 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -133,7 +133,7 @@ ID | Type | Indicator | Confidence
|
|||
65 | File | `/librarian/bookdetails.php` | High
|
||||
66 | ... | ... | ...
|
||||
|
||||
There are 580 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 579 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -52,54 +52,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/admin/access` | High
|
||||
3 | File | `/admin/addemployee.php` | High
|
||||
4 | File | `/admin/index.html` | High
|
||||
5 | File | `/admin/index.php?id=themes&action=edit_template&filename=blog` | High
|
||||
6 | File | `/admin/posts.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/ci_ssms/index.php/orders/create` | High
|
||||
9 | File | `/edoc/doctor/patient.php` | High
|
||||
10 | File | `/fw.login.php` | High
|
||||
11 | File | `/home/masterConsole` | High
|
||||
12 | File | `/index.php` | Medium
|
||||
13 | File | `/membres/modif_profil.php` | High
|
||||
14 | File | `/ordering/admin/category/index.php?view=edit` | High
|
||||
15 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
16 | File | `/pms/index.php` | High
|
||||
17 | File | `/pms/update_user.php?user_id=1` | High
|
||||
18 | File | `/SimpleBusTicket/index.php` | High
|
||||
19 | File | `/transcation.php` | High
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | File | `/usr/bin/pkexec` | High
|
||||
22 | File | `/var/run/docker.sock` | High
|
||||
23 | File | `/wp-admin/admin-ajax.php` | High
|
||||
24 | File | `/xpdf/Stream.cc` | High
|
||||
25 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
26 | File | `addpost_newpoll.php` | High
|
||||
27 | File | `adm-index.php` | High
|
||||
28 | File | `Admin.PHP` | Medium
|
||||
29 | File | `admin.php` | Medium
|
||||
30 | File | `admin.php&r=article/AdminContent/edit` | High
|
||||
31 | File | `admin/expense_report.php` | High
|
||||
32 | File | `admin/index.php` | High
|
||||
33 | File | `admin/ops/reports/ops/forum.php` | High
|
||||
34 | File | `admincp/attachment.php` | High
|
||||
35 | File | `adminedit.pl` | Medium
|
||||
36 | File | `ajax/api/hook/getHookList` | High
|
||||
37 | File | `App\Manage\Controller\ArticleController.class.php` | High
|
||||
38 | File | `archive/index.php` | High
|
||||
39 | File | `auth-gss2.c` | Medium
|
||||
40 | File | `backend/groups/index.php` | High
|
||||
41 | File | `bbs/member_confirm.php` | High
|
||||
42 | File | `bottom.php` | Medium
|
||||
43 | File | `breadcrumbs_create.php` | High
|
||||
44 | File | `C:\Program Files\FileZilla FTP Client\uninstall.exe` | High
|
||||
45 | File | `cds-fpdf.php` | Medium
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `//proc/kcore` | Medium
|
||||
3 | File | `/admin/access` | High
|
||||
4 | File | `/admin/addemployee.php` | High
|
||||
5 | File | `/admin/index.html` | High
|
||||
6 | File | `/admin/index.php?id=themes&action=edit_template&filename=blog` | High
|
||||
7 | File | `/admin/posts.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/ci_ssms/index.php/orders/create` | High
|
||||
10 | File | `/edoc/doctor/patient.php` | High
|
||||
11 | File | `/fw.login.php` | High
|
||||
12 | File | `/home/masterConsole` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/membres/modif_profil.php` | High
|
||||
15 | File | `/ordering/admin/category/index.php?view=edit` | High
|
||||
16 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
17 | File | `/pms/index.php` | High
|
||||
18 | File | `/pms/update_user.php?user_id=1` | High
|
||||
19 | File | `/SimpleBusTicket/index.php` | High
|
||||
20 | File | `/transcation.php` | High
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/usr/bin/pkexec` | High
|
||||
23 | File | `/var/run/docker.sock` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | File | `/xpdf/Stream.cc` | High
|
||||
26 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
27 | File | `addpost_newpoll.php` | High
|
||||
28 | File | `adm-index.php` | High
|
||||
29 | File | `Admin.PHP` | Medium
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | File | `admin.php&r=article/AdminContent/edit` | High
|
||||
32 | File | `admin/expense_report.php` | High
|
||||
33 | File | `admin/index.php` | High
|
||||
34 | File | `admin/ops/reports/ops/forum.php` | High
|
||||
35 | File | `admincp/attachment.php` | High
|
||||
36 | File | `adminedit.pl` | Medium
|
||||
37 | File | `ajax/api/hook/getHookList` | High
|
||||
38 | File | `App\Manage\Controller\ArticleController.class.php` | High
|
||||
39 | File | `archive/index.php` | High
|
||||
40 | File | `auth-gss2.c` | Medium
|
||||
41 | File | `backend/groups/index.php` | High
|
||||
42 | File | `bbs/member_confirm.php` | High
|
||||
43 | File | `bottom.php` | Medium
|
||||
44 | File | `breadcrumbs_create.php` | High
|
||||
45 | File | `C:\Program Files\FileZilla FTP Client\uninstall.exe` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 395 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -112,7 +112,7 @@ ID | Type | Indicator | Confidence
|
|||
46 | File | `apply.cgi` | Medium
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 409 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 410 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -105,7 +105,7 @@ ID | Type | Indicator | Confidence
|
|||
29 | File | `4.edu.php` | Medium
|
||||
30 | ... | ... | ...
|
||||
|
||||
There are 259 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 256 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -107,11 +107,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -121,33 +122,34 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/APR/login.php` | High
|
||||
4 | File | `/APR/signup.php` | High
|
||||
5 | File | `/as/authorization.oauth2` | High
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/DXR.axd` | Medium
|
||||
9 | File | `/filemanager/php/connector.php` | High
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/HNAP1/SetClientInfo` | High
|
||||
12 | File | `/mims/login.php` | High
|
||||
13 | File | `/php-scrm/login.php` | High
|
||||
14 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
15 | File | `/textpattern/index.php` | High
|
||||
16 | File | `/tmp` | Low
|
||||
17 | File | `account-signup.php` | High
|
||||
18 | File | `account/signup.php` | High
|
||||
19 | File | `addentry.php` | Medium
|
||||
20 | File | `admin.php` | Medium
|
||||
21 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/as/authorization.oauth2` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/filemanager/php/connector.php` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/HNAP1/SetClientInfo` | High
|
||||
13 | File | `/mims/login.php` | High
|
||||
14 | File | `/php-scrm/login.php` | High
|
||||
15 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
16 | File | `/textpattern/index.php` | High
|
||||
17 | File | `/tmp` | Low
|
||||
18 | File | `account-signup.php` | High
|
||||
19 | File | `account/signup.php` | High
|
||||
20 | File | `addentry.php` | Medium
|
||||
21 | File | `admin.php` | Medium
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
25 | File | `admin/TemplateController.java` | High
|
||||
26 | File | `adminer.php` | Medium
|
||||
27 | ... | ... | ...
|
||||
27 | File | `AndroidManifest.xml` | High
|
||||
28 | ... | ... | ...
|
||||
|
||||
There are 232 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 235 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Credit Card Shop:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
@ -69,41 +69,45 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/addNotifyServlet` | High
|
||||
3 | File | `/admin/submit-articles` | High
|
||||
4 | File | `/ad_js.php` | Medium
|
||||
5 | File | `/api/` | Low
|
||||
6 | File | `/app/options.py` | High
|
||||
7 | File | `/attachments` | Medium
|
||||
8 | File | `/bsms_ci/index.php/book` | High
|
||||
9 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
10 | File | `/confirm` | Medium
|
||||
11 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
12 | File | `/dashboard/reports/logs/view` | High
|
||||
13 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/etc/hosts` | Medium
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/goform/setmac` | High
|
||||
18 | File | `/goform/wizard_end` | High
|
||||
19 | File | `/manage-apartment.php` | High
|
||||
20 | File | `/medicines/profile.php` | High
|
||||
21 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
22 | File | `/out.php` | Medium
|
||||
23 | File | `/pages/apply_vacancy.php` | High
|
||||
24 | File | `/pms/update_patient.php` | High
|
||||
25 | File | `/proc/<PID>/mem` | High
|
||||
26 | File | `/proxy` | Low
|
||||
27 | File | `/secure/ViewCollectors` | High
|
||||
28 | File | `/spip.php` | Medium
|
||||
29 | File | `/tmp` | Low
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | File | `/upload` | Low
|
||||
32 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
33 | File | `/vendor/views/add_product.php` | High
|
||||
34 | File | `/vicidial/AST_agent_time_sheet.php` | High
|
||||
35 | ... | ... | ...
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/submit-articles` | High
|
||||
8 | File | `/ad_js.php` | Medium
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
10 | File | `/api/` | Low
|
||||
11 | File | `/app/options.py` | High
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/confirm` | Medium
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/manage-apartment.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/pages/apply_vacancy.php` | High
|
||||
30 | File | `/pms/update_patient.php` | High
|
||||
31 | File | `/proc/<PID>/mem` | High
|
||||
32 | File | `/proxy` | Low
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/secure/ViewCollectors` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
37 | File | `/uncpath/` | Medium
|
||||
38 | File | `/upload` | Low
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 298 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -85,14 +85,14 @@ ID | Type | Indicator | Confidence
|
|||
21 | File | `/Hospital-Management-System-master/contact.php` | High
|
||||
22 | File | `/include/friends.inc.php` | High
|
||||
23 | File | `/index.php?module=configuration/application` | High
|
||||
24 | File | `/members/view_member.php` | High
|
||||
25 | File | `/plesk-site-preview/` | High
|
||||
26 | File | `/scas/admin/` | Medium
|
||||
27 | File | `/services/view_service.php` | High
|
||||
28 | File | `/servlet/webacc` | High
|
||||
29 | File | `/sitemagic/upgrade.php` | High
|
||||
30 | File | `/src/njs/src/njs_module.c` | High
|
||||
31 | File | `/tmp` | Low
|
||||
24 | File | `/kruxton/receipt.php` | High
|
||||
25 | File | `/members/view_member.php` | High
|
||||
26 | File | `/plesk-site-preview/` | High
|
||||
27 | File | `/scas/admin/` | Medium
|
||||
28 | File | `/services/view_service.php` | High
|
||||
29 | File | `/servlet/webacc` | High
|
||||
30 | File | `/sitemagic/upgrade.php` | High
|
||||
31 | File | `/src/njs/src/njs_module.c` | High
|
||||
32 | File | `/userui/ticket_list.php` | High
|
||||
33 | File | `/usr/5bin/su` | Medium
|
||||
34 | File | `/vloggers_merch/classes/Master.php?f=delete_category` | High
|
||||
|
@ -114,34 +114,34 @@ ID | Type | Indicator | Confidence
|
|||
50 | File | `admin/header.php` | High
|
||||
51 | File | `admin/inc/change_action.php` | High
|
||||
52 | File | `admin/index.php` | High
|
||||
53 | File | `admin/info.php` | High
|
||||
54 | File | `admin/login.asp` | High
|
||||
55 | File | `admin/manage-comments.php` | High
|
||||
56 | File | `admin/manage-news.php` | High
|
||||
57 | File | `admin/plugin-settings.php` | High
|
||||
58 | File | `admin:de` | Medium
|
||||
59 | File | `admincp/auth/checklogin.php` | High
|
||||
60 | File | `admincp/auth/secure.php` | High
|
||||
61 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
62 | File | `administrator/index.php` | High
|
||||
63 | File | `admin_login.asp` | High
|
||||
64 | File | `ajax_url.php` | Medium
|
||||
65 | File | `album_portal.php` | High
|
||||
66 | File | `al_initialize.php` | High
|
||||
67 | File | `anjel.index.php` | High
|
||||
68 | File | `annonces-p-f.php` | High
|
||||
69 | File | `announce.php` | Medium
|
||||
70 | File | `announcement.php` | High
|
||||
71 | File | `announcements.php` | High
|
||||
72 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
|
||||
73 | File | `app/models/user.rb` | High
|
||||
74 | File | `application/config/config.php` | High
|
||||
75 | File | `application/controllers/basedata/inventory.php` | High
|
||||
76 | File | `apply.cgi` | Medium
|
||||
77 | File | `apps/app_article/controller/rating.php` | High
|
||||
78 | File | `article.php` | Medium
|
||||
79 | File | `articles.php` | Medium
|
||||
80 | File | `artikel_anzeige.php` | High
|
||||
53 | File | `admin/login.asp` | High
|
||||
54 | File | `admin/manage-comments.php` | High
|
||||
55 | File | `admin/manage-news.php` | High
|
||||
56 | File | `admin/plugin-settings.php` | High
|
||||
57 | File | `admin:de` | Medium
|
||||
58 | File | `admincp/auth/checklogin.php` | High
|
||||
59 | File | `admincp/auth/secure.php` | High
|
||||
60 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
61 | File | `administrator/index.php` | High
|
||||
62 | File | `admin_login.asp` | High
|
||||
63 | File | `ajax_url.php` | Medium
|
||||
64 | File | `album_portal.php` | High
|
||||
65 | File | `al_initialize.php` | High
|
||||
66 | File | `anjel.index.php` | High
|
||||
67 | File | `annonces-p-f.php` | High
|
||||
68 | File | `announce.php` | Medium
|
||||
69 | File | `announcement.php` | High
|
||||
70 | File | `announcements.php` | High
|
||||
71 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
|
||||
72 | File | `app/models/user.rb` | High
|
||||
73 | File | `application/config/config.php` | High
|
||||
74 | File | `application/controllers/basedata/inventory.php` | High
|
||||
75 | File | `apply.cgi` | Medium
|
||||
76 | File | `apps/app_article/controller/rating.php` | High
|
||||
77 | File | `article.php` | Medium
|
||||
78 | File | `articles.php` | Medium
|
||||
79 | File | `artikel_anzeige.php` | High
|
||||
80 | File | `AudioFlinger.cpp` | High
|
||||
81 | File | `auktion.cgi` | Medium
|
||||
82 | File | `auth.php` | Medium
|
||||
83 | File | `authfiles/login.asp` | High
|
||||
|
@ -153,12 +153,9 @@ ID | Type | Indicator | Confidence
|
|||
89 | File | `BrudaNews/BrudaGB` | High
|
||||
90 | File | `bwlist_inc.html` | High
|
||||
91 | File | `calendar.php` | Medium
|
||||
92 | File | `calenderServer.cpp` | High
|
||||
93 | File | `callme_page.php` | High
|
||||
94 | File | `cart_add.php` | Medium
|
||||
95 | ... | ... | ...
|
||||
92 | ... | ... | ...
|
||||
|
||||
There are 835 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 814 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -58,7 +58,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
6 | T1068 | CWE-264, CWE-267, CWE-269, CWE-271, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -68,33 +69,34 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
2 | File | `/env` | Low
|
||||
3 | File | `/files/import` | High
|
||||
4 | File | `/forum/away.php` | High
|
||||
5 | File | `/FreshRSS/p/ext.php` | High
|
||||
6 | File | `/goform/addressNat` | High
|
||||
7 | File | `/goform/CertListInfo` | High
|
||||
8 | File | `/goform/fast_setting_wifi_set` | High
|
||||
9 | File | `/goform/IPSECsave` | High
|
||||
10 | File | `/goform/L7Im` | Medium
|
||||
11 | File | `/goform/NatStaticSetting` | High
|
||||
12 | File | `/goform/qossetting` | High
|
||||
13 | File | `/goform/SafeClientFilter` | High
|
||||
14 | File | `/goform/SafeMacFilter` | High
|
||||
15 | File | `/goform/SafeUrlFilter` | High
|
||||
16 | File | `/goform/setMacFilterCfg` | High
|
||||
17 | File | `/goform/SysToolReboot` | High
|
||||
18 | File | `/goform/SysToolRestoreSet` | High
|
||||
19 | File | `/goform/VirtualSer` | High
|
||||
20 | File | `/hrm/controller/employee.php` | High
|
||||
21 | File | `/hrm/employeeadd.php` | High
|
||||
22 | File | `/hrm/employeeview.php` | High
|
||||
23 | File | `/leave_system/admin/?page=maintenance/department` | High
|
||||
24 | File | `/lib` | Low
|
||||
25 | ... | ... | ...
|
||||
1 | File | `//` | Low
|
||||
2 | File | `/api/jmeter/download/files` | High
|
||||
3 | File | `/APR/login.php` | High
|
||||
4 | File | `/DXR.axd` | Medium
|
||||
5 | File | `/env` | Low
|
||||
6 | File | `/files/import` | High
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/FreshRSS/p/ext.php` | High
|
||||
9 | File | `/goform/addressNat` | High
|
||||
10 | File | `/goform/CertListInfo` | High
|
||||
11 | File | `/goform/fast_setting_wifi_set` | High
|
||||
12 | File | `/goform/IPSECsave` | High
|
||||
13 | File | `/goform/L7Im` | Medium
|
||||
14 | File | `/goform/NatStaticSetting` | High
|
||||
15 | File | `/goform/qossetting` | High
|
||||
16 | File | `/goform/SafeClientFilter` | High
|
||||
17 | File | `/goform/SafeMacFilter` | High
|
||||
18 | File | `/goform/SafeUrlFilter` | High
|
||||
19 | File | `/goform/setMacFilterCfg` | High
|
||||
20 | File | `/goform/SysToolRestoreSet` | High
|
||||
21 | File | `/goform/VirtualSer` | High
|
||||
22 | File | `/hrm/controller/employee.php` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/lib` | Low
|
||||
26 | ... | ... | ...
|
||||
|
||||
There are 212 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 220 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with France:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [IO](https://vuldb.com/?country.io)
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* [IO](https://vuldb.com/?country.io)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
@ -5547,13 +5547,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -5561,41 +5561,65 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `$GIT_DIR/objects` | High
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/admin/admin_manage/delete` | High
|
||||
4 | File | `/admin/main/mod-blog` | High
|
||||
5 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
7 | File | `/advanced/adv_dns.xgi` | High
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/backup.pl` | Medium
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/browse.PROJECTKEY` | High
|
||||
12 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
|
||||
13 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
|
||||
14 | File | `/cmscp/ext/collect/fetch_url.do` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/forms/doLogin` | High
|
||||
17 | File | `/mims/login.php` | High
|
||||
18 | File | `/Moosikay/order.php` | High
|
||||
19 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
20 | File | `/out.php` | Medium
|
||||
21 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
22 | File | `/php-opos/index.php` | High
|
||||
23 | File | `/php-scrm/login.php` | High
|
||||
24 | File | `/tmp` | Low
|
||||
25 | File | `/video-sharing-script/watch-video.php` | High
|
||||
26 | File | `account-signup.php` | High
|
||||
27 | File | `account/signup.php` | High
|
||||
28 | File | `action.php` | Medium
|
||||
29 | File | `adclick.php` | Medium
|
||||
30 | File | `add.php` | Low
|
||||
31 | File | `addentry.php` | Medium
|
||||
32 | File | `admin.php` | Medium
|
||||
33 | ... | ... | ...
|
||||
1 | File | `/?ajax-request=jnews` | High
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/` | Low
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/index3.php` | High
|
||||
8 | File | `/admin/main/mod-blog` | High
|
||||
9 | File | `/advanced/adv_dns.xgi` | High
|
||||
10 | File | `/ad_js.php` | Medium
|
||||
11 | File | `/agc/vicidial.php` | High
|
||||
12 | File | `/alphaware/summary.php` | High
|
||||
13 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||||
14 | File | `/APR/login.php` | High
|
||||
15 | File | `/APR/signup.php` | High
|
||||
16 | File | `/aux` | Low
|
||||
17 | File | `/boat/login.php` | High
|
||||
18 | File | `/browse.PROJECTKEY` | High
|
||||
19 | File | `/categorypage.php` | High
|
||||
20 | File | `/cgi-bin/wapopen` | High
|
||||
21 | File | `/cha.php` | Medium
|
||||
22 | File | `/College/admin/teacher.php` | High
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/drivers/block/floppy.c` | High
|
||||
25 | File | `/edoc/doctor/patient.php` | High
|
||||
26 | File | `/etc/shadow` | Medium
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/fos/admin/ajax.php` | High
|
||||
29 | File | `/mims/login.php` | High
|
||||
30 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
31 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
32 | File | `/philosophy/admin/login.php` | High
|
||||
33 | File | `/php-opos/login.php` | High
|
||||
34 | File | `/php-scrm/login.php` | High
|
||||
35 | File | `/priv_mgt.html` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/public/launchNewWindow.jsp` | High
|
||||
38 | File | `/reservation/add_message.php` | High
|
||||
39 | File | `/resources//../` | High
|
||||
40 | File | `/rest/project-templates/1.0/createshared` | High
|
||||
41 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/static/ueditor/php/controller.php` | High
|
||||
44 | File | `/textpattern/index.php` | High
|
||||
45 | File | `/tmp` | Low
|
||||
46 | File | `/vendor/views/add_product.php` | High
|
||||
47 | File | `3G/UMTS` | Low
|
||||
48 | File | `account/signup.php` | High
|
||||
49 | File | `AcquisiAction.class.php` | High
|
||||
50 | File | `activenews_view.asp` | High
|
||||
51 | File | `ad.php` | Low
|
||||
52 | File | `adclick.php` | Medium
|
||||
53 | File | `addentry.php` | Medium
|
||||
54 | File | `admin.php` | Medium
|
||||
55 | File | `admin/admin_editor.php` | High
|
||||
56 | File | `admin/conf_users_edit.php` | High
|
||||
57 | ... | ... | ...
|
||||
|
||||
There are 284 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 501 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -63,11 +63,11 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/setSystemAdmin` | High
|
||||
7 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
8 | File | `admin/Login.php` | High
|
||||
9 | File | `bidhistory.php` | High
|
||||
10 | File | `C:\Wamp64` | Medium
|
||||
9 | File | `appserv/main.php` | High
|
||||
10 | File | `bidhistory.php` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 85 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -200,7 +200,7 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/servlet.gupld` | High
|
||||
21 | ... | ... | ...
|
||||
|
||||
There are 170 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 172 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -201,17 +201,17 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/graphql` | Medium
|
||||
11 | File | `/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf` | High
|
||||
12 | File | `/uncpath/` | Medium
|
||||
13 | File | `/usr/sbin/pinger` | High
|
||||
14 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
15 | File | `/zm/index.php` | High
|
||||
16 | File | `admin/bitrix.mpbuilder_step2.php` | High
|
||||
17 | File | `admin/caste_view.php` | High
|
||||
18 | File | `admin/server/api/download.js` | High
|
||||
19 | File | `AlwaysOnHotwordDetector.java` | High
|
||||
20 | File | `apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java` | High
|
||||
13 | File | `/upload/catalog/controller/account/password.php` | High
|
||||
14 | File | `/usr/sbin/pinger` | High
|
||||
15 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
16 | File | `/zm/index.php` | High
|
||||
17 | File | `admin/bitrix.mpbuilder_step2.php` | High
|
||||
18 | File | `admin/caste_view.php` | High
|
||||
19 | File | `admin/server/api/download.js` | High
|
||||
20 | File | `AlwaysOnHotwordDetector.java` | High
|
||||
21 | ... | ... | ...
|
||||
|
||||
There are 175 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 178 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,19 +60,19 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/admin/index.php` | High
|
||||
3 | File | `/api /v3/auth` | High
|
||||
4 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
5 | File | `/auth` | Low
|
||||
6 | File | `/balance/service/list` | High
|
||||
7 | File | `/config/getuser` | High
|
||||
8 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
9 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `/upload` | Low
|
||||
2 | File | `.kdbgrc` | Low
|
||||
3 | File | `/admin/index.php` | High
|
||||
4 | File | `/api /v3/auth` | High
|
||||
5 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
6 | File | `/auth` | Low
|
||||
7 | File | `/balance/service/list` | High
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
10 | File | `/SiteServer/Ajax/ajaxOtherService.aspx` | High
|
||||
11 | File | `/uncpath/` | Medium
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 93 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 95 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -147,7 +147,7 @@ ID | Type | Indicator | Confidence
|
|||
33 | File | `add-locker-form.php` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 292 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 290 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -4910,10 +4910,10 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-27 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -4925,49 +4925,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
3 | File | `/?ajax-request=jnews` | High
|
||||
4 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/add-new.php` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/edit-doc.php` | High
|
||||
9 | File | `/admin/index3.php` | High
|
||||
10 | File | `/admin/patient.php` | High
|
||||
11 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
12 | File | `/ajax/update_certificate` | High
|
||||
13 | File | `/api/admin/system/store/order/list` | High
|
||||
14 | File | `/apply.cgi` | Medium
|
||||
15 | File | `/APR/signup.php` | High
|
||||
16 | File | `/as/authorization.oauth2` | High
|
||||
17 | File | `/backup.pl` | Medium
|
||||
18 | File | `/boat/login.php` | High
|
||||
19 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
20 | File | `/cgi-bin/luci/api/auth` | High
|
||||
21 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
22 | File | `/CPE` | Low
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/ecshop/admin/template.php` | High
|
||||
25 | File | `/editor/index.php` | High
|
||||
26 | File | `/edoc/doctor/patient.php` | High
|
||||
27 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
28 | File | `/export` | Low
|
||||
29 | File | `/files/import` | High
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/goform/SetSysTimeCfg` | High
|
||||
32 | File | `/goform/WifiBasicSet` | High
|
||||
33 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
34 | File | `/mims/login.php` | High
|
||||
35 | File | `/Moosikay/order.php` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/net-banking/customer_transactions.php` | High
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
40 | File | `/php-jms/updateTxtview.php` | High
|
||||
41 | ... | ... | ...
|
||||
7 | File | `/admin/ajax.php` | High
|
||||
8 | File | `/admin/content/index` | High
|
||||
9 | File | `/admin/delete_user.php` | High
|
||||
10 | File | `/admin/doctors.php` | High
|
||||
11 | File | `/admin/edit-doc.php` | High
|
||||
12 | File | `/admin/index3.php` | High
|
||||
13 | File | `/admin/login.php` | High
|
||||
14 | File | `/admin/patient.php` | High
|
||||
15 | File | `/alphaware/summary.php` | High
|
||||
16 | File | `/api/admin/system/store/order/list` | High
|
||||
17 | File | `/api/jmeter/download/files` | High
|
||||
18 | File | `/APR/login.php` | High
|
||||
19 | File | `/APR/signup.php` | High
|
||||
20 | File | `/boat/login.php` | High
|
||||
21 | File | `/cgi-bin/wapopen` | High
|
||||
22 | File | `/databases/database/list` | High
|
||||
23 | File | `/databases/table/columns` | High
|
||||
24 | File | `/DXR.axd` | Medium
|
||||
25 | File | `/edoc/doctor/patient.php` | High
|
||||
26 | File | `/etc/sudoers` | Medium
|
||||
27 | File | `/filemanager/php/connector.php` | High
|
||||
28 | File | `/file_manager/login.php` | High
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/fos/admin/ajax.php?action=save_settings` | High
|
||||
31 | File | `/HNAP1/SetClientInfo` | High
|
||||
32 | File | `/librarian/bookdetails.php` | High
|
||||
33 | File | `/MIME/INBOX-MM-1/` | High
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/param.file.tgz` | High
|
||||
37 | File | `/philosophy/admin/login.php` | High
|
||||
38 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
42 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
43 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/upload` | Low
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 355 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 395 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -99,7 +99,7 @@ ID | Type | Indicator | Confidence
|
|||
38 | File | `/start_apply.htm` | High
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 340 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 332 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -104,28 +104,28 @@ ID | Type | Indicator | Confidence
|
|||
22 | File | `/leave_system/classes/Master.php?f=delete_department` | High
|
||||
23 | File | `/module/module_frame/index.php` | High
|
||||
24 | File | `/net-banking/customer_transactions.php` | High
|
||||
25 | File | `/northstar/Admin/changePassword.jsp` | High
|
||||
26 | File | `/obs/book.php` | High
|
||||
27 | File | `/orms/` | Low
|
||||
28 | File | `/ossn/administrator/com_installer` | High
|
||||
29 | File | `/pms/update_user.php?user_id=1` | High
|
||||
30 | File | `/sre/params.php` | High
|
||||
31 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
32 | File | `/tmp` | Low
|
||||
33 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
34 | File | `/user/upload/upload` | High
|
||||
35 | File | `/Users` | Low
|
||||
36 | File | `/var/spool/hylafax` | High
|
||||
37 | File | `/vendor` | Low
|
||||
38 | File | `/whbs/?page=my_bookings` | High
|
||||
39 | File | `access_rules/rules_form` | High
|
||||
40 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
41 | File | `action/addproject.php` | High
|
||||
42 | File | `adclick.php` | Medium
|
||||
43 | File | `add_contestant.php` | High
|
||||
25 | File | `/obs/book.php` | High
|
||||
26 | File | `/ossn/administrator/com_installer` | High
|
||||
27 | File | `/pms/update_user.php?user_id=1` | High
|
||||
28 | File | `/sre/params.php` | High
|
||||
29 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
32 | File | `/user/upload/upload` | High
|
||||
33 | File | `/Users` | Low
|
||||
34 | File | `/var/spool/hylafax` | High
|
||||
35 | File | `/vendor` | Low
|
||||
36 | File | `/whbs/?page=my_bookings` | High
|
||||
37 | File | `access_rules/rules_form` | High
|
||||
38 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
39 | File | `action/addproject.php` | High
|
||||
40 | File | `adclick.php` | Medium
|
||||
41 | File | `add_contestant.php` | High
|
||||
42 | File | `admin.php` | Medium
|
||||
43 | File | `admin/ajax.attachment.php` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 380 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 376 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
|
@ -124,44 +124,44 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/debug/pprof` | Medium
|
||||
18 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
19 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
24 | File | `/fos/admin/index.php?page=menu` | High
|
||||
25 | File | `/goform/wizard_end` | High
|
||||
26 | File | `/home/masterConsole` | High
|
||||
27 | File | `/home/sendBroadcast` | High
|
||||
28 | File | `/hrm/employeeadd.php` | High
|
||||
29 | File | `/hrm/employeeview.php` | High
|
||||
30 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
31 | File | `/lookin/info` | Medium
|
||||
32 | File | `/medicines/profile.php` | High
|
||||
33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
34 | File | `/MTFWU` | Low
|
||||
16 | File | `/cgi-bin/wapopen` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
20 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
25 | File | `/fos/admin/index.php?page=menu` | High
|
||||
26 | File | `/goform/wizard_end` | High
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
32 | File | `/lookin/info` | Medium
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/tmp` | Low
|
||||
44 | File | `/uncpath/` | Medium
|
||||
45 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
46 | File | `/video-sharing-script/watch-video.php` | High
|
||||
47 | File | `/wireless/security.asp` | High
|
||||
48 | File | `/wp-admin/admin-ajax.php` | High
|
||||
49 | File | `01article.php` | High
|
||||
50 | File | `AbstractScheduleJob.java` | High
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/tmp` | Low
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
47 | File | `/video-sharing-script/watch-video.php` | High
|
||||
48 | File | `/wireless/security.asp` | High
|
||||
49 | File | `/wp-admin/admin-ajax.php` | High
|
||||
50 | File | `01article.php` | High
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 440 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 445 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [DE](https://vuldb.com/?country.de)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -77,23 +77,23 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/ebics-server/ebics.aspx` | High
|
||||
13 | File | `/etc/shadow` | Medium
|
||||
14 | File | `/forums.php?action=post` | High
|
||||
15 | File | `/home/cavesConsole` | High
|
||||
16 | File | `/home/kickPlayer` | High
|
||||
17 | File | `/home/masterConsole` | High
|
||||
18 | File | `/home/sendBroadcast` | High
|
||||
19 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
20 | File | `/index.php` | Medium
|
||||
21 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
22 | File | `/login/index.php` | High
|
||||
23 | File | `/loginVaLidation.php` | High
|
||||
24 | File | `/manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1` | High
|
||||
25 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
26 | File | `/resources//../` | High
|
||||
27 | File | `/setNTP.cgi` | Medium
|
||||
28 | File | `/sys/dict/queryTableData` | High
|
||||
29 | File | `/system/site.php` | High
|
||||
30 | File | `/tiki-importer.php` | High
|
||||
31 | File | `/tmp` | Low
|
||||
15 | File | `/HNAP1/SetClientInfo` | High
|
||||
16 | File | `/home/cavesConsole` | High
|
||||
17 | File | `/home/kickPlayer` | High
|
||||
18 | File | `/home/masterConsole` | High
|
||||
19 | File | `/home/sendBroadcast` | High
|
||||
20 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
21 | File | `/index.php` | Medium
|
||||
22 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
23 | File | `/login/index.php` | High
|
||||
24 | File | `/loginVaLidation.php` | High
|
||||
25 | File | `/manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1` | High
|
||||
26 | File | `/opt/Citrix/ICAClient/util/ctxwebhelper` | High
|
||||
27 | File | `/resources//../` | High
|
||||
28 | File | `/setNTP.cgi` | Medium
|
||||
29 | File | `/sys/dict/queryTableData` | High
|
||||
30 | File | `/system/site.php` | High
|
||||
31 | File | `/tiki-importer.php` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
|
|
@ -80,36 +80,36 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/filemanager/upload.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goforms/rlminfo` | High
|
||||
23 | File | `/index_amp.php` | High
|
||||
24 | File | `/Items/*/RemoteImages/Download` | High
|
||||
25 | File | `/login` | Low
|
||||
26 | File | `/menu.html` | Medium
|
||||
27 | File | `/navigate/navigate_download.php` | High
|
||||
28 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
29 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/owa/auth/logon.aspx` | High
|
||||
32 | File | `/password.html` | High
|
||||
33 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
34 | File | `/proc/ioports` | High
|
||||
35 | File | `/property-list/property_view.php` | High
|
||||
36 | File | `/ptms/classes/Users.php` | High
|
||||
37 | File | `/resources//../` | High
|
||||
38 | File | `/rest/api/2/search` | High
|
||||
39 | File | `/s/` | Low
|
||||
40 | File | `/scripts/cpan_config` | High
|
||||
41 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
42 | File | `/services/system/setup.json` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/sys/dict/queryTableData` | High
|
||||
45 | File | `/tmp` | Low
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/vloggers_merch/?p=view_product` | High
|
||||
48 | File | `/webconsole/APIController` | High
|
||||
49 | File | `/websocket/exec` | High
|
||||
23 | File | `/HNAP1/SetClientInfo` | High
|
||||
24 | File | `/index_amp.php` | High
|
||||
25 | File | `/Items/*/RemoteImages/Download` | High
|
||||
26 | File | `/login` | Low
|
||||
27 | File | `/menu.html` | Medium
|
||||
28 | File | `/navigate/navigate_download.php` | High
|
||||
29 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
30 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/owa/auth/logon.aspx` | High
|
||||
33 | File | `/password.html` | High
|
||||
34 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
35 | File | `/proc/ioports` | High
|
||||
36 | File | `/property-list/property_view.php` | High
|
||||
37 | File | `/ptms/classes/Users.php` | High
|
||||
38 | File | `/resources//../` | High
|
||||
39 | File | `/rest/api/2/search` | High
|
||||
40 | File | `/s/` | Low
|
||||
41 | File | `/scripts/cpan_config` | High
|
||||
42 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
43 | File | `/services/system/setup.json` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sys/dict/queryTableData` | High
|
||||
46 | File | `/tmp` | Low
|
||||
47 | File | `/uncpath/` | Medium
|
||||
48 | File | `/vloggers_merch/?p=view_product` | High
|
||||
49 | File | `/webconsole/APIController` | High
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 431 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 432 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 9 more TTP items available. Please use our online service to access the data.
|
||||
There are 10 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -50,14 +50,15 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/include/makecvs.php` | High
|
||||
2 | File | `/requests.php` | High
|
||||
3 | File | `/spip.php` | Medium
|
||||
4 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
|
||||
5 | File | `add.php` | Low
|
||||
6 | File | `cat.asp` | Low
|
||||
7 | File | `class.phpmailer.php` | High
|
||||
8 | ... | ... | ...
|
||||
1 | File | `/forum/away.php` | High
|
||||
2 | File | `/include/makecvs.php` | High
|
||||
3 | File | `/requests.php` | High
|
||||
4 | File | `/spip.php` | Medium
|
||||
5 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
|
||||
6 | File | `add.php` | Low
|
||||
7 | File | `cat.asp` | Low
|
||||
8 | File | `class.phpmailer.php` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 61 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Russia and Ukraine Conflict:
|
||||
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -60,7 +60,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -72,56 +72,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
5 | File | `/backup.pl` | Medium
|
||||
6 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
7 | File | `/files/import` | High
|
||||
8 | File | `/forum/away.php` | High
|
||||
9 | File | `/forum/PostPrivateMessage` | High
|
||||
10 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
11 | File | `/fos/admin/index.php?page=menu` | High
|
||||
12 | File | `/home/sendBroadcast` | High
|
||||
13 | File | `/Moosikay/order.php` | High
|
||||
14 | File | `/out.php` | Medium
|
||||
15 | File | `/param.file.tgz` | High
|
||||
16 | File | `/php-opos/index.php` | High
|
||||
17 | File | `/picturesPreview` | High
|
||||
18 | File | `/royal_event/companyprofile.php` | High
|
||||
19 | File | `/royal_event/userregister.php` | High
|
||||
20 | File | `/tmp/boa-temp` | High
|
||||
21 | File | `/user/s.php` | Medium
|
||||
22 | File | `/user/updatePwd` | High
|
||||
23 | File | `/wireless/guestnetwork.asp` | High
|
||||
24 | File | `/wireless/security.asp` | High
|
||||
25 | File | `01article.php` | High
|
||||
26 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
27 | File | `action.php` | Medium
|
||||
28 | File | `adclick.php` | Medium
|
||||
29 | File | `add-locker-form.php` | High
|
||||
30 | File | `add_contestant.php` | High
|
||||
31 | File | `admin/abc.php` | High
|
||||
32 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
33 | File | `admin/approve_user.php` | High
|
||||
34 | File | `admin/booking_report.php` | High
|
||||
35 | File | `admin/disapprove_user.php` | High
|
||||
36 | File | `admin/expense_report.php` | High
|
||||
37 | File | `admin/gv_mail.php` | High
|
||||
38 | File | `admin/index.php` | High
|
||||
39 | File | `admin/manage_user.php` | High
|
||||
40 | File | `admin/page-login.php` | High
|
||||
41 | File | `admin/panels/entry/admin.entry.list.php` | High
|
||||
42 | File | `adminer.php` | Medium
|
||||
43 | File | `administrator/components/com_joomgallery/views/config/tmpl/default.php` | High
|
||||
44 | File | `admin_class.php` | High
|
||||
45 | File | `agent/listener/templates/tail.html` | High
|
||||
46 | File | `announce.php` | Medium
|
||||
47 | File | `api.php` | Low
|
||||
48 | ... | ... | ...
|
||||
1 | File | `//` | Low
|
||||
2 | File | `/admin/?page=user/manage` | High
|
||||
3 | File | `/admin/doctors.php` | High
|
||||
4 | File | `/admin/edit-doc.php` | High
|
||||
5 | File | `/admin/index3.php` | High
|
||||
6 | File | `/admin/patient.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/jmeter/download/files` | High
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/backup.pl` | Medium
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/DXR.axd` | Medium
|
||||
14 | File | `/files/import` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/forum/PostPrivateMessage` | High
|
||||
17 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
18 | File | `/fos/admin/index.php?page=menu` | High
|
||||
19 | File | `/home/sendBroadcast` | High
|
||||
20 | File | `/librarian/bookdetails.php` | High
|
||||
21 | File | `/Moosikay/order.php` | High
|
||||
22 | File | `/out.php` | Medium
|
||||
23 | File | `/param.file.tgz` | High
|
||||
24 | File | `/php-opos/index.php` | High
|
||||
25 | File | `/royal_event/companyprofile.php` | High
|
||||
26 | File | `/royal_event/userregister.php` | High
|
||||
27 | File | `/tmp/boa-temp` | High
|
||||
28 | File | `/user/s.php` | Medium
|
||||
29 | File | `/user/updatePwd` | High
|
||||
30 | File | `/wireless/guestnetwork.asp` | High
|
||||
31 | File | `/wireless/security.asp` | High
|
||||
32 | File | `/wp-json` | Medium
|
||||
33 | File | `01article.php` | High
|
||||
34 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
35 | File | `ActBar.ocx` | Medium
|
||||
36 | File | `action.php` | Medium
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `add-locker-form.php` | High
|
||||
39 | File | `add_contestant.php` | High
|
||||
40 | File | `admin/abc.php` | High
|
||||
41 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
42 | File | `admin/approve_user.php` | High
|
||||
43 | File | `admin/booking_report.php` | High
|
||||
44 | File | `admin/disapprove_user.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 415 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 393 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -2077,3 +2077,4 @@ The following _articles_ explain our unique predictive cyber threat intelligence
|
|||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
ns.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [BE](https://vuldb.com/?country.be)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -360,7 +360,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -373,28 +373,28 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/bin/httpd` | Medium
|
||||
7 | File | `/mims/login.php` | High
|
||||
8 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
9 | File | `/php-opos/index.php` | High
|
||||
10 | File | `/php-scrm/login.php` | High
|
||||
11 | File | `/textpattern/index.php` | High
|
||||
12 | File | `/tmp` | Low
|
||||
13 | File | `account-signup.php` | High
|
||||
14 | File | `account/signup.php` | High
|
||||
15 | File | `action.php` | Medium
|
||||
16 | File | `addentry.php` | Medium
|
||||
17 | File | `admin.php` | Medium
|
||||
18 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
19 | File | `admin/admin_editor.php` | High
|
||||
20 | File | `admin/conf_users_edit.php` | High
|
||||
21 | File | `blocks/block-Old_Articles.php` | High
|
||||
22 | File | `bp_ncom.php` | Medium
|
||||
23 | File | `buy.php` | Low
|
||||
24 | File | `changePasswordForEmployee.php` | High
|
||||
6 | File | `/cgi-bin/wapopen` | High
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/mims/login.php` | High
|
||||
9 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
10 | File | `/php-opos/index.php` | High
|
||||
11 | File | `/php-scrm/login.php` | High
|
||||
12 | File | `/textpattern/index.php` | High
|
||||
13 | File | `/tmp` | Low
|
||||
14 | File | `account-signup.php` | High
|
||||
15 | File | `account/signup.php` | High
|
||||
16 | File | `action.php` | Medium
|
||||
17 | File | `addentry.php` | Medium
|
||||
18 | File | `admin.php` | Medium
|
||||
19 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
20 | File | `admin/admin_editor.php` | High
|
||||
21 | File | `admin/conf_users_edit.php` | High
|
||||
22 | File | `adminer.php` | Medium
|
||||
23 | File | `blocks/block-Old_Articles.php` | High
|
||||
24 | File | `bp_ncom.php` | Medium
|
||||
25 | ... | ... | ...
|
||||
|
||||
There are 207 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 211 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [DK](https://vuldb.com/?country.dk)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## Actors
|
||||
|
||||
|
@ -325,14 +325,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-35 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -340,50 +339,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `$HOME/.printers` | High
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/CPE` | Low
|
||||
4 | File | `/forum/PostPrivateMessage` | High
|
||||
5 | File | `/home/cavesConsole` | High
|
||||
6 | File | `/home/kickPlayer` | High
|
||||
7 | File | `/home/masterConsole` | High
|
||||
8 | File | `/home/sendBroadcast` | High
|
||||
9 | File | `/login/index.php` | High
|
||||
10 | File | `/oews/classes/Master.php?f=update_cart` | High
|
||||
11 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
12 | File | `/output/outdbg.c` | High
|
||||
13 | File | `/output/outieee.c` | High
|
||||
14 | File | `/param.file.tgz` | High
|
||||
15 | File | `/password/reset` | High
|
||||
16 | File | `/ptippage.cgi` | High
|
||||
17 | File | `/ptipupgrade.cgi` | High
|
||||
18 | File | `/royal_event/userregister.php` | High
|
||||
19 | File | `/setnetworksettings/IPAddress` | High
|
||||
20 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
21 | File | `/u/username.json` | High
|
||||
22 | File | `/user/s.php` | Medium
|
||||
23 | File | `/user/updatePwd` | High
|
||||
24 | File | `/wireless/basic.asp` | High
|
||||
25 | File | `/wireless/guestnetwork.asp` | High
|
||||
26 | File | `01article.php` | High
|
||||
27 | File | `add-locker-form.php` | High
|
||||
28 | File | `admin/abc.php` | High
|
||||
29 | File | `admin/add_payment.php` | High
|
||||
30 | File | `admin/approve_user.php` | High
|
||||
31 | File | `admin/disapprove_user.php` | High
|
||||
32 | File | `admin/expense_report.php` | High
|
||||
33 | File | `admin/forget_password.php` | High
|
||||
34 | File | `admin/make_payments.php` | High
|
||||
35 | File | `admin/manage_user.php` | High
|
||||
36 | File | `admin/page-login.php` | High
|
||||
37 | File | `admin/practice_pdf.php` | High
|
||||
38 | File | `admin\model\catalog\download.php` | High
|
||||
39 | File | `admin_class.php` | High
|
||||
40 | File | `agent/listener/templates/tail.html` | High
|
||||
41 | File | `ajax_invoice.php` | High
|
||||
42 | ... | ... | ...
|
||||
1 | File | `$GIT_DIR/objects` | High
|
||||
2 | File | `/+CSCOE+/logon.html` | High
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/add-new.php` | High
|
||||
7 | File | `/admin/admin.php` | High
|
||||
8 | File | `/admin/ajax.php` | High
|
||||
9 | File | `/admin/content/index` | High
|
||||
10 | File | `/admin/doctors.php` | High
|
||||
11 | File | `/admin/edit-doc.php` | High
|
||||
12 | File | `/admin/index3.php` | High
|
||||
13 | File | `/admin/login.php` | High
|
||||
14 | File | `/admin/patient.php` | High
|
||||
15 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
16 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
17 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
18 | File | `/adms/classes/Users.php` | High
|
||||
19 | File | `/alphaware/summary.php` | High
|
||||
20 | File | `/api/admin/system/store/order/list` | High
|
||||
21 | File | `/APR/login.php` | High
|
||||
22 | File | `/APR/signup.php` | High
|
||||
23 | File | `/backup.pl` | Medium
|
||||
24 | File | `/bin/httpd` | Medium
|
||||
25 | File | `/boat/login.php` | High
|
||||
26 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
27 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
28 | File | `/data/config.ftp.php` | High
|
||||
29 | File | `/ecshop/admin/template.php` | High
|
||||
30 | File | `/editor/index.php` | High
|
||||
31 | File | `/edoc/doctor/patient.php` | High
|
||||
32 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
33 | File | `/file_manager/login.php` | High
|
||||
34 | File | `/fos/admin/ajax.php?action=save_settings` | High
|
||||
35 | File | `/goform/SetSysTimeCfg` | High
|
||||
36 | File | `/home/cavesConsole` | High
|
||||
37 | File | `/Moosikay/order.php` | High
|
||||
38 | File | `/oews/classes/Master.php?f=update_cart` | High
|
||||
39 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
40 | File | `/param.file.tgz` | High
|
||||
41 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
42 | File | `/philosophy/admin/login.php` | High
|
||||
43 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
44 | File | `/php-opos/index.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 366 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -57,27 +57,27 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/countrymanagement.php` | High
|
||||
2 | File | `/admin/newsletter1.php` | High
|
||||
3 | File | `/admin/payment.php` | High
|
||||
4 | File | `/doc/packages` | High
|
||||
5 | File | `/forum/away.php` | High
|
||||
6 | File | `/getcfg.php` | Medium
|
||||
7 | File | `/hrm/employeeview.php` | High
|
||||
8 | File | `/login` | Low
|
||||
9 | File | `/mkshop/Men/profile.php` | High
|
||||
10 | File | `/newsDia.php` | Medium
|
||||
11 | File | `/product_list.php` | High
|
||||
12 | File | `/rom-0` | Low
|
||||
13 | File | `/scas/admin/` | Medium
|
||||
14 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
15 | File | `/tpts/manage_user.php` | High
|
||||
16 | File | `/var/log/nginx` | High
|
||||
17 | File | `/web/entry/en/address/adrsSetUserWizard.cgi` | High
|
||||
18 | File | `adclick.php` | Medium
|
||||
1 | File | `/admin.php/update/getFile.html` | High
|
||||
2 | File | `/admin/countrymanagement.php` | High
|
||||
3 | File | `/admin/newsletter1.php` | High
|
||||
4 | File | `/admin/payment.php` | High
|
||||
5 | File | `/doc/packages` | High
|
||||
6 | File | `/forum/away.php` | High
|
||||
7 | File | `/getcfg.php` | Medium
|
||||
8 | File | `/hrm/employeeview.php` | High
|
||||
9 | File | `/login` | Low
|
||||
10 | File | `/mkshop/Men/profile.php` | High
|
||||
11 | File | `/newsDia.php` | Medium
|
||||
12 | File | `/product_list.php` | High
|
||||
13 | File | `/rom-0` | Low
|
||||
14 | File | `/scas/admin/` | Medium
|
||||
15 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
16 | File | `/tpts/manage_user.php` | High
|
||||
17 | File | `/var/log/nginx` | High
|
||||
18 | File | `/web/entry/en/address/adrsSetUserWizard.cgi` | High
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 152 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 158 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -790,8 +790,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -815,33 +814,34 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DXR.axd` | Medium
|
||||
18 | File | `/files/import` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/librarian/bookdetails.php` | High
|
||||
25 | File | `/medicines/profile.php` | High
|
||||
26 | File | `/Moosikay/order.php` | High
|
||||
27 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
28 | File | `/out.php` | Medium
|
||||
29 | File | `/param.file.tgz` | High
|
||||
30 | File | `/php-opos/index.php` | High
|
||||
31 | File | `/reports/rwservlet` | High
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/tmp/boa-temp` | High
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
37 | File | `/video-sharing-script/watch-video.php` | High
|
||||
38 | File | `/wireless/security.asp` | High
|
||||
39 | ... | ... | ...
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DXR.axd` | Medium
|
||||
19 | File | `/files/import` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/home/masterConsole` | High
|
||||
24 | File | `/home/sendBroadcast` | High
|
||||
25 | File | `/librarian/bookdetails.php` | High
|
||||
26 | File | `/medicines/profile.php` | High
|
||||
27 | File | `/Moosikay/order.php` | High
|
||||
28 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
30 | File | `/param.file.tgz` | High
|
||||
31 | File | `/php-opos/index.php` | High
|
||||
32 | File | `/public/launchNewWindow.jsp` | High
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/spip.php` | Medium
|
||||
35 | File | `/tmp/boa-temp` | High
|
||||
36 | File | `/uncpath/` | Medium
|
||||
37 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
38 | File | `/video-sharing-script/watch-video.php` | High
|
||||
39 | File | `/wireless/security.asp` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 335 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 347 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -102,13 +102,13 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/tourism/rate_review.php` | High
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
27 | File | `/var/log/messages` | High
|
||||
28 | File | `/var/www/core/controller/index.php` | High
|
||||
29 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `/var/www/core/controller/index.php` | High
|
||||
28 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `action-visitor.php` | High
|
||||
31 | ... | ... | ...
|
||||
|
||||
There are 261 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 265 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -67,7 +67,8 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/home/httpd/cgi-bin/cgi.cgi` | High
|
||||
5 | File | `/management/api/rcx_management/global_config_query` | High
|
||||
6 | File | `/onvif/device_service` | High
|
||||
7 | ... | ... | ...
|
||||
7 | File | `/setSystemAdmin` | High
|
||||
8 | ... | ... | ...
|
||||
|
||||
There are 52 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -74,44 +74,43 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/add-fee.php` | High
|
||||
5 | File | `/admin/baojia_list.php` | High
|
||||
6 | File | `/admin/loginc.php` | High
|
||||
7 | File | `/anony/mjpg.cgi` | High
|
||||
8 | File | `/api/common/ping` | High
|
||||
9 | File | `/api/v2/open/rowsInfo` | High
|
||||
10 | File | `/appointments/update_status.php` | High
|
||||
11 | File | `/binbloom-master/src/helpers.c` | High
|
||||
12 | File | `/bookings/update_status.php` | High
|
||||
13 | File | `/classes/Users.php?f=delete_client` | High
|
||||
14 | File | `/contacts/listcontacts.php` | High
|
||||
15 | File | `/Core/Ap4File.cpp` | High
|
||||
16 | File | `/data/app` | Medium
|
||||
17 | File | `/dede/file_manage_control.php` | High
|
||||
18 | File | `/depotHead/list` | High
|
||||
19 | File | `/etc/openshift/server_priv.pem` | High
|
||||
20 | File | `/etc/os-release` | High
|
||||
21 | File | `/etc/pki/pulp/nodes/` | High
|
||||
22 | File | `/forms/web_runScript` | High
|
||||
23 | File | `/fs/nfsd/nfs4proc.c` | High
|
||||
24 | File | `/garage/php_action/createBrand.php` | High
|
||||
25 | File | `/general/search.php?searchtype=simple` | High
|
||||
26 | File | `/goform/AddSysLogRule` | High
|
||||
27 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
28 | File | `/goform/qossetting` | High
|
||||
29 | File | `/goform/setAutoPing` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/hss/?page=product_per_brand` | High
|
||||
32 | File | `/isomedia/meta.c` | High
|
||||
33 | File | `/meetings/listmeetings.php` | High
|
||||
34 | File | `/odlms/?page=appointments/view_appointment` | High
|
||||
35 | File | `/odlms/classes/Users.php?f=delete` | High
|
||||
36 | File | `/one/siteinfo.php` | High
|
||||
37 | File | `/proc/*/exe` | Medium
|
||||
38 | File | `/projects/listprojects.php` | High
|
||||
39 | File | `/release-x64/otfccdump+0x4adcdb` | High
|
||||
40 | File | `/release-x64/otfccdump+0x6e41b8` | High
|
||||
41 | File | `/release-x64/otfccdump+0x6e412a` | High
|
||||
42 | ... | ... | ...
|
||||
7 | File | `/api/common/ping` | High
|
||||
8 | File | `/api/v2/open/rowsInfo` | High
|
||||
9 | File | `/appointments/update_status.php` | High
|
||||
10 | File | `/binbloom-master/src/helpers.c` | High
|
||||
11 | File | `/bookings/update_status.php` | High
|
||||
12 | File | `/classes/Users.php?f=delete_client` | High
|
||||
13 | File | `/contacts/listcontacts.php` | High
|
||||
14 | File | `/Core/Ap4File.cpp` | High
|
||||
15 | File | `/data/app` | Medium
|
||||
16 | File | `/dede/file_manage_control.php` | High
|
||||
17 | File | `/depotHead/list` | High
|
||||
18 | File | `/etc/openshift/server_priv.pem` | High
|
||||
19 | File | `/etc/os-release` | High
|
||||
20 | File | `/etc/pki/pulp/nodes/` | High
|
||||
21 | File | `/forms/web_runScript` | High
|
||||
22 | File | `/fs/nfsd/nfs4proc.c` | High
|
||||
23 | File | `/garage/php_action/createBrand.php` | High
|
||||
24 | File | `/general/search.php?searchtype=simple` | High
|
||||
25 | File | `/goform/AddSysLogRule` | High
|
||||
26 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
27 | File | `/goform/qossetting` | High
|
||||
28 | File | `/goform/setAutoPing` | High
|
||||
29 | File | `/hrm/employeeview.php` | High
|
||||
30 | File | `/hss/?page=product_per_brand` | High
|
||||
31 | File | `/isomedia/meta.c` | High
|
||||
32 | File | `/meetings/listmeetings.php` | High
|
||||
33 | File | `/odlms/?page=appointments/view_appointment` | High
|
||||
34 | File | `/odlms/classes/Users.php?f=delete` | High
|
||||
35 | File | `/one/siteinfo.php` | High
|
||||
36 | File | `/proc/*/exe` | Medium
|
||||
37 | File | `/projects/listprojects.php` | High
|
||||
38 | File | `/release-x64/otfccdump+0x4adcdb` | High
|
||||
39 | File | `/release-x64/otfccdump+0x6e41b8` | High
|
||||
40 | File | `/release-x64/otfccdump+0x6e412a` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
Loading…
Reference in New Issue