Update August 2023
这个提交包含在:
父节点
e41f13e7d4
当前提交
a4924b8159
|
@ -45,9 +45,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -90,11 +91,12 @@ ID | Type | Indicator | Confidence
|
|||
33 | File | `/out.php` | Medium
|
||||
34 | File | `/p` | Low
|
||||
35 | File | `/pages/processlogin.php` | High
|
||||
36 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
37 | File | `/services/Card/findUser` | High
|
||||
38 | ... | ... | ...
|
||||
36 | File | `/preview.php` | Medium
|
||||
37 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
38 | File | `/services/Card/findUser` | High
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 325 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -59,67 +59,59 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/apilog.php` | Medium
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
15 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/feeds/post/publish` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/feeds/post/publish` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/h/` | Low
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
29 | File | `/index.php?page=category_list` | High
|
||||
30 | File | `/items/view_item.php` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
33 | File | `/lookin/info` | Medium
|
||||
34 | File | `/medical/inventories.php` | High
|
||||
35 | File | `/modules/profile/index.php` | High
|
||||
36 | File | `/modules/public/calendar.php` | High
|
||||
37 | File | `/Moosikay/order.php` | High
|
||||
38 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
39 | File | `/newsDia.php` | Medium
|
||||
40 | File | `/opac/Actions.php?a=login` | High
|
||||
41 | File | `/out.php` | Medium
|
||||
42 | File | `/php-opos/index.php` | High
|
||||
43 | File | `/PreviewHandler.ashx` | High
|
||||
44 | File | `/proxy` | Low
|
||||
45 | File | `/public/launchNewWindow.jsp` | High
|
||||
46 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
47 | File | `/reports/rwservlet` | High
|
||||
48 | File | `/reservation/add_message.php` | High
|
||||
49 | File | `/spip.php` | Medium
|
||||
50 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
51 | File | `/staff/bookdetails.php` | High
|
||||
52 | File | `/uncpath/` | Medium
|
||||
53 | File | `/user/updatePwd` | High
|
||||
54 | File | `/user/update_booking.php` | High
|
||||
55 | File | `/var/lib/docker/<remapping>` | High
|
||||
56 | File | `/wireless/security.asp` | High
|
||||
57 | File | `/wp-admin/admin-ajax.php` | High
|
||||
58 | File | `01article.php` | High
|
||||
59 | File | `a-forms.php` | Medium
|
||||
60 | File | `AbstractScheduleJob.java` | High
|
||||
61 | File | `actionphp/download.File.php` | High
|
||||
62 | File | `activenews_view.asp` | High
|
||||
63 | File | `adclick.php` | Medium
|
||||
64 | File | `admin.a6mambocredits.php` | High
|
||||
65 | File | `admin.cropcanvas.php` | High
|
||||
66 | File | `admin.php` | Medium
|
||||
67 | File | `admin/abc.php` | High
|
||||
68 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
69 | ... | ... | ...
|
||||
27 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
28 | File | `/index.php?page=category_list` | High
|
||||
29 | File | `/jobinfo/` | Medium
|
||||
30 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
31 | File | `/lookin/info` | Medium
|
||||
32 | File | `/Moosikay/order.php` | High
|
||||
33 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
34 | File | `/opac/Actions.php?a=login` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/PreviewHandler.ashx` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/student/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/uploads/exam_question/` | High
|
||||
47 | File | `/user/updatePwd` | High
|
||||
48 | File | `/var/lib/docker/<remapping>` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wp-admin/admin-ajax.php` | High
|
||||
51 | File | `01article.php` | High
|
||||
52 | File | `a-forms.php` | Medium
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `admin.a6mambocredits.php` | High
|
||||
58 | File | `admin.cropcanvas.php` | High
|
||||
59 | File | `admin.php` | Medium
|
||||
60 | File | `admin/abc.php` | High
|
||||
61 | ... | ... | ...
|
||||
|
||||
There are 607 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 530 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -73,10 +73,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -85,15 +85,15 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/../conf/config.properties` | High
|
||||
2 | File | `/dashboard/updatelogo.php` | High
|
||||
3 | File | `/drivers/infiniband/core/cm.c` | High
|
||||
4 | File | `/etc/openshift/server_priv.pem` | High
|
||||
5 | File | `/files.md5` | Medium
|
||||
6 | File | `/forum/away.php` | High
|
||||
7 | File | `/horde/util/go.php` | High
|
||||
2 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
3 | File | `/csms/admin/inquiries/view_details.php` | High
|
||||
4 | File | `/dashboard/updatelogo.php` | High
|
||||
5 | File | `/etc/openshift/server_priv.pem` | High
|
||||
6 | File | `/files.md5` | Medium
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/hrm/employeeview.php` | High
|
||||
9 | File | `/images/` | Medium
|
||||
10 | File | `/inc/parser/xhtml.php` | High
|
||||
10 | File | `/include/chart_generator.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/librarian/bookdetails.php` | High
|
||||
13 | File | `/login` | Low
|
||||
|
@ -111,15 +111,16 @@ ID | Type | Indicator | Confidence
|
|||
25 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
26 | File | `/secure/admin/ViewInstrumentation.jspa` | High
|
||||
27 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
28 | File | `/textpattern/index.php` | High
|
||||
29 | File | `/uncpath/` | Medium
|
||||
28 | File | `/SVFE2/pages/feegroups/country_group.jsf` | High
|
||||
29 | File | `/textpattern/index.php` | High
|
||||
30 | File | `/v2/quantum/save-data-upload-big-file` | High
|
||||
31 | File | `4.edu.php` | Medium
|
||||
32 | File | `adclick.php` | Medium
|
||||
33 | File | `addentry.php` | Medium
|
||||
34 | ... | ... | ...
|
||||
34 | File | `admin.cropcanvas.php` | High
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 292 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 300 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -14,8 +14,8 @@ The following _campaigns_ are known and can be associated with APT17:
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with APT17:
|
||||
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
|
@ -62,7 +62,7 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `detail.php` | Medium
|
||||
7 | ... | ... | ...
|
||||
|
||||
There are 48 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 49 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -66,40 +66,40 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/cgi-bin/wapopen` | High
|
||||
4 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
5 | File | `/config/getuser` | High
|
||||
6 | File | `/etc/ajenti/config.yml` | High
|
||||
7 | File | `/etc/shadow` | Medium
|
||||
8 | File | `/forum/away.php` | High
|
||||
9 | File | `/goform/telnet` | High
|
||||
10 | File | `/infusions/shoutbox_panel/shoutbox_admin.php` | High
|
||||
11 | File | `/lan.asp` | Medium
|
||||
12 | File | `/modules/profile/index.php` | High
|
||||
13 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
14 | File | `/oscommerce/admin/currencies.php` | High
|
||||
15 | File | `/proc/pid/syscall` | High
|
||||
16 | File | `/public/launchNewWindow.jsp` | High
|
||||
17 | File | `/rapi/read_url` | High
|
||||
18 | File | `/rom-0` | Low
|
||||
19 | File | `/session/list/allActiveSession` | High
|
||||
20 | File | `/SysInfo.htm` | Medium
|
||||
21 | File | `/syslog_rules` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/upload` | Low
|
||||
24 | File | `/users/{id}` | Medium
|
||||
25 | File | `/var/tmp/sess_*` | High
|
||||
26 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
27 | File | `/video` | Low
|
||||
28 | File | `actionphp/download.File.php` | High
|
||||
29 | File | `ActivityManagerService.java` | High
|
||||
30 | File | `adaptmap_reg.c` | High
|
||||
31 | File | `add_comment.php` | High
|
||||
32 | File | `admin.cgi` | Medium
|
||||
33 | File | `admin.php` | Medium
|
||||
34 | File | `admin.php?action=files` | High
|
||||
35 | File | `admin/admin.php` | High
|
||||
36 | File | `admin/content.php` | High
|
||||
37 | File | `admin/index.php?id=users/action=edit/user_id=1` | High
|
||||
38 | File | `admin/modules/master_file/rda_cmc.php?keywords` | High
|
||||
39 | File | `admin_gallery.php3` | High
|
||||
6 | File | `/csms/?page=contact_us` | High
|
||||
7 | File | `/etc/ajenti/config.yml` | High
|
||||
8 | File | `/etc/shadow` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/goform/telnet` | High
|
||||
11 | File | `/h/` | Low
|
||||
12 | File | `/infusions/shoutbox_panel/shoutbox_admin.php` | High
|
||||
13 | File | `/lan.asp` | Medium
|
||||
14 | File | `/modules/profile/index.php` | High
|
||||
15 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
16 | File | `/oscommerce/admin/currencies.php` | High
|
||||
17 | File | `/proc/pid/syscall` | High
|
||||
18 | File | `/public/launchNewWindow.jsp` | High
|
||||
19 | File | `/rapi/read_url` | High
|
||||
20 | File | `/rom-0` | Low
|
||||
21 | File | `/session/list/allActiveSession` | High
|
||||
22 | File | `/SysInfo.htm` | Medium
|
||||
23 | File | `/syslog_rules` | High
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/upload` | Low
|
||||
26 | File | `/users/{id}` | Medium
|
||||
27 | File | `/var/tmp/sess_*` | High
|
||||
28 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
29 | File | `/video` | Low
|
||||
30 | File | `actionphp/download.File.php` | High
|
||||
31 | File | `ActivityManagerService.java` | High
|
||||
32 | File | `adaptmap_reg.c` | High
|
||||
33 | File | `add_comment.php` | High
|
||||
34 | File | `admin.cgi` | Medium
|
||||
35 | File | `admin.php` | Medium
|
||||
36 | File | `admin.php?action=files` | High
|
||||
37 | File | `admin/admin.php` | High
|
||||
38 | File | `admin/content.php` | High
|
||||
39 | File | `admin/index.php?id=users/action=edit/user_id=1` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
|
|
@ -93,10 +93,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -157,7 +158,7 @@ ID | Type | Indicator | Confidence
|
|||
49 | File | `AdxDSrv.exe` | Medium
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 431 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 434 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -66,11 +66,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -91,10 +91,10 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/api/admin/store/product/list` | High
|
||||
12 | File | `/api/stl/actions/search` | High
|
||||
13 | File | `/api/v2/cli/commands` | High
|
||||
14 | File | `/app/options.py` | High
|
||||
15 | File | `/attachments` | Medium
|
||||
16 | File | `/bin/ate` | Medium
|
||||
17 | File | `/boat/login.php` | High
|
||||
14 | File | `/attachments` | Medium
|
||||
15 | File | `/bin/ate` | Medium
|
||||
16 | File | `/boat/login.php` | High
|
||||
17 | File | `/booking/show_bookings/` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin` | Medium
|
||||
20 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
|
@ -104,26 +104,28 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
25 | File | `/debug/pprof` | Medium
|
||||
26 | File | `/DXR.axd` | Medium
|
||||
27 | File | `/env` | Low
|
||||
28 | File | `/etc/hosts` | Medium
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/goform/setmac` | High
|
||||
31 | File | `/goform/wizard_end` | High
|
||||
32 | File | `/manage-apartment.php` | High
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
36 | File | `/owa/auth/logon.aspx` | High
|
||||
37 | File | `/pages/apply_vacancy.php` | High
|
||||
38 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
39 | File | `/proc/<PID>/mem` | High
|
||||
40 | File | `/project/PROJECTNAME/reports/` | High
|
||||
41 | File | `/proxy` | Low
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | ... | ... | ...
|
||||
27 | File | `/en/blog-comment-4` | High
|
||||
28 | File | `/env` | Low
|
||||
29 | File | `/etc/hosts` | Medium
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/goform/setmac` | High
|
||||
32 | File | `/goform/wizard_end` | High
|
||||
33 | File | `/h/` | Low
|
||||
34 | File | `/manage-apartment.php` | High
|
||||
35 | File | `/medicines/profile.php` | High
|
||||
36 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
37 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
38 | File | `/owa/auth/logon.aspx` | High
|
||||
39 | File | `/pages/apply_vacancy.php` | High
|
||||
40 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
41 | File | `/project/PROJECTNAME/reports/` | High
|
||||
42 | File | `/proxy` | Low
|
||||
43 | File | `/reservation/add_message.php` | High
|
||||
44 | File | `/resources//../` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 381 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 403 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -57,7 +57,7 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/.ssh/authorized_keys` | High
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/ajax.php?action=read_msg` | High
|
||||
4 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
|
@ -102,7 +102,7 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `/sys/dict/queryTableData` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 387 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `appserv/main.php` | High
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 117 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 119 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -17,11 +17,11 @@ The following _campaigns_ are known and can be associated with APT33:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with APT33:
|
||||
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -78,7 +78,7 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/userprofile.php` | High
|
||||
7 | File | `/api/audits` | Medium
|
||||
8 | File | `/bin/sh` | Low
|
||||
9 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
9 | File | `/booking/show_bookings/` | High
|
||||
10 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
|
||||
11 | File | `/calendar/viewcalendar.php` | High
|
||||
12 | File | `/cas/logout` | Medium
|
||||
|
@ -88,41 +88,44 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/classes/Users.php?f=delete_client` | High
|
||||
17 | File | `/clients/profile` | High
|
||||
18 | File | `/cms/notify` | Medium
|
||||
19 | File | `/depotHead/list` | High
|
||||
20 | File | `/env` | Low
|
||||
21 | File | `/ext/phar/phar_object.c` | High
|
||||
22 | File | `/file_manager/admin/save_user.php` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/setSysPwd` | High
|
||||
25 | File | `/goform/SysToolReboot` | High
|
||||
26 | File | `/goform/SysToolRestoreSet` | High
|
||||
27 | File | `/goform/WifiBasicSet` | High
|
||||
28 | File | `/goform/wifiSSIDset` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hss/?page=product_per_brand` | High
|
||||
31 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
32 | File | `/hss/admin/?page=user/manage_user` | High
|
||||
33 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
34 | File | `/index.php?module=configuration/application` | High
|
||||
35 | File | `/index.php?module=entities/forms&entities_id=24` | High
|
||||
36 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||||
37 | File | `/jurusan/data` | High
|
||||
38 | File | `/kelasdosen/data` | High
|
||||
39 | File | `/login` | Low
|
||||
40 | File | `/network_test.php` | High
|
||||
41 | File | `/odlms//classes/Master.php?f=delete_activity` | High
|
||||
42 | File | `/php-sms/admin/quotes/manage_remark.php` | High
|
||||
43 | File | `/plugin/getList` | High
|
||||
44 | File | `/projects/listprojects.php` | High
|
||||
45 | File | `/queuing/admin/ajax.php?action=save_settings` | High
|
||||
46 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
47 | File | `/tmp` | Low
|
||||
48 | File | `/v1/sql-runner` | High
|
||||
49 | File | `/var/polycom/cma/upgrade/scripts` | High
|
||||
50 | File | `/var/tmp/abrt/*/maps` | High
|
||||
51 | ... | ... | ...
|
||||
19 | File | `/contact/store` | High
|
||||
20 | File | `/depotHead/list` | High
|
||||
21 | File | `/env` | Low
|
||||
22 | File | `/ext/phar/phar_object.c` | High
|
||||
23 | File | `/file_manager/admin/save_user.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/goform/RgUrlBlock.asp` | High
|
||||
26 | File | `/goform/setSysPwd` | High
|
||||
27 | File | `/goform/SysToolReboot` | High
|
||||
28 | File | `/goform/SysToolRestoreSet` | High
|
||||
29 | File | `/goform/WifiBasicSet` | High
|
||||
30 | File | `/goform/wifiSSIDset` | High
|
||||
31 | File | `/h/` | Low
|
||||
32 | File | `/hrm/employeeadd.php` | High
|
||||
33 | File | `/hss/?page=product_per_brand` | High
|
||||
34 | File | `/hss/admin/?page=client/manage_client` | High
|
||||
35 | File | `/hss/admin/?page=user/manage_user` | High
|
||||
36 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
37 | File | `/index.php?module=configuration/application` | High
|
||||
38 | File | `/index.php?module=entities/forms&entities_id=24` | High
|
||||
39 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||||
40 | File | `/jurusan/data` | High
|
||||
41 | File | `/kelasdosen/data` | High
|
||||
42 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
43 | File | `/login` | Low
|
||||
44 | File | `/odlms//classes/Master.php?f=delete_activity` | High
|
||||
45 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
46 | File | `/paysystem/datatable.php` | High
|
||||
47 | File | `/plugin/getList` | High
|
||||
48 | File | `/projects/listprojects.php` | High
|
||||
49 | File | `/queuing/admin/ajax.php?action=save_settings` | High
|
||||
50 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
51 | File | `/tmp` | Low
|
||||
52 | File | `/v1/sql-runner` | High
|
||||
53 | File | `/var/polycom/cma/upgrade/scripts` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 446 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 470 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -110,9 +110,10 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `/goform/RgUrlBlock.asp` | High
|
||||
45 | File | `/goform/wlanPrimaryNetwork` | High
|
||||
46 | File | `/horde/imp/search.php` | High
|
||||
47 | ... | ... | ...
|
||||
47 | File | `/index.php` | Medium
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 407 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 412 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -71,7 +71,7 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/uncpath/` | Medium
|
||||
16 | ... | ... | ...
|
||||
|
||||
There are 126 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 127 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -83,46 +83,45 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/application/common.php#action_log` | High
|
||||
6 | File | `/authUserAction!edit.action` | High
|
||||
7 | File | `/baseOpLog.do` | High
|
||||
8 | File | `/category_view.php` | High
|
||||
9 | File | `/cgi-bin/portal` | High
|
||||
10 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
11 | File | `/classes/Users.php` | High
|
||||
12 | File | `/common/download?filename=1.jsp&delete=false` | High
|
||||
13 | File | `/csms/?page=contact_us` | High
|
||||
14 | File | `/data/remove` | Medium
|
||||
15 | File | `/debug` | Low
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/dede/group_store.php` | High
|
||||
18 | File | `/dialog/select_media.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/goform/PowerSaveSet` | High
|
||||
21 | File | `/include/make.php` | High
|
||||
22 | File | `/index.php` | Medium
|
||||
23 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
24 | File | `/lists/admin/` | High
|
||||
25 | File | `/login.cgi?logout=1` | High
|
||||
26 | File | `/medical/inventories.php` | High
|
||||
27 | File | `/members/view_member.php` | High
|
||||
28 | File | `/mgmt/tm/util/bash` | High
|
||||
29 | File | `/module/admin_logs` | High
|
||||
30 | File | `/nova/bin/console` | High
|
||||
31 | File | `/owa/auth/logon.aspx` | High
|
||||
32 | File | `/plesk-site-preview/` | High
|
||||
33 | File | `/public/login.htm` | High
|
||||
34 | File | `/public/plugins/` | High
|
||||
35 | File | `/replication` | Medium
|
||||
36 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
37 | File | `/scas/classes/Users.php?f=save_user` | High
|
||||
38 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
39 | File | `/secure/admin/ViewInstrumentation.jspa` | High
|
||||
40 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
41 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
42 | File | `/start-stop` | Medium
|
||||
43 | File | `/start_apply.htm` | High
|
||||
44 | File | `/thruk/#cgi-bin/extinfo.cgi?type=2` | High
|
||||
45 | ... | ... | ...
|
||||
8 | File | `/category/list?limit=10&offset=0&order=desc` | High
|
||||
9 | File | `/category_view.php` | High
|
||||
10 | File | `/cgi-bin/portal` | High
|
||||
11 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
12 | File | `/classes/Users.php` | High
|
||||
13 | File | `/cms/category/list` | High
|
||||
14 | File | `/common/download?filename=1.jsp&delete=false` | High
|
||||
15 | File | `/csms/?page=contact_us` | High
|
||||
16 | File | `/data/remove` | Medium
|
||||
17 | File | `/debug` | Low
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/dede/group_store.php` | High
|
||||
20 | File | `/dialog/select_media.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/PowerSaveSet` | High
|
||||
23 | File | `/include/make.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/jeecg-boot/sys/common/upload` | High
|
||||
26 | File | `/login.cgi?logout=1` | High
|
||||
27 | File | `/medical/inventories.php` | High
|
||||
28 | File | `/members/view_member.php` | High
|
||||
29 | File | `/mgmt/tm/util/bash` | High
|
||||
30 | File | `/module/admin_logs` | High
|
||||
31 | File | `/nova/bin/console` | High
|
||||
32 | File | `/owa/auth/logon.aspx` | High
|
||||
33 | File | `/plesk-site-preview/` | High
|
||||
34 | File | `/public/login.htm` | High
|
||||
35 | File | `/public/plugins/` | High
|
||||
36 | File | `/replication` | Medium
|
||||
37 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
38 | File | `/scas/classes/Users.php?f=save_user` | High
|
||||
39 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
40 | File | `/secure/admin/ViewInstrumentation.jspa` | High
|
||||
41 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
42 | File | `/SSOPOST/metaAlias/%realm%/idpv2` | High
|
||||
43 | File | `/start-stop` | Medium
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 386 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 383 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -67,30 +67,33 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/attachments` | Medium
|
||||
17 | File | `/bin/ate` | Medium
|
||||
18 | File | `/boat/login.php` | High
|
||||
19 | File | `/bsms_ci/index.php/book` | High
|
||||
20 | File | `/cgi-bin` | Medium
|
||||
21 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
22 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
23 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
24 | File | `/dashboard/reports/logs/view` | High
|
||||
25 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
26 | File | `/debug/pprof` | Medium
|
||||
27 | File | `/env` | Low
|
||||
28 | File | `/etc/hosts` | Medium
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/goform/setmac` | High
|
||||
31 | File | `/goform/wizard_end` | High
|
||||
32 | File | `/manage-apartment.php` | High
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/pages/apply_vacancy.php` | High
|
||||
36 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
37 | File | `/proc/<PID>/mem` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | ... | ... | ...
|
||||
19 | File | `/booking/show_bookings/` | High
|
||||
20 | File | `/bsms_ci/index.php/book` | High
|
||||
21 | File | `/cgi-bin` | Medium
|
||||
22 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
23 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
24 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
25 | File | `/dashboard/reports/logs/view` | High
|
||||
26 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
27 | File | `/debug/pprof` | Medium
|
||||
28 | File | `/env` | Low
|
||||
29 | File | `/etc/hosts` | Medium
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/goform/setmac` | High
|
||||
32 | File | `/goform/wizard_end` | High
|
||||
33 | File | `/manage-apartment.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/pages/apply_vacancy.php` | High
|
||||
37 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
38 | File | `/proc/<PID>/mem` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/tmp` | Low
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 369 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -97,7 +97,7 @@ ID | Type | Indicator | Confidence
|
|||
17 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
18 | ... | ... | ...
|
||||
|
||||
There are 147 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 149 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Africa Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -3967,13 +3967,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-29, CWE-35, CWE-36, CWE-50 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-29, CWE-36, CWE-50 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -3983,61 +3984,58 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
5 | File | `/admin/?setting-base.htm` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
8 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
9 | File | `/admin/maintenance/view_designation.php` | High
|
||||
10 | File | `/admin/report/index.php` | High
|
||||
11 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/admin/userprofile.php` | High
|
||||
13 | File | `/api/upload.php` | High
|
||||
14 | File | `/application/common.php#action_log` | High
|
||||
15 | File | `/bin/ate` | Medium
|
||||
16 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
17 | File | `/cgi-bin/activate.cgi` | High
|
||||
18 | File | `/cgi-bin/kerbynet` | High
|
||||
19 | File | `/cgi-bin/wapopen` | High
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
3 | File | `/act/ActDao.xml` | High
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/bookings/manage_booking.php` | High
|
||||
6 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
7 | File | `/admin/index.php` | High
|
||||
8 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
9 | File | `/admin/sys_sql_query.php` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/api/upload.php` | High
|
||||
12 | File | `/application/common.php#action_log` | High
|
||||
13 | File | `/bin/ate` | Medium
|
||||
14 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
15 | File | `/cgi-bin/kerbynet` | High
|
||||
16 | File | `/cgi-bin/luci;stok=/locale` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/classes/Master.php?f=delete_category` | High
|
||||
19 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
20 | File | `/classes/Master.php?f=delete_item` | High
|
||||
21 | File | `/classes/Master.php?f=delete_service` | High
|
||||
22 | File | `/classes/Master.php?f=save_course` | High
|
||||
23 | File | `/classes/Users.php?f=save` | High
|
||||
24 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
25 | File | `/Electron/download` | High
|
||||
26 | File | `/export` | Low
|
||||
27 | File | `/feeds/post/publish` | High
|
||||
28 | File | `/form/index.php?module=getjson` | High
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/goForm/aspForm` | High
|
||||
31 | File | `/goform/form2Wan.cgi` | High
|
||||
32 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
33 | File | `/inc/topBarNav.php` | High
|
||||
34 | File | `/index.php/archives/1/comment` | High
|
||||
35 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
36 | File | `/index.php?page=category_list` | High
|
||||
37 | File | `/jobinfo/` | Medium
|
||||
38 | File | `/KK_LS9ReportingPortal/GetData` | High
|
||||
39 | File | `/librarian/bookdetails.php` | High
|
||||
40 | File | `/login.php` | Medium
|
||||
41 | File | `/Moosikay/order.php` | High
|
||||
42 | File | `/opac/Actions.php?a=login` | High
|
||||
43 | File | `/PreviewHandler.ashx` | High
|
||||
44 | File | `/proxy` | Low
|
||||
45 | File | `/queuing/login.php` | High
|
||||
46 | File | `/reservation/add_message.php` | High
|
||||
47 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
48 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
49 | File | `/sys/user/querySysUser?username=admin` | High
|
||||
50 | File | `/text/pdf/PdfReader.java` | High
|
||||
51 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
|
||||
52 | File | `/upload` | Low
|
||||
53 | File | `/user/updatePwd` | High
|
||||
54 | File | `/utils/ToHtmlServlet.java` | High
|
||||
55 | ... | ... | ...
|
||||
22 | File | `/classes/Master.php?f=save_service` | High
|
||||
23 | File | `/classes/Users.php` | High
|
||||
24 | File | `/classes/Users.php?f=save` | High
|
||||
25 | File | `/company/store` | High
|
||||
26 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
27 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
28 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
29 | File | `/ecommerce/support_ticket` | High
|
||||
30 | File | `/Electron/download` | High
|
||||
31 | File | `/export` | Low
|
||||
32 | File | `/feeds/post/publish` | High
|
||||
33 | File | `/forum/away.php` | High
|
||||
34 | File | `/goForm/aspForm` | High
|
||||
35 | File | `/h/` | Low
|
||||
36 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
37 | File | `/index.php/archives/1/comment` | High
|
||||
38 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
39 | File | `/index.php?page=category_list` | High
|
||||
40 | File | `/install/index.php` | High
|
||||
41 | File | `/ipms/imageConvert/image` | High
|
||||
42 | File | `/jobinfo/` | Medium
|
||||
43 | File | `/librarian/bookdetails.php` | High
|
||||
44 | File | `/login.php` | Medium
|
||||
45 | File | `/Moosikay/order.php` | High
|
||||
46 | File | `/opac/Actions.php?a=login` | High
|
||||
47 | File | `/patient/doctors.php` | High
|
||||
48 | File | `/php-lfis/admin/?page=system_info/contact_information` | High
|
||||
49 | File | `/preview.php` | Medium
|
||||
50 | File | `/PreviewHandler.ashx` | High
|
||||
51 | File | `/reservation/add_message.php` | High
|
||||
52 | ... | ... | ...
|
||||
|
||||
There are 481 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 457 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -27,22 +27,23 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [3.93.18.244](https://vuldb.com/?ip.3.93.18.244) | ec2-3-93-18-244.compute-1.amazonaws.com | - | Medium
|
||||
2 | [3.217.248.28](https://vuldb.com/?ip.3.217.248.28) | ec2-3-217-248-28.compute-1.amazonaws.com | - | Medium
|
||||
3 | [23.95.85.181](https://vuldb.com/?ip.23.95.85.181) | 23-95-85-181-host.colocrossing.com | - | High
|
||||
4 | [31.3.251.197](https://vuldb.com/?ip.31.3.251.197) | h31-3-251-197.host.redstation.co.uk | - | High
|
||||
5 | [31.209.137.12](https://vuldb.com/?ip.31.209.137.12) | smtp.vivaldi.net | - | High
|
||||
6 | [34.200.207.31](https://vuldb.com/?ip.34.200.207.31) | ec2-34-200-207-31.compute-1.amazonaws.com | - | Medium
|
||||
7 | [37.19.196.108](https://vuldb.com/?ip.37.19.196.108) | unn-37-19-196-108.datapacket.com | - | High
|
||||
8 | [45.142.215.180](https://vuldb.com/?ip.45.142.215.180) | connectoms.host | - | High
|
||||
9 | [45.156.25.78](https://vuldb.com/?ip.45.156.25.78) | - | - | High
|
||||
10 | [50.17.5.224](https://vuldb.com/?ip.50.17.5.224) | ec2-50-17-5-224.compute-1.amazonaws.com | - | Medium
|
||||
11 | [51.68.128.171](https://vuldb.com/?ip.51.68.128.171) | ip171.ip-51-68-128.eu | - | High
|
||||
12 | [51.89.183.99](https://vuldb.com/?ip.51.89.183.99) | 90.eri1.ovh.abcd.network | - | High
|
||||
13 | [62.182.156.179](https://vuldb.com/?ip.62.182.156.179) | - | - | High
|
||||
14 | ... | ... | ... | ...
|
||||
1 | [2.9.12.0](https://vuldb.com/?ip.2.9.12.0) | anantes-154-1-77-net.w2-9.abo.wanadoo.fr | - | High
|
||||
2 | [3.93.18.244](https://vuldb.com/?ip.3.93.18.244) | ec2-3-93-18-244.compute-1.amazonaws.com | - | Medium
|
||||
3 | [3.217.248.28](https://vuldb.com/?ip.3.217.248.28) | ec2-3-217-248-28.compute-1.amazonaws.com | - | Medium
|
||||
4 | [23.95.85.181](https://vuldb.com/?ip.23.95.85.181) | 23-95-85-181-host.colocrossing.com | - | High
|
||||
5 | [31.3.251.197](https://vuldb.com/?ip.31.3.251.197) | h31-3-251-197.host.redstation.co.uk | - | High
|
||||
6 | [31.209.137.12](https://vuldb.com/?ip.31.209.137.12) | smtp.vivaldi.net | - | High
|
||||
7 | [34.200.207.31](https://vuldb.com/?ip.34.200.207.31) | ec2-34-200-207-31.compute-1.amazonaws.com | - | Medium
|
||||
8 | [37.19.196.108](https://vuldb.com/?ip.37.19.196.108) | unn-37-19-196-108.datapacket.com | - | High
|
||||
9 | [45.142.215.180](https://vuldb.com/?ip.45.142.215.180) | connectoms.host | - | High
|
||||
10 | [45.156.25.78](https://vuldb.com/?ip.45.156.25.78) | - | - | High
|
||||
11 | [46.166.133.164](https://vuldb.com/?ip.46.166.133.164) | cybersubtitles.com | - | High
|
||||
12 | [50.17.5.224](https://vuldb.com/?ip.50.17.5.224) | ec2-50-17-5-224.compute-1.amazonaws.com | - | Medium
|
||||
13 | [51.68.128.171](https://vuldb.com/?ip.51.68.128.171) | ip171.ip-51-68-128.eu | - | High
|
||||
14 | [51.89.183.99](https://vuldb.com/?ip.51.89.183.99) | 90.eri1.ovh.abcd.network | - | High
|
||||
15 | ... | ... | ... | ...
|
||||
|
||||
There are 52 more IOC items available. Please use our online service to access the data.
|
||||
There are 57 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -69,53 +70,57 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/admin/ajax.php?action=save_window` | High
|
||||
3 | File | `/api/addusers` | High
|
||||
4 | File | `/app/options.py` | High
|
||||
5 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/controller/Index.php` | High
|
||||
7 | File | `/dashboard/add-portfolio.php` | High
|
||||
8 | File | `/etc/ajenti/config.yml` | High
|
||||
9 | File | `/etc/gsissh/sshd_config` | High
|
||||
10 | File | `/etc/sudoers` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/goform/telnet` | High
|
||||
13 | File | `/include/chart_generator.php` | High
|
||||
14 | File | `/lilac/main.php` | High
|
||||
15 | File | `/manager?action=getlogcat` | High
|
||||
16 | File | `/mc` | Low
|
||||
17 | File | `/mims/login.php` | High
|
||||
18 | File | `/module/admin_bp/add_application.php` | High
|
||||
19 | File | `/module/report_event/index.php` | High
|
||||
20 | File | `/modules/profile/index.php` | High
|
||||
21 | File | `/out.php` | Medium
|
||||
22 | File | `/proc/sys/vm/cmm_timeout` | High
|
||||
23 | File | `/public/launchNewWindow.jsp` | High
|
||||
24 | File | `/public/login.htm` | High
|
||||
25 | File | `/RestAPI` | Medium
|
||||
26 | File | `/rom-0` | Low
|
||||
27 | File | `/server-status` | High
|
||||
28 | File | `/spip.php` | Medium
|
||||
29 | File | `/Status/wan_button_action.asp` | High
|
||||
30 | File | `/tmp/connlicj.bin` | High
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php` | High
|
||||
33 | File | `/var/log/nginx` | High
|
||||
34 | File | `/var/tmp/sess_*` | High
|
||||
35 | File | `/wp-admin/options.php` | High
|
||||
36 | File | `/youthappam/add-food.php` | High
|
||||
37 | File | `/youthappam/editclient.php` | High
|
||||
38 | File | `4.2.0.CP09` | Medium
|
||||
39 | File | `actionphp/download.File.php` | High
|
||||
40 | File | `add_comment.php` | High
|
||||
41 | File | `admin.a6mambocredits.php` | High
|
||||
42 | File | `admin.php` | Medium
|
||||
43 | File | `admin.php3` | Medium
|
||||
44 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
45 | File | `admin/admin.php` | High
|
||||
46 | File | `admin/content.php` | High
|
||||
47 | File | `admin/import/class-import-settings.php` | High
|
||||
48 | File | `admin/index.php?id=users/action=edit/user_id=1` | High
|
||||
49 | ... | ... | ...
|
||||
5 | File | `/booking/show_bookings/` | High
|
||||
6 | File | `/cgi-bin/wapopen` | High
|
||||
7 | File | `/controller/Index.php` | High
|
||||
8 | File | `/csms/?page=contact_us` | High
|
||||
9 | File | `/dashboard/add-portfolio.php` | High
|
||||
10 | File | `/etc/ajenti/config.yml` | High
|
||||
11 | File | `/etc/gsissh/sshd_config` | High
|
||||
12 | File | `/etc/sudoers` | Medium
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/goform/telnet` | High
|
||||
15 | File | `/include/chart_generator.php` | High
|
||||
16 | File | `/lilac/main.php` | High
|
||||
17 | File | `/manager?action=getlogcat` | High
|
||||
18 | File | `/mc` | Low
|
||||
19 | File | `/mims/login.php` | High
|
||||
20 | File | `/module/admin_bp/add_application.php` | High
|
||||
21 | File | `/module/report_event/index.php` | High
|
||||
22 | File | `/modules/profile/index.php` | High
|
||||
23 | File | `/out.php` | Medium
|
||||
24 | File | `/proc/sys/vm/cmm_timeout` | High
|
||||
25 | File | `/public/launchNewWindow.jsp` | High
|
||||
26 | File | `/public/login.htm` | High
|
||||
27 | File | `/RestAPI` | Medium
|
||||
28 | File | `/rom-0` | Low
|
||||
29 | File | `/server-status` | High
|
||||
30 | File | `/spip.php` | Medium
|
||||
31 | File | `/staff/bookdetails.php` | High
|
||||
32 | File | `/Status/wan_button_action.asp` | High
|
||||
33 | File | `/student/bookdetails.php` | High
|
||||
34 | File | `/tmp/connlicj.bin` | High
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php` | High
|
||||
37 | File | `/var/log/nginx` | High
|
||||
38 | File | `/var/tmp/sess_*` | High
|
||||
39 | File | `/wp-admin/options.php` | High
|
||||
40 | File | `/youthappam/add-food.php` | High
|
||||
41 | File | `/youthappam/editclient.php` | High
|
||||
42 | File | `4.2.0.CP09` | Medium
|
||||
43 | File | `?page=rooms` | Medium
|
||||
44 | File | `actionphp/download.File.php` | High
|
||||
45 | File | `addsuppliers.php` | High
|
||||
46 | File | `add_comment.php` | High
|
||||
47 | File | `admin.a6mambocredits.php` | High
|
||||
48 | File | `admin.php` | Medium
|
||||
49 | File | `admin.php3` | Medium
|
||||
50 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
51 | File | `admin/admin.php` | High
|
||||
52 | File | `admin/content.php` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 430 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 464 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -142,6 +147,8 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://services.global.ntt/en-us/insights/blog/discovering-a-new-agent-tesla-malware-sample
|
||||
* https://threatfox.abuse.ch
|
||||
* https://tracker.viriback.com/index.php?q=95.214.27.98
|
||||
* https://tracker.viriback.com/index.php?q=137.184.5.20
|
||||
* https://tracker.viriback.com/index.php?q=139.99.153.90
|
||||
* https://tracker.viriback.com/index.php?q=185.225.74.69
|
||||
* https://tracker.viriback.com/index.php?q=185.246.220.133
|
||||
* https://tracker.viriback.com/index.php?q=198.98.55.114
|
||||
|
@ -150,6 +157,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://tria.ge/211109-bxk6qsbdfn
|
||||
* https://tria.ge/221206-z6p32sgh4s
|
||||
* https://twitter.com/Tac_Mangusta/status/1659190159789916160
|
||||
* https://www.cyber45.com
|
||||
* https://www.fortinet.com/blog/threat-research/phishing-campaign-targeting-korean-to-deliver-agent-tesla-new-variant
|
||||
* https://www.zscaler.com/blogs/security-research/agent-tesla-rat-delivered-quantum-builder-new-ttps
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,8 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -53,52 +52,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
3 | File | `/api` | Low
|
||||
4 | File | `/api/gen/clients/{language}` | High
|
||||
5 | File | `/app/options.py` | High
|
||||
6 | File | `/bin/httpd` | Medium
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/ci_spms/admin/category` | High
|
||||
9 | File | `/ci_spms/admin/search/searching/` | High
|
||||
10 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
11 | File | `/classes/Master.php?f=delete_train` | High
|
||||
12 | File | `/cms/print.php` | High
|
||||
13 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
14 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
15 | File | `/ctcprotocol/Protocol` | High
|
||||
16 | File | `/dashboard/menu-list.php` | High
|
||||
17 | File | `/dashboard/updatelogo.php` | High
|
||||
18 | File | `/data/remove` | Medium
|
||||
19 | File | `/ebics-server/ebics.aspx` | High
|
||||
20 | File | `/etc/openshift/server_priv.pem` | High
|
||||
21 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goforms/rlminfo` | High
|
||||
24 | File | `/HNAP1` | Low
|
||||
25 | File | `/HNAP1/SetClientInfo` | High
|
||||
26 | File | `/hospital/hms/admin/patient-search.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/Items/*/RemoteImages/Download` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/menu.html` | Medium
|
||||
31 | File | `/mkshop/Men/profile.php` | High
|
||||
32 | File | `/modules/announcement/index.php?view=edit` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/navigate/navigate_download.php` | High
|
||||
35 | File | `/Noxen-master/users.php` | High
|
||||
36 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
37 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/password.html` | High
|
||||
40 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
41 | File | `/port_3480/data_request` | High
|
||||
42 | File | `/proc/ioports` | High
|
||||
43 | File | `/property-list/property_view.php` | High
|
||||
44 | File | `/ptms/classes/Users.php` | High
|
||||
45 | ... | ... | ...
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/ajax.php?action=read_msg` | High
|
||||
4 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
5 | File | `/api` | Low
|
||||
6 | File | `/api/gen/clients/{language}` | High
|
||||
7 | File | `/app/options.py` | High
|
||||
8 | File | `/bin/httpd` | Medium
|
||||
9 | File | `/cgi-bin/wapopen` | High
|
||||
10 | File | `/ci_spms/admin/category` | High
|
||||
11 | File | `/ci_spms/admin/search/searching/` | High
|
||||
12 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
13 | File | `/classes/Master.php?f=delete_train` | High
|
||||
14 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
17 | File | `/ctcprotocol/Protocol` | High
|
||||
18 | File | `/dashboard/menu-list.php` | High
|
||||
19 | File | `/dashboard/updatelogo.php` | High
|
||||
20 | File | `/data/remove` | Medium
|
||||
21 | File | `/ebics-server/ebics.aspx` | High
|
||||
22 | File | `/etc/openshift/server_priv.pem` | High
|
||||
23 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/goforms/rlminfo` | High
|
||||
26 | File | `/HNAP1` | Low
|
||||
27 | File | `/HNAP1/SetClientInfo` | High
|
||||
28 | File | `/hospital/hms/admin/patient-search.php` | High
|
||||
29 | File | `/index.php` | Medium
|
||||
30 | File | `/Items/*/RemoteImages/Download` | High
|
||||
31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
32 | File | `/menu.html` | Medium
|
||||
33 | File | `/mkshop/Men/profile.php` | High
|
||||
34 | File | `/modules/announcement/index.php?view=edit` | High
|
||||
35 | File | `/modules/profile/index.php` | High
|
||||
36 | File | `/navigate/navigate_download.php` | High
|
||||
37 | File | `/Noxen-master/users.php` | High
|
||||
38 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
39 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
40 | File | `/out.php` | Medium
|
||||
41 | File | `/password.html` | High
|
||||
42 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
43 | File | `/port_3480/data_request` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 391 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 379 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -57,7 +57,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -82,42 +82,44 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/Electron/download` | High
|
||||
16 | File | `/feeds/post/publish` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
19 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
20 | File | `/index.php?page=category_list` | High
|
||||
21 | File | `/jobinfo/` | Medium
|
||||
22 | File | `/mims/login.php` | High
|
||||
23 | File | `/Moosikay/order.php` | High
|
||||
24 | File | `/opac/Actions.php?a=login` | High
|
||||
25 | File | `/php-scrm/login.php` | High
|
||||
18 | File | `/h/` | Low
|
||||
19 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
20 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
21 | File | `/index.php?page=category_list` | High
|
||||
22 | File | `/jobinfo/` | Medium
|
||||
23 | File | `/mims/login.php` | High
|
||||
24 | File | `/Moosikay/order.php` | High
|
||||
25 | File | `/opac/Actions.php?a=login` | High
|
||||
26 | File | `/PreviewHandler.ashx` | High
|
||||
27 | File | `/proxy` | Low
|
||||
28 | File | `/public/launchNewWindow.jsp` | High
|
||||
29 | File | `/reservation/add_message.php` | High
|
||||
30 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
31 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
32 | File | `/text/pdf/PdfReader.java` | High
|
||||
33 | File | `/textpattern/index.php` | High
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/user/updatePwd` | High
|
||||
36 | File | `/usr/bin/at` | Medium
|
||||
37 | File | `/wp-admin/admin-ajax.php` | High
|
||||
38 | File | `a-forms.php` | Medium
|
||||
39 | File | `account/signup.php` | High
|
||||
40 | File | `activenews_view.asp` | High
|
||||
41 | File | `adclick.php` | Medium
|
||||
42 | File | `addentry.php` | Medium
|
||||
43 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
44 | File | `admin.a6mambocredits.php` | High
|
||||
45 | File | `admin.cropcanvas.php` | High
|
||||
46 | File | `admin.jcomments.php` | High
|
||||
47 | File | `admin.php` | Medium
|
||||
48 | File | `admin/admin_editor.php` | High
|
||||
49 | File | `admin/asset/grid-proxy` | High
|
||||
50 | File | `admin/auditTrail.jsf` | High
|
||||
51 | ... | ... | ...
|
||||
32 | File | `/student/bookdetails.php` | High
|
||||
33 | File | `/text/pdf/PdfReader.java` | High
|
||||
34 | File | `/textpattern/index.php` | High
|
||||
35 | File | `/tmp` | Low
|
||||
36 | File | `/uploads/exam_question/` | High
|
||||
37 | File | `/user/updatePwd` | High
|
||||
38 | File | `/usr/bin/at` | Medium
|
||||
39 | File | `/var/lib/docker/<remapping>` | High
|
||||
40 | File | `/wp-admin/admin-ajax.php` | High
|
||||
41 | File | `a-forms.php` | Medium
|
||||
42 | File | `account/signup.php` | High
|
||||
43 | File | `activenews_view.asp` | High
|
||||
44 | File | `adclick.php` | Medium
|
||||
45 | File | `addentry.php` | Medium
|
||||
46 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
47 | File | `admin.a6mambocredits.php` | High
|
||||
48 | File | `admin.cropcanvas.php` | High
|
||||
49 | File | `admin.jcomments.php` | High
|
||||
50 | File | `admin.php` | Medium
|
||||
51 | File | `admin/admin_editor.php` | High
|
||||
52 | File | `admin/asset/grid-proxy` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 445 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 464 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -18,12 +18,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.78.74.58](https://vuldb.com/?ip.5.78.74.58) | static.58.74.78.5.clients.your-server.de | - | High
|
||||
2 | [5.78.105.58](https://vuldb.com/?ip.5.78.105.58) | static.58.105.78.5.clients.your-server.de | - | High
|
||||
3 | [5.161.178.107](https://vuldb.com/?ip.5.161.178.107) | static.107.178.161.5.clients.your-server.de | - | High
|
||||
1 | [5.75.176.47](https://vuldb.com/?ip.5.75.176.47) | static.47.176.75.5.clients.your-server.de | - | High
|
||||
2 | [5.78.74.58](https://vuldb.com/?ip.5.78.74.58) | static.58.74.78.5.clients.your-server.de | - | High
|
||||
3 | [5.78.105.58](https://vuldb.com/?ip.5.78.105.58) | static.58.105.78.5.clients.your-server.de | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 9 more IOC items available. Please use our online service to access the data.
|
||||
There are 12 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -31,13 +31,15 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -45,24 +47,35 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin.php?controller=admin_commonuser` | High
|
||||
2 | File | `/admin/content/index` | High
|
||||
3 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
4 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
5 | File | `/ajax/update_certificate` | High
|
||||
6 | File | `/api/admin/system/store/order/list` | High
|
||||
7 | File | `/api/jmeter/download/files` | High
|
||||
8 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
9 | File | `/customs/loan_by_class.php?reportView` | High
|
||||
10 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
11 | File | `/editor/index.php` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/fos/admin/ajax.php` | High
|
||||
14 | File | `/goform/WifiBasicSet` | High
|
||||
15 | File | `/intern/controller.php` | High
|
||||
16 | ... | ... | ...
|
||||
1 | File | `%PROGRAMFILES(X86)%\IDriveWindows` | High
|
||||
2 | File | `/.dbus-keyrings` | High
|
||||
3 | File | `/.env` | Low
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin.php?controller=admin_commonuser` | High
|
||||
6 | File | `/admin/?page=inmates/view_inmate` | High
|
||||
7 | File | `/admin/?page=user/list` | High
|
||||
8 | File | `/admin/content/index` | High
|
||||
9 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
10 | File | `/admin/edit_product.php` | High
|
||||
11 | File | `/admin/reg.php` | High
|
||||
12 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
13 | File | `/ajax/update_certificate` | High
|
||||
14 | File | `/api/admin/system/store/order/list` | High
|
||||
15 | File | `/api/jmeter/download/files` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/configs/application.ini` | High
|
||||
18 | File | `/customs/loan_by_class.php?reportView` | High
|
||||
19 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
20 | File | `/editor/index.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/fos/admin/ajax.php` | High
|
||||
23 | File | `/goform/WifiBasicSet` | High
|
||||
24 | File | `/intern/controller.php` | High
|
||||
25 | File | `/LEPTON_stable_2.2.2/upload/account/logout.php` | High
|
||||
26 | File | `/master/core/PostHandler.php` | High
|
||||
27 | ... | ... | ...
|
||||
|
||||
There are 124 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 230 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,8 +16,11 @@ The following _campaigns_ are known and can be associated with Amadey Bot:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Amadey Bot:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -26,39 +26,41 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
3 | [2.59.42.63](https://vuldb.com/?ip.2.59.42.63) | vds-cw08597.timeweb.ru | - | High
|
||||
4 | [5.42.65.1](https://vuldb.com/?ip.5.42.65.1) | - | - | High
|
||||
5 | [5.42.65.80](https://vuldb.com/?ip.5.42.65.80) | - | - | High
|
||||
6 | [5.75.139.35](https://vuldb.com/?ip.5.75.139.35) | static.35.139.75.5.clients.your-server.de | - | High
|
||||
7 | [5.182.4.47](https://vuldb.com/?ip.5.182.4.47) | - | - | High
|
||||
8 | [5.188.118.7](https://vuldb.com/?ip.5.188.118.7) | - | - | High
|
||||
9 | [23.106.215.95](https://vuldb.com/?ip.23.106.215.95) | - | - | High
|
||||
10 | [31.41.244.15](https://vuldb.com/?ip.31.41.244.15) | - | - | High
|
||||
11 | [31.41.244.17](https://vuldb.com/?ip.31.41.244.17) | - | - | High
|
||||
12 | [31.41.244.60](https://vuldb.com/?ip.31.41.244.60) | - | - | High
|
||||
13 | [31.41.244.146](https://vuldb.com/?ip.31.41.244.146) | - | - | High
|
||||
14 | [31.41.244.158](https://vuldb.com/?ip.31.41.244.158) | - | - | High
|
||||
15 | [31.41.244.167](https://vuldb.com/?ip.31.41.244.167) | - | - | High
|
||||
16 | [31.41.244.200](https://vuldb.com/?ip.31.41.244.200) | - | - | High
|
||||
17 | [31.41.244.237](https://vuldb.com/?ip.31.41.244.237) | - | - | High
|
||||
18 | [37.220.87.85](https://vuldb.com/?ip.37.220.87.85) | ipn-37-220-87-85.artem-catv.ru | - | High
|
||||
19 | [45.9.74.80](https://vuldb.com/?ip.45.9.74.80) | - | - | High
|
||||
20 | [45.15.156.216](https://vuldb.com/?ip.45.15.156.216) | - | - | High
|
||||
21 | [45.32.200.113](https://vuldb.com/?ip.45.32.200.113) | 45.32.200.113.vultrusercontent.com | - | High
|
||||
22 | [45.66.230.123](https://vuldb.com/?ip.45.66.230.123) | - | - | High
|
||||
23 | [45.155.205.172](https://vuldb.com/?ip.45.155.205.172) | - | - | High
|
||||
24 | [45.227.255.49](https://vuldb.com/?ip.45.227.255.49) | - | - | High
|
||||
25 | [46.17.96.36](https://vuldb.com/?ip.46.17.96.36) | - | - | High
|
||||
26 | [49.12.117.51](https://vuldb.com/?ip.49.12.117.51) | static.51.117.12.49.clients.your-server.de | - | High
|
||||
27 | [62.182.156.152](https://vuldb.com/?ip.62.182.156.152) | - | - | High
|
||||
28 | [62.204.41.4](https://vuldb.com/?ip.62.204.41.4) | - | - | High
|
||||
29 | [62.204.41.5](https://vuldb.com/?ip.62.204.41.5) | - | - | High
|
||||
30 | [62.204.41.6](https://vuldb.com/?ip.62.204.41.6) | - | - | High
|
||||
31 | [62.204.41.13](https://vuldb.com/?ip.62.204.41.13) | - | - | High
|
||||
32 | [62.204.41.17](https://vuldb.com/?ip.62.204.41.17) | - | - | High
|
||||
33 | [62.204.41.25](https://vuldb.com/?ip.62.204.41.25) | - | - | High
|
||||
34 | [62.204.41.27](https://vuldb.com/?ip.62.204.41.27) | - | - | High
|
||||
35 | [62.204.41.32](https://vuldb.com/?ip.62.204.41.32) | - | - | High
|
||||
36 | ... | ... | ... | ...
|
||||
6 | [5.42.92.67](https://vuldb.com/?ip.5.42.92.67) | - | - | High
|
||||
7 | [5.75.139.35](https://vuldb.com/?ip.5.75.139.35) | static.35.139.75.5.clients.your-server.de | - | High
|
||||
8 | [5.182.4.47](https://vuldb.com/?ip.5.182.4.47) | - | - | High
|
||||
9 | [5.188.118.7](https://vuldb.com/?ip.5.188.118.7) | - | - | High
|
||||
10 | [23.106.215.95](https://vuldb.com/?ip.23.106.215.95) | - | - | High
|
||||
11 | [31.41.244.15](https://vuldb.com/?ip.31.41.244.15) | - | - | High
|
||||
12 | [31.41.244.17](https://vuldb.com/?ip.31.41.244.17) | - | - | High
|
||||
13 | [31.41.244.60](https://vuldb.com/?ip.31.41.244.60) | - | - | High
|
||||
14 | [31.41.244.146](https://vuldb.com/?ip.31.41.244.146) | - | - | High
|
||||
15 | [31.41.244.158](https://vuldb.com/?ip.31.41.244.158) | - | - | High
|
||||
16 | [31.41.244.167](https://vuldb.com/?ip.31.41.244.167) | - | - | High
|
||||
17 | [31.41.244.200](https://vuldb.com/?ip.31.41.244.200) | - | - | High
|
||||
18 | [31.41.244.237](https://vuldb.com/?ip.31.41.244.237) | - | - | High
|
||||
19 | [37.220.87.85](https://vuldb.com/?ip.37.220.87.85) | ipn-37-220-87-85.artem-catv.ru | - | High
|
||||
20 | [45.9.74.80](https://vuldb.com/?ip.45.9.74.80) | - | - | High
|
||||
21 | [45.9.74.141](https://vuldb.com/?ip.45.9.74.141) | - | - | High
|
||||
22 | [45.9.74.164](https://vuldb.com/?ip.45.9.74.164) | - | - | High
|
||||
23 | [45.9.74.166](https://vuldb.com/?ip.45.9.74.166) | - | - | High
|
||||
24 | [45.15.156.216](https://vuldb.com/?ip.45.15.156.216) | - | - | High
|
||||
25 | [45.32.200.113](https://vuldb.com/?ip.45.32.200.113) | 45.32.200.113.vultrusercontent.com | - | High
|
||||
26 | [45.66.230.123](https://vuldb.com/?ip.45.66.230.123) | - | - | High
|
||||
27 | [45.155.7.60](https://vuldb.com/?ip.45.155.7.60) | 7-60.static.ipcserver.net | - | High
|
||||
28 | [45.155.205.172](https://vuldb.com/?ip.45.155.205.172) | - | - | High
|
||||
29 | [45.227.255.49](https://vuldb.com/?ip.45.227.255.49) | - | - | High
|
||||
30 | [46.17.96.36](https://vuldb.com/?ip.46.17.96.36) | - | - | High
|
||||
31 | [49.12.117.51](https://vuldb.com/?ip.49.12.117.51) | static.51.117.12.49.clients.your-server.de | - | High
|
||||
32 | [62.182.156.152](https://vuldb.com/?ip.62.182.156.152) | - | - | High
|
||||
33 | [62.204.41.4](https://vuldb.com/?ip.62.204.41.4) | - | - | High
|
||||
34 | [62.204.41.5](https://vuldb.com/?ip.62.204.41.5) | - | - | High
|
||||
35 | [62.204.41.6](https://vuldb.com/?ip.62.204.41.6) | - | - | High
|
||||
36 | [62.204.41.13](https://vuldb.com/?ip.62.204.41.13) | - | - | High
|
||||
37 | [62.204.41.17](https://vuldb.com/?ip.62.204.41.17) | - | - | High
|
||||
38 | ... | ... | ... | ...
|
||||
|
||||
There are 139 more IOC items available. Please use our online service to access the data.
|
||||
There are 150 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -66,14 +68,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -84,76 +86,73 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
5 | File | `/admin.php/update/getFile.html` | High
|
||||
6 | File | `/admin/?page=user/manage` | High
|
||||
7 | File | `/admin/add-new.php` | High
|
||||
8 | File | `/admin/cashadvance_row.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/maintenance/view_designation.php` | High
|
||||
11 | File | `/admin/userprofile.php` | High
|
||||
12 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
13 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
14 | File | `/alphaware/summary.php` | High
|
||||
15 | File | `/api/` | Low
|
||||
16 | File | `/api/admin/store/product/list` | High
|
||||
17 | File | `/api/stl/actions/search` | High
|
||||
18 | File | `/api/v2/cli/commands` | High
|
||||
19 | File | `/APR/login.php` | High
|
||||
20 | File | `/bin/ate` | Medium
|
||||
21 | File | `/bin/httpd` | Medium
|
||||
22 | File | `/boat/login.php` | High
|
||||
23 | File | `/cgi-bin` | Medium
|
||||
24 | File | `/cgi-bin/wapopen` | High
|
||||
25 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
26 | File | `/College/admin/teacher.php` | High
|
||||
27 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
28 | File | `/dcim/rack-roles/` | High
|
||||
29 | File | `/debug/pprof` | Medium
|
||||
30 | File | `/env` | Low
|
||||
31 | File | `/feeds/post/publish` | High
|
||||
32 | File | `/film-rating.php` | High
|
||||
33 | File | `/forum/away.php` | High
|
||||
34 | File | `/goform/aspForm` | High
|
||||
35 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
36 | File | `/inc/topBarNav.php` | High
|
||||
37 | File | `/index.php` | Medium
|
||||
38 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
39 | File | `/index.php?page=category_list` | High
|
||||
40 | File | `/jobinfo/` | Medium
|
||||
41 | File | `/kelas/data` | Medium
|
||||
42 | File | `/librarian/bookdetails.php` | High
|
||||
43 | File | `/Moosikay/order.php` | High
|
||||
44 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
45 | File | `/opac/Actions.php?a=login` | High
|
||||
46 | File | `/php-opos/index.php` | High
|
||||
47 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
48 | File | `/PreviewHandler.ashx` | High
|
||||
49 | File | `/public/launchNewWindow.jsp` | High
|
||||
50 | File | `/reservation/add_message.php` | High
|
||||
51 | File | `/student/bookdetails.php` | High
|
||||
52 | File | `/uncpath/` | Medium
|
||||
53 | File | `/user/updatePwd` | High
|
||||
54 | File | `/video-sharing-script/watch-video.php` | High
|
||||
55 | File | `/wireless/security.asp` | High
|
||||
56 | File | `/wp-admin/admin-ajax.php` | High
|
||||
57 | File | `a-forms.php` | Medium
|
||||
58 | File | `account.asp` | Medium
|
||||
59 | File | `acloudCosAction.php.SQL` | High
|
||||
60 | File | `AcquisiAction.class.php` | High
|
||||
61 | File | `activenews_view.asp` | High
|
||||
62 | File | `ActiveServices.java` | High
|
||||
63 | File | `adclick.php` | Medium
|
||||
64 | File | `admin.a6mambocredits.php` | High
|
||||
65 | ... | ... | ...
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/sys_sql_query.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/api/admin/store/product/list` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/api/stl/actions/search` | High
|
||||
12 | File | `/api/v2/cli/commands` | High
|
||||
13 | File | `/bin/ate` | Medium
|
||||
14 | File | `/booking/show_bookings/` | High
|
||||
15 | File | `/cgi-bin` | Medium
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/College/admin/teacher.php` | High
|
||||
18 | File | `/company/store` | High
|
||||
19 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
20 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
21 | File | `/csms/?page=contact_us` | High
|
||||
22 | File | `/dcim/rack-roles/` | High
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/env` | Low
|
||||
25 | File | `/feeds/post/publish` | High
|
||||
26 | File | `/film-rating.php` | High
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/goform/aspForm` | High
|
||||
29 | File | `/h/` | Low
|
||||
30 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
31 | File | `/inc/topBarNav.php` | High
|
||||
32 | File | `/index.php` | Medium
|
||||
33 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
34 | File | `/index.php?page=category_list` | High
|
||||
35 | File | `/jobinfo/` | Medium
|
||||
36 | File | `/kelas/data` | Medium
|
||||
37 | File | `/librarian/bookdetails.php` | High
|
||||
38 | File | `/Moosikay/order.php` | High
|
||||
39 | File | `/opac/Actions.php?a=login` | High
|
||||
40 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
41 | File | `/PreviewHandler.ashx` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
44 | File | `/student/bookdetails.php` | High
|
||||
45 | File | `/uploads/exam_question/` | High
|
||||
46 | File | `/user/profile` | High
|
||||
47 | File | `/user/ticket/create` | High
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/var/lib/docker/<remapping>` | High
|
||||
50 | File | `/wp-admin/admin-ajax.php` | High
|
||||
51 | File | `a-forms.php` | Medium
|
||||
52 | File | `account.asp` | Medium
|
||||
53 | File | `ActiveServices.java` | High
|
||||
54 | File | `adclick.php` | Medium
|
||||
55 | File | `admin.a6mambocredits.php` | High
|
||||
56 | File | `admin.cropcanvas.php` | High
|
||||
57 | File | `admin.php` | Medium
|
||||
58 | File | `admin/ajax/op_kandidat.php` | High
|
||||
59 | ... | ... | ...
|
||||
|
||||
There are 565 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 516 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://app.any.run/tasks/057f15c5-864c-4535-b8af-70405ead5fcd
|
||||
* https://app.any.run/tasks/6b4a52a0-4bbe-4c57-a196-a7c0e3425220
|
||||
* https://app.any.run/tasks/25aa27e9-a9e9-40cc-9152-d0373b9c7ebb
|
||||
* https://app.any.run/tasks/dd17daee-32a4-494b-b8d9-c5e6d5b03cae
|
||||
* https://cofense.com/new-phishing-campaign-targets-u-s-taxpayers-dropping-amadey-botnet/
|
||||
* https://threatfox.abuse.ch
|
||||
* https://threatvector.cylance.com/en_us/home/threat-spotlight-amadey-bot.html
|
||||
|
@ -165,9 +164,11 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://tracker.viriback.com/index.php?q=31.41.244.167
|
||||
* https://tracker.viriback.com/index.php?q=31.41.244.237
|
||||
* https://tracker.viriback.com/index.php?q=37.220.87.85
|
||||
* https://tracker.viriback.com/index.php?q=45.9.74.141
|
||||
* https://tracker.viriback.com/index.php?q=45.15.156.216
|
||||
* https://tracker.viriback.com/index.php?q=45.32.200.113
|
||||
* https://tracker.viriback.com/index.php?q=45.66.230.123
|
||||
* https://tracker.viriback.com/index.php?q=45.155.7.60
|
||||
* https://tracker.viriback.com/index.php?q=49.12.117.51
|
||||
* https://tracker.viriback.com/index.php?q=62.204.41.4
|
||||
* https://tracker.viriback.com/index.php?q=62.204.41.5
|
||||
|
@ -215,6 +216,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://tracker.viriback.com/index.php?q=85.31.45.199
|
||||
* https://tracker.viriback.com/index.php?q=85.209.135.11
|
||||
* https://tracker.viriback.com/index.php?q=85.209.135.109
|
||||
* https://tracker.viriback.com/index.php?q=87.121.47.63
|
||||
* https://tracker.viriback.com/index.php?q=88.218.60.230
|
||||
* https://tracker.viriback.com/index.php?q=91.215.85.194
|
||||
* https://tracker.viriback.com/index.php?q=94.142.138.182
|
||||
|
@ -223,6 +225,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://tracker.viriback.com/index.php?q=179.43.154.148
|
||||
* https://tracker.viriback.com/index.php?q=185.174.137.152
|
||||
* https://tracker.viriback.com/index.php?q=185.215.113.204
|
||||
* https://tracker.viriback.com/index.php?q=185.252.179.228
|
||||
* https://tracker.viriback.com/index.php?q=192.211.55.118
|
||||
* https://tracker.viriback.com/index.php?q=193.3.19.154
|
||||
* https://tracker.viriback.com/index.php?q=193.42.33.28
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Anatsa:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [TR](https://vuldb.com/?country.tr)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -70,46 +70,46 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/bin/boa` | Medium
|
||||
12 | File | `/default.php?idx=17` | High
|
||||
13 | File | `/download` | Medium
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/installer/test.php` | High
|
||||
17 | File | `/librarian/bookdetails.php` | High
|
||||
18 | File | `/opt/bin/cli` | Medium
|
||||
19 | File | `/p` | Low
|
||||
20 | File | `/patient/doctors.php` | High
|
||||
21 | File | `/phpinventory/editcategory.php` | High
|
||||
22 | File | `/product-list.php` | High
|
||||
23 | File | `/spip.php` | Medium
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/updown/upload.cgi` | High
|
||||
26 | File | `/user/del.php` | High
|
||||
27 | File | `/vicidial/admin.php` | High
|
||||
28 | File | `/_next` | Low
|
||||
29 | File | `123flashchat.php` | High
|
||||
30 | File | `act.php` | Low
|
||||
31 | File | `admin/bad.php` | High
|
||||
32 | File | `admin/index.php` | High
|
||||
33 | File | `admin/index.php/user/del/1` | High
|
||||
34 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
35 | File | `administrator/index.php` | High
|
||||
36 | File | `advertiser/login_confirm.asp` | High
|
||||
37 | File | `agenda.php` | Medium
|
||||
38 | File | `ajax/render/widget_php` | High
|
||||
39 | File | `akocomments.php` | High
|
||||
40 | File | `album_portal.php` | High
|
||||
41 | File | `api.php` | Low
|
||||
42 | File | `app/membership_signup.php` | High
|
||||
43 | File | `application/home/controller/debug.php` | High
|
||||
44 | File | `articulo.php` | Medium
|
||||
45 | File | `artlinks.dispnew.php` | High
|
||||
46 | File | `author.control.php` | High
|
||||
47 | File | `avahi-core/socket.c` | High
|
||||
48 | File | `awstats.pl` | Medium
|
||||
49 | File | `a_login.php` | Medium
|
||||
50 | File | `bar.phtml` | Medium
|
||||
14 | File | `/env` | Low
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
17 | File | `/installer/test.php` | High
|
||||
18 | File | `/librarian/bookdetails.php` | High
|
||||
19 | File | `/opt/bin/cli` | Medium
|
||||
20 | File | `/p` | Low
|
||||
21 | File | `/patient/doctors.php` | High
|
||||
22 | File | `/phpinventory/editcategory.php` | High
|
||||
23 | File | `/product-list.php` | High
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/updown/upload.cgi` | High
|
||||
27 | File | `/user/del.php` | High
|
||||
28 | File | `/vicidial/admin.php` | High
|
||||
29 | File | `/_next` | Low
|
||||
30 | File | `123flashchat.php` | High
|
||||
31 | File | `act.php` | Low
|
||||
32 | File | `admin/bad.php` | High
|
||||
33 | File | `admin/index.php` | High
|
||||
34 | File | `admin/index.php/user/del/1` | High
|
||||
35 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
36 | File | `administrator/index.php` | High
|
||||
37 | File | `advertiser/login_confirm.asp` | High
|
||||
38 | File | `agenda.php` | Medium
|
||||
39 | File | `ajax/render/widget_php` | High
|
||||
40 | File | `akocomments.php` | High
|
||||
41 | File | `album_portal.php` | High
|
||||
42 | File | `api.php` | Low
|
||||
43 | File | `app/membership_signup.php` | High
|
||||
44 | File | `application/home/controller/debug.php` | High
|
||||
45 | File | `articulo.php` | Medium
|
||||
46 | File | `artlinks.dispnew.php` | High
|
||||
47 | File | `author.control.php` | High
|
||||
48 | File | `avahi-core/socket.c` | High
|
||||
49 | File | `awstats.pl` | Medium
|
||||
50 | File | `a_login.php` | Medium
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 440 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 446 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [IO](https://vuldb.com/?country.io)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -804,13 +804,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -818,30 +819,47 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
4 | File | `/admin/?page=user/list` | High
|
||||
5 | File | `/admin/ajax.php?action=save_area` | High
|
||||
6 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
7 | File | `/admin/edit_subject.php` | High
|
||||
8 | File | `/admin/modal_add_product.php` | High
|
||||
9 | File | `/admin/reportupload.aspx` | High
|
||||
10 | File | `/admin/save_teacher.php` | High
|
||||
11 | File | `/admin/service.php` | High
|
||||
12 | File | `/admin/update_s6.php` | High
|
||||
13 | File | `/ajax.php?action=read_msg` | High
|
||||
14 | File | `/ajax.php?action=save_company` | High
|
||||
15 | File | `/api/stl/actions/search` | High
|
||||
16 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
17 | File | `/bin/login` | Medium
|
||||
18 | File | `/cas/logout` | Medium
|
||||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
21 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
22 | ... | ... | ...
|
||||
1 | File | `.github/workflows/comment.yml` | High
|
||||
2 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
3 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
4 | File | `/admin/addproduct.php` | High
|
||||
5 | File | `/admin/modal_add_product.php` | High
|
||||
6 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
7 | File | `/admin/sys_sql_query.php` | High
|
||||
8 | File | `/admin/update_s6.php` | High
|
||||
9 | File | `/api/baskets/{name}` | High
|
||||
10 | File | `/api/common/ping` | High
|
||||
11 | File | `/api/v1/snapshots` | High
|
||||
12 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
13 | File | `/bin/boa` | Medium
|
||||
14 | File | `/blog` | Low
|
||||
15 | File | `/category.php` | High
|
||||
16 | File | `/changeimage.php` | High
|
||||
17 | File | `/cimom` | Low
|
||||
18 | File | `/classes/Master.php?f=save_inquiry` | High
|
||||
19 | File | `/classes/Master.php?f=save_service` | High
|
||||
20 | File | `/classes/Users.php?f=save` | High
|
||||
21 | File | `/company/store` | High
|
||||
22 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
23 | File | `/download` | Medium
|
||||
24 | File | `/DXR.axd` | Medium
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/h/` | Low
|
||||
27 | File | `/home/kickPlayer` | High
|
||||
28 | File | `/index.php` | Medium
|
||||
29 | File | `/index.php/coins/update_marketboxslider` | High
|
||||
30 | File | `/index.php/payment/getcoinaddress` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/librarian/bookdetails.php` | High
|
||||
33 | File | `/note/index/delete` | High
|
||||
34 | File | `/osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/owa/auth/logon.aspx` | High
|
||||
37 | File | `/password.jsn` | High
|
||||
38 | File | `/public/admin/profile/update.html` | High
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 185 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 332 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,8 +8,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Applejeus:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
|
@ -41,7 +41,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,50 +52,50 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/?ajax-request=jnews` | High
|
||||
3 | File | `/admin/upload/upload` | High
|
||||
4 | File | `/api/gen/clients/{language}` | High
|
||||
5 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
6 | File | `/classes/Users.php` | High
|
||||
7 | File | `/config/getuser` | High
|
||||
8 | File | `/config/myfield/test.php` | High
|
||||
9 | File | `/debug/pprof` | Medium
|
||||
10 | File | `/ecshop/admin/template.php` | High
|
||||
11 | File | `/example/editor` | High
|
||||
4 | File | `/api/baskets/{name}` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
6 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
7 | File | `/classes/Users.php` | High
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/config/myfield/test.php` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/ecshop/admin/template.php` | High
|
||||
12 | File | `/file/upload/1` | High
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/forum/PostPrivateMessage` | High
|
||||
15 | File | `/HNAP1` | Low
|
||||
15 | File | `/goform/set_LimitClient_cfg` | High
|
||||
16 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
17 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
18 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
19 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
20 | File | `/net-banking/customer_transactions.php` | High
|
||||
21 | File | `/obs/book.php` | High
|
||||
22 | File | `/ossn/administrator/com_installer` | High
|
||||
23 | File | `/pms/update_user.php?user_id=1` | High
|
||||
17 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
18 | File | `/net-banking/customer_transactions.php` | High
|
||||
19 | File | `/obs/book.php` | High
|
||||
20 | File | `/ossn/administrator/com_installer` | High
|
||||
21 | File | `/owa/auth/logon.aspx` | High
|
||||
22 | File | `/pms/update_user.php?user_id=1` | High
|
||||
23 | File | `/preview.php` | Medium
|
||||
24 | File | `/requests.php` | High
|
||||
25 | File | `/spip.php` | Medium
|
||||
26 | File | `/sre/params.php` | High
|
||||
27 | File | `/tmp` | Low
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/user/upload/upload` | High
|
||||
30 | File | `/Users` | Low
|
||||
31 | File | `/var/spool/hylafax` | High
|
||||
32 | File | `/vendor` | Low
|
||||
33 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
34 | File | `action/addproject.php` | High
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | File | `add_contestant.php` | High
|
||||
37 | File | `admin.php` | Medium
|
||||
38 | File | `admin/index.php` | High
|
||||
39 | File | `admin/make_payments.php` | High
|
||||
40 | File | `Advanced_ASUSDDNS_Content.asp` | High
|
||||
41 | File | `af_netlink.c` | Medium
|
||||
42 | File | `album_portal.php` | High
|
||||
43 | File | `api_jsonrpc.php` | High
|
||||
44 | File | `artreplydelete.asp` | High
|
||||
26 | File | `/sqlite3_aflpp/shell.c` | High
|
||||
27 | File | `/sre/params.php` | High
|
||||
28 | File | `/SVFE2/pages/feegroups/service_group.jsf` | High
|
||||
29 | File | `/uncpath/` | Medium
|
||||
30 | File | `/user/upload/upload` | High
|
||||
31 | File | `/Users` | Low
|
||||
32 | File | `/var/spool/hylafax` | High
|
||||
33 | File | `/vendor` | Low
|
||||
34 | File | `AccessibilityManagerService.java` | High
|
||||
35 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `add_contestant.php` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin/edit_category.php` | High
|
||||
40 | File | `admin/index.php` | High
|
||||
41 | File | `admin/make_payments.php` | High
|
||||
42 | File | `af_netlink.c` | Medium
|
||||
43 | File | `album_portal.php` | High
|
||||
44 | File | `api/auth.go` | Medium
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -632,7 +632,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -644,70 +644,64 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `//WEB-INF` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/api/admin/articles/` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
8 | File | `/admin/maintenance/view_designation.php` | High
|
||||
9 | File | `/admin/report/index.php` | High
|
||||
10 | File | `/admin/userprofile.php` | High
|
||||
11 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
12 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
13 | File | `/APR/login.php` | High
|
||||
14 | File | `/bin/httpd` | Medium
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
17 | File | `/classes/Master.php?f=delete_service` | High
|
||||
18 | File | `/classes/Master.php?f=save_course` | High
|
||||
19 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
20 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
21 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
22 | File | `/feeds/post/publish` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
25 | File | `/fos/admin/index.php?page=menu` | High
|
||||
26 | File | `/home/masterConsole` | High
|
||||
27 | File | `/home/sendBroadcast` | High
|
||||
28 | File | `/hrm/employeeadd.php` | High
|
||||
29 | File | `/hrm/employeeview.php` | High
|
||||
30 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
31 | File | `/inc/topBarNav.php` | High
|
||||
32 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
33 | File | `/index.php?page=category_list` | High
|
||||
34 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
35 | File | `/lookin/info` | Medium
|
||||
36 | File | `/Moosikay/order.php` | High
|
||||
37 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
38 | File | `/opac/Actions.php?a=login` | High
|
||||
39 | File | `/out.php` | Medium
|
||||
40 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
41 | File | `/php-opos/index.php` | High
|
||||
42 | File | `/PreviewHandler.ashx` | High
|
||||
43 | File | `/proxy` | Low
|
||||
44 | File | `/public/launchNewWindow.jsp` | High
|
||||
45 | File | `/reports/rwservlet` | High
|
||||
46 | File | `/reservation/add_message.php` | High
|
||||
47 | File | `/spip.php` | Medium
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/wp-admin/admin-ajax.php` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `a-forms.php` | Medium
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `admin.a6mambocredits.php` | High
|
||||
59 | File | `admin.cropcanvas.php` | High
|
||||
60 | File | `admin/?page=students/view_student` | High
|
||||
61 | File | `admin/abc.php` | High
|
||||
62 | ... | ... | ...
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/report/index.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
15 | File | `/classes/Master.php?f=delete_service` | High
|
||||
16 | File | `/classes/Master.php?f=save_course` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
19 | File | `/feeds/post/publish` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
23 | File | `/h/` | Low
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/home/sendBroadcast` | High
|
||||
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
27 | File | `/inc/topBarNav.php` | High
|
||||
28 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
29 | File | `/index.php?page=category_list` | High
|
||||
30 | File | `/jobinfo/` | Medium
|
||||
31 | File | `/Moosikay/order.php` | High
|
||||
32 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
33 | File | `/opac/Actions.php?a=login` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/PreviewHandler.ashx` | High
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/reports/rwservlet` | High
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/student/bookdetails.php` | High
|
||||
43 | File | `/uncpath/` | Medium
|
||||
44 | File | `/uploads/exam_question/` | High
|
||||
45 | File | `/user/updatePwd` | High
|
||||
46 | File | `/var/lib/docker/<remapping>` | High
|
||||
47 | File | `/wireless/security.asp` | High
|
||||
48 | File | `/wp-admin/admin-ajax.php` | High
|
||||
49 | File | `01article.php` | High
|
||||
50 | File | `a-forms.php` | Medium
|
||||
51 | File | `activenews_view.asp` | High
|
||||
52 | File | `adclick.php` | Medium
|
||||
53 | File | `admin.a6mambocredits.php` | High
|
||||
54 | File | `admin.cropcanvas.php` | High
|
||||
55 | File | `admin/?page=students/view_student` | High
|
||||
56 | ... | ... | ...
|
||||
|
||||
There are 545 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 491 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
There are 7 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,13 +52,14 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/orders/update_status.php` | High
|
||||
2 | File | `/getcfg.php` | Medium
|
||||
3 | File | `act.php` | Low
|
||||
4 | File | `admin.php` | Medium
|
||||
5 | File | `admin\posts\manage_post.php` | High
|
||||
6 | File | `app/admin/import-export/import-load-data.php` | High
|
||||
7 | ... | ... | ...
|
||||
3 | File | `/paysystem/datatable.php` | High
|
||||
4 | File | `/settings/account` | High
|
||||
5 | File | `act.php` | Low
|
||||
6 | File | `admin.php` | Medium
|
||||
7 | File | `admin\posts\manage_post.php` | High
|
||||
8 | ... | ... | ...
|
||||
|
||||
There are 48 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 53 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [DE](https://vuldb.com/?country.de)
|
||||
* ...
|
||||
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -60,64 +60,66 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/photo.php` | High
|
||||
2 | File | `/admin/user/add` | High
|
||||
3 | File | `/APP_Installation.asp` | High
|
||||
4 | File | `/categorypage.php` | High
|
||||
5 | File | `/cm/delete` | Medium
|
||||
6 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
7 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/drivers/media/media-device.c` | High
|
||||
10 | File | `/etc/master.passwd` | High
|
||||
11 | File | `/filemanager/upload.php` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/getcfg.php` | Medium
|
||||
14 | File | `/home.php` | Medium
|
||||
15 | File | `/homeaction.php` | High
|
||||
16 | File | `/modules/profile/index.php` | High
|
||||
17 | File | `/modules/tasks/summary.inc.php` | High
|
||||
18 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
19 | File | `/out.php` | Medium
|
||||
20 | File | `/p` | Low
|
||||
21 | File | `/preauth` | Medium
|
||||
22 | File | `/products/details.asp` | High
|
||||
23 | File | `/recordings/index.php` | High
|
||||
24 | File | `/see_more_details.php` | High
|
||||
25 | File | `/show_news.php` | High
|
||||
26 | File | `/tmp/before` | Medium
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/updownload/t.report` | High
|
||||
29 | File | `/user.profile.php` | High
|
||||
30 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
31 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
32 | File | `/wp-admin` | Medium
|
||||
33 | File | `/wp-admin/admin-ajax.php` | High
|
||||
34 | File | `account.asp` | Medium
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | File | `adm/systools.asp` | High
|
||||
37 | File | `admin.php` | Medium
|
||||
38 | File | `admin/admin.shtml` | High
|
||||
39 | File | `Admin/ADM_Pagina.php` | High
|
||||
40 | File | `admin/category.inc.php` | High
|
||||
41 | File | `admin/main.asp` | High
|
||||
42 | File | `admin/param/param_func.inc.php` | High
|
||||
43 | File | `admin/y_admin.asp` | High
|
||||
44 | File | `adminer.php` | Medium
|
||||
45 | File | `administration/admins.php` | High
|
||||
46 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
47 | File | `admin_ok.asp` | Medium
|
||||
48 | File | `album_portal.php` | High
|
||||
49 | File | `app/Core/Paginator.php` | High
|
||||
50 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
51 | File | `artlinks.dispnew.php` | High
|
||||
52 | File | `auth.php` | Medium
|
||||
53 | File | `bin/named/query.c` | High
|
||||
54 | File | `blank.php` | Medium
|
||||
55 | File | `blocklayered-ajax.php` | High
|
||||
56 | File | `blogger-importer.php` | High
|
||||
57 | File | `bluegate_seo.inc.php` | High
|
||||
58 | ... | ... | ...
|
||||
3 | File | `/api/baskets/{name}` | High
|
||||
4 | File | `/APP_Installation.asp` | High
|
||||
5 | File | `/blog` | Low
|
||||
6 | File | `/categorypage.php` | High
|
||||
7 | File | `/cm/delete` | Medium
|
||||
8 | File | `/common/logViewer/logViewer.jsf` | High
|
||||
9 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
10 | File | `/download` | Medium
|
||||
11 | File | `/drivers/media/media-device.c` | High
|
||||
12 | File | `/etc/master.passwd` | High
|
||||
13 | File | `/filemanager/upload.php` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/getcfg.php` | Medium
|
||||
16 | File | `/home.php` | Medium
|
||||
17 | File | `/homeaction.php` | High
|
||||
18 | File | `/modules/profile/index.php` | High
|
||||
19 | File | `/modules/tasks/summary.inc.php` | High
|
||||
20 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
21 | File | `/out.php` | Medium
|
||||
22 | File | `/p` | Low
|
||||
23 | File | `/preauth` | Medium
|
||||
24 | File | `/products/details.asp` | High
|
||||
25 | File | `/recordings/index.php` | High
|
||||
26 | File | `/see_more_details.php` | High
|
||||
27 | File | `/show_news.php` | High
|
||||
28 | File | `/tmp/before` | Medium
|
||||
29 | File | `/uncpath/` | Medium
|
||||
30 | File | `/updownload/t.report` | High
|
||||
31 | File | `/user.profile.php` | High
|
||||
32 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
33 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
34 | File | `/wp-admin` | Medium
|
||||
35 | File | `/wp-admin/admin-ajax.php` | High
|
||||
36 | File | `account.asp` | Medium
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `adm/systools.asp` | High
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | File | `admin/admin.shtml` | High
|
||||
41 | File | `Admin/ADM_Pagina.php` | High
|
||||
42 | File | `admin/category.inc.php` | High
|
||||
43 | File | `admin/main.asp` | High
|
||||
44 | File | `admin/param/param_func.inc.php` | High
|
||||
45 | File | `admin/y_admin.asp` | High
|
||||
46 | File | `adminer.php` | Medium
|
||||
47 | File | `administration/admins.php` | High
|
||||
48 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
49 | File | `admin_ok.asp` | Medium
|
||||
50 | File | `album_portal.php` | High
|
||||
51 | File | `app/Core/Paginator.php` | High
|
||||
52 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
53 | File | `artlinks.dispnew.php` | High
|
||||
54 | File | `auth.php` | Medium
|
||||
55 | File | `bin/named/query.c` | High
|
||||
56 | File | `blank.php` | Medium
|
||||
57 | File | `blocklayered-ajax.php` | High
|
||||
58 | File | `blogger-importer.php` | High
|
||||
59 | File | `bluegate_seo.inc.php` | High
|
||||
60 | ... | ... | ...
|
||||
|
||||
There are 510 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 527 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -31,12 +31,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1078.001 | CWE-259 | Use of Hard-coded Password | High
|
||||
2 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
|
||||
3 | T1202 | CWE-78 | Command Injection | High
|
||||
1 | T1068 | CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
2 | T1078.001 | CWE-259 | Use of Hard-coded Password | High
|
||||
3 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -49,7 +49,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `ajax_php_pecl.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 15 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -82,36 +82,36 @@ ID | Type | Indicator | Confidence
|
|||
15 | File | `/cgi-bin/go` | Medium
|
||||
16 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
17 | File | `/cgi-bin/wapopen` | High
|
||||
18 | File | `/dl/dl_print.php` | High
|
||||
19 | File | `/etc/gsissh/sshd_config` | High
|
||||
20 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/forum/PostPrivateMessage` | High
|
||||
23 | File | `/getcfg.php` | Medium
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/info.xml` | Medium
|
||||
28 | File | `/librarian/bookdetails.php` | High
|
||||
29 | File | `/mgmt/tm/util/bash` | High
|
||||
30 | File | `/nova/bin/sniffer` | High
|
||||
31 | File | `/ofcms/company-c-47` | High
|
||||
32 | File | `/opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def` | High
|
||||
33 | File | `/pms/update_user.php?user_id=1` | High
|
||||
34 | File | `/public/login.htm` | High
|
||||
35 | File | `/rom-0` | Low
|
||||
36 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
37 | File | `/secure/ViewCollectors` | High
|
||||
38 | File | `/Session` | Medium
|
||||
39 | File | `/spip.php` | Medium
|
||||
40 | File | `/uncpath/` | Medium
|
||||
41 | File | `/usr/local/nagiosxi/html/admin/sshterm.php` | High
|
||||
42 | File | `/usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php` | High
|
||||
43 | File | `/usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php` | High
|
||||
44 | File | `/usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/dl/dl_print.php` | High
|
||||
20 | File | `/etc/gsissh/sshd_config` | High
|
||||
21 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/forum/PostPrivateMessage` | High
|
||||
24 | File | `/getcfg.php` | Medium
|
||||
25 | File | `/home/masterConsole` | High
|
||||
26 | File | `/hrm/employeeadd.php` | High
|
||||
27 | File | `/hrm/employeeview.php` | High
|
||||
28 | File | `/info.xml` | Medium
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/mgmt/tm/util/bash` | High
|
||||
31 | File | `/nova/bin/sniffer` | High
|
||||
32 | File | `/ofcms/company-c-47` | High
|
||||
33 | File | `/opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def` | High
|
||||
34 | File | `/pms/update_user.php?user_id=1` | High
|
||||
35 | File | `/public/login.htm` | High
|
||||
36 | File | `/rom-0` | Low
|
||||
37 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
38 | File | `/secure/ViewCollectors` | High
|
||||
39 | File | `/Session` | Medium
|
||||
40 | File | `/spip.php` | Medium
|
||||
41 | File | `/uncpath/` | Medium
|
||||
42 | File | `/usr/local/nagiosxi/html/admin/sshterm.php` | High
|
||||
43 | File | `/usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php` | High
|
||||
44 | File | `/usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 389 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,12 +24,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more TTP items available. Please use our online service to access the data.
|
||||
There are 3 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -37,12 +37,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `admin/?page=user/manage_user` | High
|
||||
2 | File | `admincp/auth/secure.php` | High
|
||||
3 | File | `scgi-bin/platform.cgi?page=dmz_setup.htm` | High
|
||||
1 | File | `/admin/read.php?mudi=announContent` | High
|
||||
2 | File | `admin/?page=user/manage_user` | High
|
||||
3 | File | `admincp/auth/secure.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 4 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with AsyncRAT:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* ...
|
||||
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
@ -53,271 +53,277 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
30 | [3.68.171.119](https://vuldb.com/?ip.3.68.171.119) | ec2-3-68-171-119.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
31 | [3.69.115.178](https://vuldb.com/?ip.3.69.115.178) | ec2-3-69-115-178.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
32 | [3.69.157.220](https://vuldb.com/?ip.3.69.157.220) | ec2-3-69-157-220.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
33 | [3.125.115.192](https://vuldb.com/?ip.3.125.115.192) | ec2-3-125-115-192.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
34 | [3.129.187.220](https://vuldb.com/?ip.3.129.187.220) | ec2-3-129-187-220.us-east-2.compute.amazonaws.com | - | Medium
|
||||
35 | [3.136.65.236](https://vuldb.com/?ip.3.136.65.236) | ec2-3-136-65-236.us-east-2.compute.amazonaws.com | - | Medium
|
||||
36 | [3.138.45.170](https://vuldb.com/?ip.3.138.45.170) | ec2-3-138-45-170.us-east-2.compute.amazonaws.com | - | Medium
|
||||
37 | [3.138.180.119](https://vuldb.com/?ip.3.138.180.119) | ec2-3-138-180-119.us-east-2.compute.amazonaws.com | - | Medium
|
||||
38 | [3.138.228.94](https://vuldb.com/?ip.3.138.228.94) | ec2-3-138-228-94.us-east-2.compute.amazonaws.com | - | Medium
|
||||
39 | [3.141.142.211](https://vuldb.com/?ip.3.141.142.211) | ec2-3-141-142-211.us-east-2.compute.amazonaws.com | - | Medium
|
||||
40 | [3.141.210.37](https://vuldb.com/?ip.3.141.210.37) | ec2-3-141-210-37.us-east-2.compute.amazonaws.com | - | Medium
|
||||
41 | [3.142.81.166](https://vuldb.com/?ip.3.142.81.166) | ec2-3-142-81-166.us-east-2.compute.amazonaws.com | - | Medium
|
||||
42 | [3.142.129.56](https://vuldb.com/?ip.3.142.129.56) | ec2-3-142-129-56.us-east-2.compute.amazonaws.com | - | Medium
|
||||
43 | [3.142.167.4](https://vuldb.com/?ip.3.142.167.4) | ec2-3-142-167-4.us-east-2.compute.amazonaws.com | - | Medium
|
||||
44 | [3.142.167.54](https://vuldb.com/?ip.3.142.167.54) | ec2-3-142-167-54.us-east-2.compute.amazonaws.com | - | Medium
|
||||
45 | [3.144.124.4](https://vuldb.com/?ip.3.144.124.4) | ec2-3-144-124-4.us-east-2.compute.amazonaws.com | - | Medium
|
||||
46 | [3.219.26.62](https://vuldb.com/?ip.3.219.26.62) | ec2-3-219-26-62.compute-1.amazonaws.com | - | Medium
|
||||
47 | [3.237.100.172](https://vuldb.com/?ip.3.237.100.172) | ec2-3-237-100-172.compute-1.amazonaws.com | - | Medium
|
||||
48 | [4.227.187.147](https://vuldb.com/?ip.4.227.187.147) | - | - | High
|
||||
49 | [4.229.235.23](https://vuldb.com/?ip.4.229.235.23) | - | - | High
|
||||
50 | [4.231.233.180](https://vuldb.com/?ip.4.231.233.180) | - | - | High
|
||||
51 | [5.39.15.167](https://vuldb.com/?ip.5.39.15.167) | - | - | High
|
||||
52 | [5.68.138.73](https://vuldb.com/?ip.5.68.138.73) | 05448a49.skybroadband.com | - | High
|
||||
53 | [5.68.199.16](https://vuldb.com/?ip.5.68.199.16) | 0544c710.skybroadband.com | - | High
|
||||
54 | [5.78.65.18](https://vuldb.com/?ip.5.78.65.18) | static.18.65.78.5.clients.your-server.de | - | High
|
||||
55 | [5.161.76.198](https://vuldb.com/?ip.5.161.76.198) | static.198.76.161.5.clients.your-server.de | - | High
|
||||
56 | [5.161.115.90](https://vuldb.com/?ip.5.161.115.90) | static.90.115.161.5.clients.your-server.de | - | High
|
||||
57 | [5.161.139.136](https://vuldb.com/?ip.5.161.139.136) | static.136.139.161.5.clients.your-server.de | - | High
|
||||
58 | [5.161.192.28](https://vuldb.com/?ip.5.161.192.28) | static.28.192.161.5.clients.your-server.de | - | High
|
||||
59 | [5.180.104.172](https://vuldb.com/?ip.5.180.104.172) | protection.sdflare.com | - | High
|
||||
60 | [5.180.107.130](https://vuldb.com/?ip.5.180.107.130) | ip.serverscity.net | - | High
|
||||
61 | [5.181.80.120](https://vuldb.com/?ip.5.181.80.120) | alarmedbook.de | - | High
|
||||
62 | [5.181.234.149](https://vuldb.com/?ip.5.181.234.149) | - | - | High
|
||||
63 | [5.188.51.32](https://vuldb.com/?ip.5.188.51.32) | vps.43284172.llhost-inc.eu | - | High
|
||||
64 | [5.188.86.237](https://vuldb.com/?ip.5.188.86.237) | - | - | High
|
||||
65 | [5.196.35.57](https://vuldb.com/?ip.5.196.35.57) | ip57.ip-5-196-35.eu | - | High
|
||||
66 | [5.196.102.93](https://vuldb.com/?ip.5.196.102.93) | ip93.ip-5-196-102.eu | - | High
|
||||
67 | [5.196.174.49](https://vuldb.com/?ip.5.196.174.49) | - | - | High
|
||||
68 | [5.224.222.63](https://vuldb.com/?ip.5.224.222.63) | 5-224-222-63.red-acceso.airtel.net | - | High
|
||||
69 | [5.224.222.214](https://vuldb.com/?ip.5.224.222.214) | 5-224-222-214.red-acceso.airtel.net | - | High
|
||||
70 | [5.230.68.234](https://vuldb.com/?ip.5.230.68.234) | placeholder.noezserver.de | - | High
|
||||
71 | [5.230.69.11](https://vuldb.com/?ip.5.230.69.11) | placeholder.noezserver.de | - | High
|
||||
72 | [5.230.70.13](https://vuldb.com/?ip.5.230.70.13) | placeholder.noezserver.de | - | High
|
||||
73 | [5.230.70.106](https://vuldb.com/?ip.5.230.70.106) | placeholder.noezserver.de | - | High
|
||||
74 | [5.230.72.132](https://vuldb.com/?ip.5.230.72.132) | placeholder.noezserver.de | - | High
|
||||
75 | [5.230.84.50](https://vuldb.com/?ip.5.230.84.50) | - | - | High
|
||||
76 | [5.249.165.85](https://vuldb.com/?ip.5.249.165.85) | vps-zap756760-2.zap-srv.com | - | High
|
||||
77 | [5.252.165.130](https://vuldb.com/?ip.5.252.165.130) | - | - | High
|
||||
78 | [8.39.147.42](https://vuldb.com/?ip.8.39.147.42) | jinis.co.uk | - | High
|
||||
79 | [8.210.121.56](https://vuldb.com/?ip.8.210.121.56) | - | - | High
|
||||
80 | [13.36.178.139](https://vuldb.com/?ip.13.36.178.139) | ec2-13-36-178-139.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
81 | [13.59.15.185](https://vuldb.com/?ip.13.59.15.185) | ec2-13-59-15-185.us-east-2.compute.amazonaws.com | - | Medium
|
||||
82 | [13.66.153.98](https://vuldb.com/?ip.13.66.153.98) | - | - | High
|
||||
83 | [13.72.107.36](https://vuldb.com/?ip.13.72.107.36) | - | - | High
|
||||
84 | [13.76.94.179](https://vuldb.com/?ip.13.76.94.179) | - | - | High
|
||||
85 | [13.77.222.211](https://vuldb.com/?ip.13.77.222.211) | - | - | High
|
||||
86 | [13.233.168.154](https://vuldb.com/?ip.13.233.168.154) | ec2-13-233-168-154.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
87 | [14.17.115.109](https://vuldb.com/?ip.14.17.115.109) | - | - | High
|
||||
88 | [14.173.70.169](https://vuldb.com/?ip.14.173.70.169) | static.vnpt.vn | - | High
|
||||
89 | [14.186.155.171](https://vuldb.com/?ip.14.186.155.171) | static.vnpt.vn | - | High
|
||||
90 | [14.191.50.101](https://vuldb.com/?ip.14.191.50.101) | static.vnpt.vn | - | High
|
||||
91 | [15.165.236.45](https://vuldb.com/?ip.15.165.236.45) | ec2-15-165-236-45.ap-northeast-2.compute.amazonaws.com | - | Medium
|
||||
92 | [15.204.170.1](https://vuldb.com/?ip.15.204.170.1) | ip1.ip-15-204-170.us | - | High
|
||||
93 | [15.235.10.108](https://vuldb.com/?ip.15.235.10.108) | ns5008350.ip-15-235-10.net | - | High
|
||||
94 | [15.235.13.122](https://vuldb.com/?ip.15.235.13.122) | ns5009176.ip-15-235-13.net | - | High
|
||||
95 | [18.133.124.202](https://vuldb.com/?ip.18.133.124.202) | ec2-18-133-124-202.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
96 | [18.139.9.214](https://vuldb.com/?ip.18.139.9.214) | ec2-18-139-9-214.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
97 | [18.141.129.246](https://vuldb.com/?ip.18.141.129.246) | ec2-18-141-129-246.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
98 | [18.188.14.8](https://vuldb.com/?ip.18.188.14.8) | ec2-18-188-14-8.us-east-2.compute.amazonaws.com | - | Medium
|
||||
99 | [18.192.31.165](https://vuldb.com/?ip.18.192.31.165) | ec2-18-192-31-165.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
100 | [18.195.138.26](https://vuldb.com/?ip.18.195.138.26) | ec2-18-195-138-26.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
101 | [18.207.218.15](https://vuldb.com/?ip.18.207.218.15) | ec2-18-207-218-15.compute-1.amazonaws.com | - | Medium
|
||||
102 | [20.4.6.16](https://vuldb.com/?ip.20.4.6.16) | - | - | High
|
||||
103 | [20.8.122.174](https://vuldb.com/?ip.20.8.122.174) | - | - | High
|
||||
104 | [20.12.204.46](https://vuldb.com/?ip.20.12.204.46) | - | - | High
|
||||
105 | [20.16.8.148](https://vuldb.com/?ip.20.16.8.148) | - | - | High
|
||||
106 | [20.25.94.83](https://vuldb.com/?ip.20.25.94.83) | - | - | High
|
||||
107 | [20.42.114.46](https://vuldb.com/?ip.20.42.114.46) | - | - | High
|
||||
108 | [20.52.33.123](https://vuldb.com/?ip.20.52.33.123) | - | - | High
|
||||
109 | [20.52.138.14](https://vuldb.com/?ip.20.52.138.14) | - | - | High
|
||||
110 | [20.52.142.130](https://vuldb.com/?ip.20.52.142.130) | - | - | High
|
||||
111 | [20.52.151.53](https://vuldb.com/?ip.20.52.151.53) | - | - | High
|
||||
112 | [20.52.178.148](https://vuldb.com/?ip.20.52.178.148) | - | - | High
|
||||
113 | [20.54.113.5](https://vuldb.com/?ip.20.54.113.5) | - | - | High
|
||||
114 | [20.62.3.66](https://vuldb.com/?ip.20.62.3.66) | - | - | High
|
||||
115 | [20.67.243.141](https://vuldb.com/?ip.20.67.243.141) | - | - | High
|
||||
116 | [20.68.110.75](https://vuldb.com/?ip.20.68.110.75) | - | - | High
|
||||
117 | [20.69.124.187](https://vuldb.com/?ip.20.69.124.187) | - | - | High
|
||||
118 | [20.69.152.28](https://vuldb.com/?ip.20.69.152.28) | - | - | High
|
||||
119 | [20.77.254.176](https://vuldb.com/?ip.20.77.254.176) | - | - | High
|
||||
120 | [20.83.245.27](https://vuldb.com/?ip.20.83.245.27) | - | - | High
|
||||
121 | [20.86.25.230](https://vuldb.com/?ip.20.86.25.230) | - | - | High
|
||||
122 | [20.98.96.97](https://vuldb.com/?ip.20.98.96.97) | - | - | High
|
||||
123 | [20.98.113.24](https://vuldb.com/?ip.20.98.113.24) | - | - | High
|
||||
124 | [20.98.203.218](https://vuldb.com/?ip.20.98.203.218) | - | - | High
|
||||
125 | [20.100.196.69](https://vuldb.com/?ip.20.100.196.69) | - | - | High
|
||||
126 | [20.107.115.162](https://vuldb.com/?ip.20.107.115.162) | - | - | High
|
||||
127 | [20.108.44.45](https://vuldb.com/?ip.20.108.44.45) | - | - | High
|
||||
128 | [20.111.19.215](https://vuldb.com/?ip.20.111.19.215) | - | - | High
|
||||
129 | [20.111.34.199](https://vuldb.com/?ip.20.111.34.199) | - | - | High
|
||||
130 | [20.111.63.231](https://vuldb.com/?ip.20.111.63.231) | - | - | High
|
||||
131 | [20.113.159.145](https://vuldb.com/?ip.20.113.159.145) | - | - | High
|
||||
132 | [20.114.139.208](https://vuldb.com/?ip.20.114.139.208) | - | - | High
|
||||
133 | [20.117.208.193](https://vuldb.com/?ip.20.117.208.193) | - | - | High
|
||||
134 | [20.123.180.103](https://vuldb.com/?ip.20.123.180.103) | - | - | High
|
||||
135 | [20.125.118.35](https://vuldb.com/?ip.20.125.118.35) | - | - | High
|
||||
136 | [20.125.122.98](https://vuldb.com/?ip.20.125.122.98) | - | - | High
|
||||
137 | [20.127.4.172](https://vuldb.com/?ip.20.127.4.172) | - | - | High
|
||||
138 | [20.150.193.28](https://vuldb.com/?ip.20.150.193.28) | - | - | High
|
||||
139 | [20.151.221.59](https://vuldb.com/?ip.20.151.221.59) | - | - | High
|
||||
140 | [20.166.62.124](https://vuldb.com/?ip.20.166.62.124) | - | - | High
|
||||
141 | [20.169.37.196](https://vuldb.com/?ip.20.169.37.196) | - | - | High
|
||||
142 | [20.169.104.228](https://vuldb.com/?ip.20.169.104.228) | - | - | High
|
||||
143 | [20.171.107.243](https://vuldb.com/?ip.20.171.107.243) | - | - | High
|
||||
144 | [20.184.2.45](https://vuldb.com/?ip.20.184.2.45) | - | - | High
|
||||
145 | [20.197.177.229](https://vuldb.com/?ip.20.197.177.229) | - | - | High
|
||||
146 | [20.197.196.201](https://vuldb.com/?ip.20.197.196.201) | - | - | High
|
||||
147 | [20.197.226.40](https://vuldb.com/?ip.20.197.226.40) | - | - | High
|
||||
148 | [20.199.101.68](https://vuldb.com/?ip.20.199.101.68) | - | - | High
|
||||
149 | [20.199.112.16](https://vuldb.com/?ip.20.199.112.16) | - | - | High
|
||||
150 | [20.199.120.149](https://vuldb.com/?ip.20.199.120.149) | - | - | High
|
||||
151 | [20.199.121.197](https://vuldb.com/?ip.20.199.121.197) | - | - | High
|
||||
152 | [20.200.63.2](https://vuldb.com/?ip.20.200.63.2) | - | - | High
|
||||
153 | [20.203.178.116](https://vuldb.com/?ip.20.203.178.116) | - | - | High
|
||||
154 | [20.211.5.151](https://vuldb.com/?ip.20.211.5.151) | - | - | High
|
||||
155 | [20.212.19.59](https://vuldb.com/?ip.20.212.19.59) | - | - | High
|
||||
156 | [20.224.162.224](https://vuldb.com/?ip.20.224.162.224) | - | - | High
|
||||
157 | [20.226.0.95](https://vuldb.com/?ip.20.226.0.95) | - | - | High
|
||||
158 | [20.226.101.17](https://vuldb.com/?ip.20.226.101.17) | - | - | High
|
||||
159 | [20.226.120.127](https://vuldb.com/?ip.20.226.120.127) | - | - | High
|
||||
160 | [20.238.78.172](https://vuldb.com/?ip.20.238.78.172) | - | - | High
|
||||
161 | [20.240.61.211](https://vuldb.com/?ip.20.240.61.211) | - | - | High
|
||||
162 | [23.94.82.24](https://vuldb.com/?ip.23.94.82.24) | 23-94-82-24-host.colocrossing.com | - | High
|
||||
163 | [23.94.159.212](https://vuldb.com/?ip.23.94.159.212) | 23-94-159-212-host.colocrossing.com | - | High
|
||||
164 | [23.94.236.147](https://vuldb.com/?ip.23.94.236.147) | 23-94-236-147-host.colocrossing.com | - | High
|
||||
165 | [23.95.13.189](https://vuldb.com/?ip.23.95.13.189) | 23-95-13-189-host.colocrossing.com | - | High
|
||||
166 | [23.95.115.74](https://vuldb.com/?ip.23.95.115.74) | rawss.futurce.org.uk | - | High
|
||||
167 | [23.101.143.72](https://vuldb.com/?ip.23.101.143.72) | - | - | High
|
||||
168 | [23.101.213.237](https://vuldb.com/?ip.23.101.213.237) | - | - | High
|
||||
169 | [23.102.1.5](https://vuldb.com/?ip.23.102.1.5) | - | - | High
|
||||
170 | [23.102.122.72](https://vuldb.com/?ip.23.102.122.72) | - | - | High
|
||||
171 | [23.102.129.234](https://vuldb.com/?ip.23.102.129.234) | - | - | High
|
||||
172 | [23.105.131.196](https://vuldb.com/?ip.23.105.131.196) | mail196.nessfist.com | - | High
|
||||
173 | [23.105.131.207](https://vuldb.com/?ip.23.105.131.207) | mail207.nessfist.com | - | High
|
||||
174 | [23.105.131.209](https://vuldb.com/?ip.23.105.131.209) | mail209.nessfist.com | - | High
|
||||
175 | [23.105.131.212](https://vuldb.com/?ip.23.105.131.212) | mail212.nessfist.com | - | High
|
||||
176 | [23.105.131.236](https://vuldb.com/?ip.23.105.131.236) | mail236.nessfist.com | - | High
|
||||
177 | [23.105.131.239](https://vuldb.com/?ip.23.105.131.239) | mail239.nessfist.com | - | High
|
||||
178 | [23.129.232.160](https://vuldb.com/?ip.23.129.232.160) | - | - | High
|
||||
179 | [23.146.242.100](https://vuldb.com/?ip.23.146.242.100) | - | - | High
|
||||
180 | [23.226.77.22](https://vuldb.com/?ip.23.226.77.22) | we.love.servers.at.ioflood.net | - | High
|
||||
181 | [23.229.67.133](https://vuldb.com/?ip.23.229.67.133) | gallerymethodwakebottom.as | - | High
|
||||
182 | [23.237.25.246](https://vuldb.com/?ip.23.237.25.246) | - | - | High
|
||||
183 | [23.238.217.173](https://vuldb.com/?ip.23.238.217.173) | orja4.teki.notredamians.org | - | High
|
||||
184 | [23.254.130.126](https://vuldb.com/?ip.23.254.130.126) | hwsrv-1069616.hostwindsdns.com | - | High
|
||||
185 | [23.254.227.121](https://vuldb.com/?ip.23.254.227.121) | hwsrv-1063912.hostwindsdns.com | - | High
|
||||
186 | [23.254.231.83](https://vuldb.com/?ip.23.254.231.83) | hwsrv-1070248.hostwindsdns.com | - | High
|
||||
187 | [31.41.244.135](https://vuldb.com/?ip.31.41.244.135) | - | - | High
|
||||
188 | [31.170.22.28](https://vuldb.com/?ip.31.170.22.28) | - | - | High
|
||||
189 | [31.192.236.139](https://vuldb.com/?ip.31.192.236.139) | winupdate02.pserver.ru | - | High
|
||||
190 | [31.210.20.79](https://vuldb.com/?ip.31.210.20.79) | - | - | High
|
||||
191 | [31.210.20.167](https://vuldb.com/?ip.31.210.20.167) | - | - | High
|
||||
192 | [31.210.20.192](https://vuldb.com/?ip.31.210.20.192) | - | - | High
|
||||
193 | [31.210.21.188](https://vuldb.com/?ip.31.210.21.188) | linir.top | - | High
|
||||
194 | [34.69.119.138](https://vuldb.com/?ip.34.69.119.138) | 138.119.69.34.bc.googleusercontent.com | - | Medium
|
||||
195 | [34.71.81.158](https://vuldb.com/?ip.34.71.81.158) | 158.81.71.34.bc.googleusercontent.com | - | Medium
|
||||
196 | [34.125.144.45](https://vuldb.com/?ip.34.125.144.45) | 45.144.125.34.bc.googleusercontent.com | - | Medium
|
||||
197 | [34.140.211.85](https://vuldb.com/?ip.34.140.211.85) | 85.211.140.34.bc.googleusercontent.com | - | Medium
|
||||
198 | [35.239.113.160](https://vuldb.com/?ip.35.239.113.160) | 160.113.239.35.bc.googleusercontent.com | - | Medium
|
||||
199 | [36.255.96.200](https://vuldb.com/?ip.36.255.96.200) | - | - | High
|
||||
200 | [37.0.8.17](https://vuldb.com/?ip.37.0.8.17) | stokes.springtimemartialarts.com | - | High
|
||||
201 | [37.0.8.20](https://vuldb.com/?ip.37.0.8.20) | jacksonirwin.springtimemartialarts.com | - | High
|
||||
202 | [37.0.8.67](https://vuldb.com/?ip.37.0.8.67) | willis.capitolreservations.com | - | High
|
||||
203 | [37.0.8.93](https://vuldb.com/?ip.37.0.8.93) | shawtran.capitolreservations.com | - | High
|
||||
204 | [37.0.8.191](https://vuldb.com/?ip.37.0.8.191) | frederick.athinneru.com | - | High
|
||||
205 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
|
||||
206 | [37.0.11.45](https://vuldb.com/?ip.37.0.11.45) | - | - | High
|
||||
207 | [37.0.11.246](https://vuldb.com/?ip.37.0.11.246) | - | - | High
|
||||
208 | [37.0.14.196](https://vuldb.com/?ip.37.0.14.196) | - | - | High
|
||||
209 | [37.0.14.197](https://vuldb.com/?ip.37.0.14.197) | - | - | High
|
||||
210 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
|
||||
211 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
|
||||
212 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
|
||||
213 | [37.49.230.185](https://vuldb.com/?ip.37.49.230.185) | - | - | High
|
||||
214 | [37.120.208.36](https://vuldb.com/?ip.37.120.208.36) | - | - | High
|
||||
215 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
|
||||
216 | [37.120.212.235](https://vuldb.com/?ip.37.120.212.235) | - | - | High
|
||||
217 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
|
||||
218 | [37.120.247.24](https://vuldb.com/?ip.37.120.247.24) | - | - | High
|
||||
219 | [37.196.152.120](https://vuldb.com/?ip.37.196.152.120) | m37-196-152-120.cust.tele2.se | - | High
|
||||
220 | [37.221.121.20](https://vuldb.com/?ip.37.221.121.20) | chvt-mail-129.stashkeen.com | - | High
|
||||
221 | [37.221.122.76](https://vuldb.com/?ip.37.221.122.76) | server.modernizmir.net | - | High
|
||||
222 | [37.249.78.26](https://vuldb.com/?ip.37.249.78.26) | apn-37-249-78-26.dynamic.gprs.plus.pl | - | High
|
||||
223 | [38.17.51.104](https://vuldb.com/?ip.38.17.51.104) | - | - | High
|
||||
224 | [38.47.205.151](https://vuldb.com/?ip.38.47.205.151) | - | - | High
|
||||
225 | [38.105.209.167](https://vuldb.com/?ip.38.105.209.167) | vmi737189.contaboserver.net | - | High
|
||||
226 | [38.130.221.190](https://vuldb.com/?ip.38.130.221.190) | 38.130.221.190.hosted.at.cloudsouth.com | - | High
|
||||
227 | [38.132.99.156](https://vuldb.com/?ip.38.132.99.156) | - | - | High
|
||||
228 | [38.242.242.149](https://vuldb.com/?ip.38.242.242.149) | vmi1313701.contaboserver.net | - | High
|
||||
229 | [40.90.210.21](https://vuldb.com/?ip.40.90.210.21) | - | - | High
|
||||
230 | [40.113.131.31](https://vuldb.com/?ip.40.113.131.31) | - | - | High
|
||||
231 | [40.118.53.192](https://vuldb.com/?ip.40.118.53.192) | - | - | High
|
||||
232 | [40.122.131.23](https://vuldb.com/?ip.40.122.131.23) | - | - | High
|
||||
233 | [41.72.146.10](https://vuldb.com/?ip.41.72.146.10) | - | - | High
|
||||
234 | [41.141.211.80](https://vuldb.com/?ip.41.141.211.80) | - | - | High
|
||||
235 | [41.216.183.61](https://vuldb.com/?ip.41.216.183.61) | - | - | High
|
||||
236 | [41.216.183.175](https://vuldb.com/?ip.41.216.183.175) | - | - | High
|
||||
237 | [41.250.187.176](https://vuldb.com/?ip.41.250.187.176) | - | - | High
|
||||
238 | [41.251.4.158](https://vuldb.com/?ip.41.251.4.158) | - | - | High
|
||||
239 | [41.251.51.168](https://vuldb.com/?ip.41.251.51.168) | - | - | High
|
||||
240 | [43.138.160.55](https://vuldb.com/?ip.43.138.160.55) | - | - | High
|
||||
241 | [43.139.124.22](https://vuldb.com/?ip.43.139.124.22) | - | - | High
|
||||
242 | [43.154.97.109](https://vuldb.com/?ip.43.154.97.109) | - | - | High
|
||||
243 | [43.226.49.147](https://vuldb.com/?ip.43.226.49.147) | - | - | High
|
||||
244 | [43.249.30.55](https://vuldb.com/?ip.43.249.30.55) | - | - | High
|
||||
245 | [44.192.67.149](https://vuldb.com/?ip.44.192.67.149) | ec2-44-192-67-149.compute-1.amazonaws.com | - | Medium
|
||||
246 | [45.12.253.31](https://vuldb.com/?ip.45.12.253.31) | - | - | High
|
||||
247 | [45.12.253.58](https://vuldb.com/?ip.45.12.253.58) | - | - | High
|
||||
248 | [45.12.253.107](https://vuldb.com/?ip.45.12.253.107) | - | - | High
|
||||
249 | [45.14.224.94](https://vuldb.com/?ip.45.14.224.94) | web117.excw.nl | - | High
|
||||
250 | [45.15.143.183](https://vuldb.com/?ip.45.15.143.183) | - | - | High
|
||||
251 | [45.15.143.191](https://vuldb.com/?ip.45.15.143.191) | - | - | High
|
||||
252 | [45.15.143.199](https://vuldb.com/?ip.45.15.143.199) | - | - | High
|
||||
253 | [45.32.99.249](https://vuldb.com/?ip.45.32.99.249) | 45.32.99.249.vultrusercontent.com | - | High
|
||||
254 | [45.32.211.35](https://vuldb.com/?ip.45.32.211.35) | 45.32.211.35.vultrusercontent.com | - | High
|
||||
255 | [45.58.190.125](https://vuldb.com/?ip.45.58.190.125) | - | - | High
|
||||
256 | [45.66.248.114](https://vuldb.com/?ip.45.66.248.114) | - | - | High
|
||||
257 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
|
||||
258 | [45.74.38.17](https://vuldb.com/?ip.45.74.38.17) | - | - | High
|
||||
259 | [45.76.56.26](https://vuldb.com/?ip.45.76.56.26) | 45.76.56.26.vultrusercontent.com | - | High
|
||||
260 | [45.77.142.82](https://vuldb.com/?ip.45.77.142.82) | 45.77.142.82.vultrusercontent.com | - | High
|
||||
261 | [45.80.29.139](https://vuldb.com/?ip.45.80.29.139) | hostifox.com.tr | - | High
|
||||
262 | [45.80.158.57](https://vuldb.com/?ip.45.80.158.57) | - | - | High
|
||||
263 | [45.80.158.65](https://vuldb.com/?ip.45.80.158.65) | - | - | High
|
||||
264 | [45.80.158.108](https://vuldb.com/?ip.45.80.158.108) | - | - | High
|
||||
265 | [45.80.158.114](https://vuldb.com/?ip.45.80.158.114) | - | - | High
|
||||
266 | [45.80.158.116](https://vuldb.com/?ip.45.80.158.116) | - | - | High
|
||||
267 | [45.80.158.127](https://vuldb.com/?ip.45.80.158.127) | - | - | High
|
||||
268 | [45.80.158.160](https://vuldb.com/?ip.45.80.158.160) | - | - | High
|
||||
269 | [45.80.158.237](https://vuldb.com/?ip.45.80.158.237) | - | - | High
|
||||
270 | [45.81.243.217](https://vuldb.com/?ip.45.81.243.217) | - | - | High
|
||||
271 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
|
||||
272 | [45.88.67.12](https://vuldb.com/?ip.45.88.67.12) | - | - | High
|
||||
273 | [45.88.79.224](https://vuldb.com/?ip.45.88.79.224) | free.example.com | - | High
|
||||
274 | [45.92.1.24](https://vuldb.com/?ip.45.92.1.24) | - | - | High
|
||||
275 | [45.92.1.59](https://vuldb.com/?ip.45.92.1.59) | - | - | High
|
||||
276 | [45.92.1.71](https://vuldb.com/?ip.45.92.1.71) | - | - | High
|
||||
277 | [45.95.168.110](https://vuldb.com/?ip.45.95.168.110) | news.maxko.hr | - | High
|
||||
278 | [45.95.168.116](https://vuldb.com/?ip.45.95.168.116) | maxko-hosting.com | - | High
|
||||
279 | [45.95.169.112](https://vuldb.com/?ip.45.95.169.112) | xdhmhs.com | - | High
|
||||
280 | [45.119.84.166](https://vuldb.com/?ip.45.119.84.166) | - | - | High
|
||||
281 | [45.125.48.112](https://vuldb.com/?ip.45.125.48.112) | - | - | High
|
||||
282 | [45.131.1.70](https://vuldb.com/?ip.45.131.1.70) | ip.serverscity.net | - | High
|
||||
283 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
|
||||
284 | [45.133.1.152](https://vuldb.com/?ip.45.133.1.152) | - | - | High
|
||||
285 | [45.133.174.122](https://vuldb.com/?ip.45.133.174.122) | - | - | High
|
||||
286 | [45.134.140.152](https://vuldb.com/?ip.45.134.140.152) | unn-45-134-140-152.datapacket.com | - | High
|
||||
287 | [45.134.142.193](https://vuldb.com/?ip.45.134.142.193) | unn-45-134-142-193.datapacket.com | - | High
|
||||
288 | [45.134.142.211](https://vuldb.com/?ip.45.134.142.211) | unn-45-134-142-211.datapacket.com | - | High
|
||||
289 | [45.136.4.99](https://vuldb.com/?ip.45.136.4.99) | host-45.136.4.99.saga.net.tr | - | High
|
||||
290 | [45.136.4.101](https://vuldb.com/?ip.45.136.4.101) | host-45.136.4.101.saga.net.tr | - | High
|
||||
291 | [45.136.6.79](https://vuldb.com/?ip.45.136.6.79) | - | - | High
|
||||
292 | [45.137.22.41](https://vuldb.com/?ip.45.137.22.41) | hosted-by.rootlayer.net | - | High
|
||||
293 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
|
||||
294 | [45.137.22.111](https://vuldb.com/?ip.45.137.22.111) | hosted-by.rootlayer.net | - | High
|
||||
295 | ... | ... | ... | ...
|
||||
33 | [3.88.20.74](https://vuldb.com/?ip.3.88.20.74) | ec2-3-88-20-74.compute-1.amazonaws.com | - | Medium
|
||||
34 | [3.125.115.192](https://vuldb.com/?ip.3.125.115.192) | ec2-3-125-115-192.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
35 | [3.129.187.220](https://vuldb.com/?ip.3.129.187.220) | ec2-3-129-187-220.us-east-2.compute.amazonaws.com | - | Medium
|
||||
36 | [3.136.65.236](https://vuldb.com/?ip.3.136.65.236) | ec2-3-136-65-236.us-east-2.compute.amazonaws.com | - | Medium
|
||||
37 | [3.138.45.170](https://vuldb.com/?ip.3.138.45.170) | ec2-3-138-45-170.us-east-2.compute.amazonaws.com | - | Medium
|
||||
38 | [3.138.180.119](https://vuldb.com/?ip.3.138.180.119) | ec2-3-138-180-119.us-east-2.compute.amazonaws.com | - | Medium
|
||||
39 | [3.138.228.94](https://vuldb.com/?ip.3.138.228.94) | ec2-3-138-228-94.us-east-2.compute.amazonaws.com | - | Medium
|
||||
40 | [3.141.142.211](https://vuldb.com/?ip.3.141.142.211) | ec2-3-141-142-211.us-east-2.compute.amazonaws.com | - | Medium
|
||||
41 | [3.141.210.37](https://vuldb.com/?ip.3.141.210.37) | ec2-3-141-210-37.us-east-2.compute.amazonaws.com | - | Medium
|
||||
42 | [3.142.81.166](https://vuldb.com/?ip.3.142.81.166) | ec2-3-142-81-166.us-east-2.compute.amazonaws.com | - | Medium
|
||||
43 | [3.142.129.56](https://vuldb.com/?ip.3.142.129.56) | ec2-3-142-129-56.us-east-2.compute.amazonaws.com | - | Medium
|
||||
44 | [3.142.167.4](https://vuldb.com/?ip.3.142.167.4) | ec2-3-142-167-4.us-east-2.compute.amazonaws.com | - | Medium
|
||||
45 | [3.142.167.54](https://vuldb.com/?ip.3.142.167.54) | ec2-3-142-167-54.us-east-2.compute.amazonaws.com | - | Medium
|
||||
46 | [3.144.124.4](https://vuldb.com/?ip.3.144.124.4) | ec2-3-144-124-4.us-east-2.compute.amazonaws.com | - | Medium
|
||||
47 | [3.219.26.62](https://vuldb.com/?ip.3.219.26.62) | ec2-3-219-26-62.compute-1.amazonaws.com | - | Medium
|
||||
48 | [3.237.100.172](https://vuldb.com/?ip.3.237.100.172) | ec2-3-237-100-172.compute-1.amazonaws.com | - | Medium
|
||||
49 | [4.227.187.147](https://vuldb.com/?ip.4.227.187.147) | - | - | High
|
||||
50 | [4.229.235.23](https://vuldb.com/?ip.4.229.235.23) | - | - | High
|
||||
51 | [4.231.233.180](https://vuldb.com/?ip.4.231.233.180) | - | - | High
|
||||
52 | [5.39.15.167](https://vuldb.com/?ip.5.39.15.167) | - | - | High
|
||||
53 | [5.68.138.73](https://vuldb.com/?ip.5.68.138.73) | 05448a49.skybroadband.com | - | High
|
||||
54 | [5.68.199.16](https://vuldb.com/?ip.5.68.199.16) | 0544c710.skybroadband.com | - | High
|
||||
55 | [5.78.65.18](https://vuldb.com/?ip.5.78.65.18) | static.18.65.78.5.clients.your-server.de | - | High
|
||||
56 | [5.161.76.198](https://vuldb.com/?ip.5.161.76.198) | static.198.76.161.5.clients.your-server.de | - | High
|
||||
57 | [5.161.115.90](https://vuldb.com/?ip.5.161.115.90) | static.90.115.161.5.clients.your-server.de | - | High
|
||||
58 | [5.161.139.136](https://vuldb.com/?ip.5.161.139.136) | static.136.139.161.5.clients.your-server.de | - | High
|
||||
59 | [5.161.192.28](https://vuldb.com/?ip.5.161.192.28) | static.28.192.161.5.clients.your-server.de | - | High
|
||||
60 | [5.180.104.172](https://vuldb.com/?ip.5.180.104.172) | protection.sdflare.com | - | High
|
||||
61 | [5.180.107.130](https://vuldb.com/?ip.5.180.107.130) | ip.serverscity.net | - | High
|
||||
62 | [5.181.80.120](https://vuldb.com/?ip.5.181.80.120) | alarmedbook.de | - | High
|
||||
63 | [5.181.234.149](https://vuldb.com/?ip.5.181.234.149) | - | - | High
|
||||
64 | [5.188.51.32](https://vuldb.com/?ip.5.188.51.32) | vps.43284172.llhost-inc.eu | - | High
|
||||
65 | [5.188.86.237](https://vuldb.com/?ip.5.188.86.237) | - | - | High
|
||||
66 | [5.196.35.57](https://vuldb.com/?ip.5.196.35.57) | ip57.ip-5-196-35.eu | - | High
|
||||
67 | [5.196.102.93](https://vuldb.com/?ip.5.196.102.93) | ip93.ip-5-196-102.eu | - | High
|
||||
68 | [5.196.174.49](https://vuldb.com/?ip.5.196.174.49) | - | - | High
|
||||
69 | [5.224.222.63](https://vuldb.com/?ip.5.224.222.63) | 5-224-222-63.red-acceso.airtel.net | - | High
|
||||
70 | [5.224.222.214](https://vuldb.com/?ip.5.224.222.214) | 5-224-222-214.red-acceso.airtel.net | - | High
|
||||
71 | [5.230.68.234](https://vuldb.com/?ip.5.230.68.234) | placeholder.noezserver.de | - | High
|
||||
72 | [5.230.69.11](https://vuldb.com/?ip.5.230.69.11) | placeholder.noezserver.de | - | High
|
||||
73 | [5.230.70.13](https://vuldb.com/?ip.5.230.70.13) | placeholder.noezserver.de | - | High
|
||||
74 | [5.230.70.106](https://vuldb.com/?ip.5.230.70.106) | placeholder.noezserver.de | - | High
|
||||
75 | [5.230.72.132](https://vuldb.com/?ip.5.230.72.132) | placeholder.noezserver.de | - | High
|
||||
76 | [5.230.84.50](https://vuldb.com/?ip.5.230.84.50) | - | - | High
|
||||
77 | [5.249.165.85](https://vuldb.com/?ip.5.249.165.85) | vps-zap756760-2.zap-srv.com | - | High
|
||||
78 | [5.252.165.130](https://vuldb.com/?ip.5.252.165.130) | - | - | High
|
||||
79 | [8.39.147.42](https://vuldb.com/?ip.8.39.147.42) | jinis.co.uk | - | High
|
||||
80 | [8.210.121.56](https://vuldb.com/?ip.8.210.121.56) | - | - | High
|
||||
81 | [10.0.10.128](https://vuldb.com/?ip.10.0.10.128) | - | - | High
|
||||
82 | [13.36.178.139](https://vuldb.com/?ip.13.36.178.139) | ec2-13-36-178-139.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
83 | [13.59.15.185](https://vuldb.com/?ip.13.59.15.185) | ec2-13-59-15-185.us-east-2.compute.amazonaws.com | - | Medium
|
||||
84 | [13.66.153.98](https://vuldb.com/?ip.13.66.153.98) | - | - | High
|
||||
85 | [13.72.107.36](https://vuldb.com/?ip.13.72.107.36) | - | - | High
|
||||
86 | [13.76.94.179](https://vuldb.com/?ip.13.76.94.179) | - | - | High
|
||||
87 | [13.77.222.211](https://vuldb.com/?ip.13.77.222.211) | - | - | High
|
||||
88 | [13.233.168.154](https://vuldb.com/?ip.13.233.168.154) | ec2-13-233-168-154.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
89 | [14.17.115.109](https://vuldb.com/?ip.14.17.115.109) | - | - | High
|
||||
90 | [14.173.70.169](https://vuldb.com/?ip.14.173.70.169) | static.vnpt.vn | - | High
|
||||
91 | [14.186.155.171](https://vuldb.com/?ip.14.186.155.171) | static.vnpt.vn | - | High
|
||||
92 | [14.191.50.101](https://vuldb.com/?ip.14.191.50.101) | static.vnpt.vn | - | High
|
||||
93 | [15.165.236.45](https://vuldb.com/?ip.15.165.236.45) | ec2-15-165-236-45.ap-northeast-2.compute.amazonaws.com | - | Medium
|
||||
94 | [15.204.170.1](https://vuldb.com/?ip.15.204.170.1) | ip1.ip-15-204-170.us | - | High
|
||||
95 | [15.235.10.108](https://vuldb.com/?ip.15.235.10.108) | ns5008350.ip-15-235-10.net | - | High
|
||||
96 | [15.235.13.122](https://vuldb.com/?ip.15.235.13.122) | ns5009176.ip-15-235-13.net | - | High
|
||||
97 | [18.133.124.202](https://vuldb.com/?ip.18.133.124.202) | ec2-18-133-124-202.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
98 | [18.139.9.214](https://vuldb.com/?ip.18.139.9.214) | ec2-18-139-9-214.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
99 | [18.141.129.246](https://vuldb.com/?ip.18.141.129.246) | ec2-18-141-129-246.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
100 | [18.188.14.8](https://vuldb.com/?ip.18.188.14.8) | ec2-18-188-14-8.us-east-2.compute.amazonaws.com | - | Medium
|
||||
101 | [18.192.31.165](https://vuldb.com/?ip.18.192.31.165) | ec2-18-192-31-165.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
102 | [18.195.138.26](https://vuldb.com/?ip.18.195.138.26) | ec2-18-195-138-26.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
103 | [18.207.218.15](https://vuldb.com/?ip.18.207.218.15) | ec2-18-207-218-15.compute-1.amazonaws.com | - | Medium
|
||||
104 | [20.4.6.16](https://vuldb.com/?ip.20.4.6.16) | - | - | High
|
||||
105 | [20.8.122.174](https://vuldb.com/?ip.20.8.122.174) | - | - | High
|
||||
106 | [20.12.204.46](https://vuldb.com/?ip.20.12.204.46) | - | - | High
|
||||
107 | [20.16.8.148](https://vuldb.com/?ip.20.16.8.148) | - | - | High
|
||||
108 | [20.25.94.83](https://vuldb.com/?ip.20.25.94.83) | - | - | High
|
||||
109 | [20.42.114.46](https://vuldb.com/?ip.20.42.114.46) | - | - | High
|
||||
110 | [20.52.33.123](https://vuldb.com/?ip.20.52.33.123) | - | - | High
|
||||
111 | [20.52.138.14](https://vuldb.com/?ip.20.52.138.14) | - | - | High
|
||||
112 | [20.52.142.130](https://vuldb.com/?ip.20.52.142.130) | - | - | High
|
||||
113 | [20.52.151.53](https://vuldb.com/?ip.20.52.151.53) | - | - | High
|
||||
114 | [20.52.178.148](https://vuldb.com/?ip.20.52.178.148) | - | - | High
|
||||
115 | [20.54.113.5](https://vuldb.com/?ip.20.54.113.5) | - | - | High
|
||||
116 | [20.62.3.66](https://vuldb.com/?ip.20.62.3.66) | - | - | High
|
||||
117 | [20.67.243.141](https://vuldb.com/?ip.20.67.243.141) | - | - | High
|
||||
118 | [20.68.110.75](https://vuldb.com/?ip.20.68.110.75) | - | - | High
|
||||
119 | [20.69.124.187](https://vuldb.com/?ip.20.69.124.187) | - | - | High
|
||||
120 | [20.69.152.28](https://vuldb.com/?ip.20.69.152.28) | - | - | High
|
||||
121 | [20.77.254.176](https://vuldb.com/?ip.20.77.254.176) | - | - | High
|
||||
122 | [20.83.245.27](https://vuldb.com/?ip.20.83.245.27) | - | - | High
|
||||
123 | [20.86.25.230](https://vuldb.com/?ip.20.86.25.230) | - | - | High
|
||||
124 | [20.98.96.97](https://vuldb.com/?ip.20.98.96.97) | - | - | High
|
||||
125 | [20.98.113.24](https://vuldb.com/?ip.20.98.113.24) | - | - | High
|
||||
126 | [20.98.203.218](https://vuldb.com/?ip.20.98.203.218) | - | - | High
|
||||
127 | [20.100.196.69](https://vuldb.com/?ip.20.100.196.69) | - | - | High
|
||||
128 | [20.107.115.162](https://vuldb.com/?ip.20.107.115.162) | - | - | High
|
||||
129 | [20.108.44.45](https://vuldb.com/?ip.20.108.44.45) | - | - | High
|
||||
130 | [20.111.19.215](https://vuldb.com/?ip.20.111.19.215) | - | - | High
|
||||
131 | [20.111.34.199](https://vuldb.com/?ip.20.111.34.199) | - | - | High
|
||||
132 | [20.111.63.231](https://vuldb.com/?ip.20.111.63.231) | - | - | High
|
||||
133 | [20.113.159.145](https://vuldb.com/?ip.20.113.159.145) | - | - | High
|
||||
134 | [20.114.139.208](https://vuldb.com/?ip.20.114.139.208) | - | - | High
|
||||
135 | [20.117.208.193](https://vuldb.com/?ip.20.117.208.193) | - | - | High
|
||||
136 | [20.123.180.103](https://vuldb.com/?ip.20.123.180.103) | - | - | High
|
||||
137 | [20.124.90.72](https://vuldb.com/?ip.20.124.90.72) | - | - | High
|
||||
138 | [20.125.118.35](https://vuldb.com/?ip.20.125.118.35) | - | - | High
|
||||
139 | [20.125.122.98](https://vuldb.com/?ip.20.125.122.98) | - | - | High
|
||||
140 | [20.127.4.172](https://vuldb.com/?ip.20.127.4.172) | - | - | High
|
||||
141 | [20.150.193.28](https://vuldb.com/?ip.20.150.193.28) | - | - | High
|
||||
142 | [20.151.221.59](https://vuldb.com/?ip.20.151.221.59) | - | - | High
|
||||
143 | [20.166.62.124](https://vuldb.com/?ip.20.166.62.124) | - | - | High
|
||||
144 | [20.169.37.196](https://vuldb.com/?ip.20.169.37.196) | - | - | High
|
||||
145 | [20.169.104.228](https://vuldb.com/?ip.20.169.104.228) | - | - | High
|
||||
146 | [20.171.107.243](https://vuldb.com/?ip.20.171.107.243) | - | - | High
|
||||
147 | [20.184.2.45](https://vuldb.com/?ip.20.184.2.45) | - | - | High
|
||||
148 | [20.197.177.229](https://vuldb.com/?ip.20.197.177.229) | - | - | High
|
||||
149 | [20.197.196.201](https://vuldb.com/?ip.20.197.196.201) | - | - | High
|
||||
150 | [20.197.226.40](https://vuldb.com/?ip.20.197.226.40) | - | - | High
|
||||
151 | [20.199.101.68](https://vuldb.com/?ip.20.199.101.68) | - | - | High
|
||||
152 | [20.199.112.16](https://vuldb.com/?ip.20.199.112.16) | - | - | High
|
||||
153 | [20.199.120.149](https://vuldb.com/?ip.20.199.120.149) | - | - | High
|
||||
154 | [20.199.121.197](https://vuldb.com/?ip.20.199.121.197) | - | - | High
|
||||
155 | [20.200.63.2](https://vuldb.com/?ip.20.200.63.2) | - | - | High
|
||||
156 | [20.203.178.116](https://vuldb.com/?ip.20.203.178.116) | - | - | High
|
||||
157 | [20.211.5.151](https://vuldb.com/?ip.20.211.5.151) | - | - | High
|
||||
158 | [20.212.19.59](https://vuldb.com/?ip.20.212.19.59) | - | - | High
|
||||
159 | [20.224.162.224](https://vuldb.com/?ip.20.224.162.224) | - | - | High
|
||||
160 | [20.226.0.95](https://vuldb.com/?ip.20.226.0.95) | - | - | High
|
||||
161 | [20.226.101.17](https://vuldb.com/?ip.20.226.101.17) | - | - | High
|
||||
162 | [20.226.120.127](https://vuldb.com/?ip.20.226.120.127) | - | - | High
|
||||
163 | [20.238.78.172](https://vuldb.com/?ip.20.238.78.172) | - | - | High
|
||||
164 | [20.240.61.211](https://vuldb.com/?ip.20.240.61.211) | - | - | High
|
||||
165 | [23.94.82.24](https://vuldb.com/?ip.23.94.82.24) | 23-94-82-24-host.colocrossing.com | - | High
|
||||
166 | [23.94.159.212](https://vuldb.com/?ip.23.94.159.212) | 23-94-159-212-host.colocrossing.com | - | High
|
||||
167 | [23.94.236.147](https://vuldb.com/?ip.23.94.236.147) | 23-94-236-147-host.colocrossing.com | - | High
|
||||
168 | [23.95.13.189](https://vuldb.com/?ip.23.95.13.189) | 23-95-13-189-host.colocrossing.com | - | High
|
||||
169 | [23.95.115.74](https://vuldb.com/?ip.23.95.115.74) | rawss.futurce.org.uk | - | High
|
||||
170 | [23.101.143.72](https://vuldb.com/?ip.23.101.143.72) | - | - | High
|
||||
171 | [23.101.213.237](https://vuldb.com/?ip.23.101.213.237) | - | - | High
|
||||
172 | [23.102.1.5](https://vuldb.com/?ip.23.102.1.5) | - | - | High
|
||||
173 | [23.102.122.72](https://vuldb.com/?ip.23.102.122.72) | - | - | High
|
||||
174 | [23.102.129.234](https://vuldb.com/?ip.23.102.129.234) | - | - | High
|
||||
175 | [23.105.131.196](https://vuldb.com/?ip.23.105.131.196) | mail196.nessfist.com | - | High
|
||||
176 | [23.105.131.207](https://vuldb.com/?ip.23.105.131.207) | mail207.nessfist.com | - | High
|
||||
177 | [23.105.131.209](https://vuldb.com/?ip.23.105.131.209) | mail209.nessfist.com | - | High
|
||||
178 | [23.105.131.212](https://vuldb.com/?ip.23.105.131.212) | mail212.nessfist.com | - | High
|
||||
179 | [23.105.131.236](https://vuldb.com/?ip.23.105.131.236) | mail236.nessfist.com | - | High
|
||||
180 | [23.105.131.239](https://vuldb.com/?ip.23.105.131.239) | mail239.nessfist.com | - | High
|
||||
181 | [23.129.232.160](https://vuldb.com/?ip.23.129.232.160) | - | - | High
|
||||
182 | [23.146.242.100](https://vuldb.com/?ip.23.146.242.100) | - | - | High
|
||||
183 | [23.226.77.22](https://vuldb.com/?ip.23.226.77.22) | we.love.servers.at.ioflood.net | - | High
|
||||
184 | [23.229.67.133](https://vuldb.com/?ip.23.229.67.133) | gallerymethodwakebottom.as | - | High
|
||||
185 | [23.237.25.246](https://vuldb.com/?ip.23.237.25.246) | - | - | High
|
||||
186 | [23.238.217.173](https://vuldb.com/?ip.23.238.217.173) | orja4.teki.notredamians.org | - | High
|
||||
187 | [23.254.130.126](https://vuldb.com/?ip.23.254.130.126) | hwsrv-1069616.hostwindsdns.com | - | High
|
||||
188 | [23.254.227.121](https://vuldb.com/?ip.23.254.227.121) | hwsrv-1063912.hostwindsdns.com | - | High
|
||||
189 | [23.254.231.83](https://vuldb.com/?ip.23.254.231.83) | hwsrv-1070248.hostwindsdns.com | - | High
|
||||
190 | [31.41.244.135](https://vuldb.com/?ip.31.41.244.135) | - | - | High
|
||||
191 | [31.170.22.28](https://vuldb.com/?ip.31.170.22.28) | - | - | High
|
||||
192 | [31.192.236.139](https://vuldb.com/?ip.31.192.236.139) | winupdate02.pserver.ru | - | High
|
||||
193 | [31.210.20.79](https://vuldb.com/?ip.31.210.20.79) | - | - | High
|
||||
194 | [31.210.20.167](https://vuldb.com/?ip.31.210.20.167) | - | - | High
|
||||
195 | [31.210.20.192](https://vuldb.com/?ip.31.210.20.192) | - | - | High
|
||||
196 | [31.210.21.188](https://vuldb.com/?ip.31.210.21.188) | linir.top | - | High
|
||||
197 | [34.69.119.138](https://vuldb.com/?ip.34.69.119.138) | 138.119.69.34.bc.googleusercontent.com | - | Medium
|
||||
198 | [34.71.81.158](https://vuldb.com/?ip.34.71.81.158) | 158.81.71.34.bc.googleusercontent.com | - | Medium
|
||||
199 | [34.125.144.45](https://vuldb.com/?ip.34.125.144.45) | 45.144.125.34.bc.googleusercontent.com | - | Medium
|
||||
200 | [34.140.211.85](https://vuldb.com/?ip.34.140.211.85) | 85.211.140.34.bc.googleusercontent.com | - | Medium
|
||||
201 | [35.239.113.160](https://vuldb.com/?ip.35.239.113.160) | 160.113.239.35.bc.googleusercontent.com | - | Medium
|
||||
202 | [36.255.96.200](https://vuldb.com/?ip.36.255.96.200) | - | - | High
|
||||
203 | [37.0.8.17](https://vuldb.com/?ip.37.0.8.17) | stokes.springtimemartialarts.com | - | High
|
||||
204 | [37.0.8.20](https://vuldb.com/?ip.37.0.8.20) | jacksonirwin.springtimemartialarts.com | - | High
|
||||
205 | [37.0.8.67](https://vuldb.com/?ip.37.0.8.67) | willis.capitolreservations.com | - | High
|
||||
206 | [37.0.8.93](https://vuldb.com/?ip.37.0.8.93) | shawtran.capitolreservations.com | - | High
|
||||
207 | [37.0.8.191](https://vuldb.com/?ip.37.0.8.191) | frederick.athinneru.com | - | High
|
||||
208 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
|
||||
209 | [37.0.11.45](https://vuldb.com/?ip.37.0.11.45) | - | - | High
|
||||
210 | [37.0.11.246](https://vuldb.com/?ip.37.0.11.246) | - | - | High
|
||||
211 | [37.0.14.196](https://vuldb.com/?ip.37.0.14.196) | - | - | High
|
||||
212 | [37.0.14.197](https://vuldb.com/?ip.37.0.14.197) | - | - | High
|
||||
213 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
|
||||
214 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
|
||||
215 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
|
||||
216 | [37.49.230.185](https://vuldb.com/?ip.37.49.230.185) | - | - | High
|
||||
217 | [37.120.208.36](https://vuldb.com/?ip.37.120.208.36) | - | - | High
|
||||
218 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
|
||||
219 | [37.120.212.235](https://vuldb.com/?ip.37.120.212.235) | - | - | High
|
||||
220 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
|
||||
221 | [37.120.247.24](https://vuldb.com/?ip.37.120.247.24) | - | - | High
|
||||
222 | [37.196.152.120](https://vuldb.com/?ip.37.196.152.120) | m37-196-152-120.cust.tele2.se | - | High
|
||||
223 | [37.221.121.20](https://vuldb.com/?ip.37.221.121.20) | chvt-mail-129.stashkeen.com | - | High
|
||||
224 | [37.221.122.76](https://vuldb.com/?ip.37.221.122.76) | server.modernizmir.net | - | High
|
||||
225 | [37.249.78.26](https://vuldb.com/?ip.37.249.78.26) | apn-37-249-78-26.dynamic.gprs.plus.pl | - | High
|
||||
226 | [38.17.51.104](https://vuldb.com/?ip.38.17.51.104) | - | - | High
|
||||
227 | [38.47.205.151](https://vuldb.com/?ip.38.47.205.151) | - | - | High
|
||||
228 | [38.105.209.167](https://vuldb.com/?ip.38.105.209.167) | vmi737189.contaboserver.net | - | High
|
||||
229 | [38.130.221.190](https://vuldb.com/?ip.38.130.221.190) | 38.130.221.190.hosted.at.cloudsouth.com | - | High
|
||||
230 | [38.132.99.156](https://vuldb.com/?ip.38.132.99.156) | - | - | High
|
||||
231 | [38.242.242.149](https://vuldb.com/?ip.38.242.242.149) | vmi1313701.contaboserver.net | - | High
|
||||
232 | [40.90.210.21](https://vuldb.com/?ip.40.90.210.21) | - | - | High
|
||||
233 | [40.113.131.31](https://vuldb.com/?ip.40.113.131.31) | - | - | High
|
||||
234 | [40.118.53.192](https://vuldb.com/?ip.40.118.53.192) | - | - | High
|
||||
235 | [40.122.131.23](https://vuldb.com/?ip.40.122.131.23) | - | - | High
|
||||
236 | [41.72.146.10](https://vuldb.com/?ip.41.72.146.10) | - | - | High
|
||||
237 | [41.141.211.80](https://vuldb.com/?ip.41.141.211.80) | - | - | High
|
||||
238 | [41.216.183.61](https://vuldb.com/?ip.41.216.183.61) | - | - | High
|
||||
239 | [41.216.183.175](https://vuldb.com/?ip.41.216.183.175) | - | - | High
|
||||
240 | [41.250.187.176](https://vuldb.com/?ip.41.250.187.176) | - | - | High
|
||||
241 | [41.251.4.158](https://vuldb.com/?ip.41.251.4.158) | - | - | High
|
||||
242 | [41.251.51.168](https://vuldb.com/?ip.41.251.51.168) | - | - | High
|
||||
243 | [43.138.160.55](https://vuldb.com/?ip.43.138.160.55) | - | - | High
|
||||
244 | [43.139.124.22](https://vuldb.com/?ip.43.139.124.22) | - | - | High
|
||||
245 | [43.154.97.109](https://vuldb.com/?ip.43.154.97.109) | - | - | High
|
||||
246 | [43.226.49.147](https://vuldb.com/?ip.43.226.49.147) | - | - | High
|
||||
247 | [43.249.30.55](https://vuldb.com/?ip.43.249.30.55) | - | - | High
|
||||
248 | [44.192.67.149](https://vuldb.com/?ip.44.192.67.149) | ec2-44-192-67-149.compute-1.amazonaws.com | - | Medium
|
||||
249 | [45.12.253.31](https://vuldb.com/?ip.45.12.253.31) | - | - | High
|
||||
250 | [45.12.253.58](https://vuldb.com/?ip.45.12.253.58) | - | - | High
|
||||
251 | [45.12.253.107](https://vuldb.com/?ip.45.12.253.107) | - | - | High
|
||||
252 | [45.14.224.94](https://vuldb.com/?ip.45.14.224.94) | web117.excw.nl | - | High
|
||||
253 | [45.15.143.183](https://vuldb.com/?ip.45.15.143.183) | - | - | High
|
||||
254 | [45.15.143.191](https://vuldb.com/?ip.45.15.143.191) | - | - | High
|
||||
255 | [45.15.143.199](https://vuldb.com/?ip.45.15.143.199) | - | - | High
|
||||
256 | [45.32.99.249](https://vuldb.com/?ip.45.32.99.249) | 45.32.99.249.vultrusercontent.com | - | High
|
||||
257 | [45.32.211.35](https://vuldb.com/?ip.45.32.211.35) | 45.32.211.35.vultrusercontent.com | - | High
|
||||
258 | [45.58.190.125](https://vuldb.com/?ip.45.58.190.125) | - | - | High
|
||||
259 | [45.66.248.114](https://vuldb.com/?ip.45.66.248.114) | - | - | High
|
||||
260 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
|
||||
261 | [45.74.38.17](https://vuldb.com/?ip.45.74.38.17) | - | - | High
|
||||
262 | [45.76.56.26](https://vuldb.com/?ip.45.76.56.26) | 45.76.56.26.vultrusercontent.com | - | High
|
||||
263 | [45.77.142.82](https://vuldb.com/?ip.45.77.142.82) | 45.77.142.82.vultrusercontent.com | - | High
|
||||
264 | [45.80.29.139](https://vuldb.com/?ip.45.80.29.139) | hostifox.com.tr | - | High
|
||||
265 | [45.80.158.57](https://vuldb.com/?ip.45.80.158.57) | - | - | High
|
||||
266 | [45.80.158.65](https://vuldb.com/?ip.45.80.158.65) | - | - | High
|
||||
267 | [45.80.158.108](https://vuldb.com/?ip.45.80.158.108) | - | - | High
|
||||
268 | [45.80.158.114](https://vuldb.com/?ip.45.80.158.114) | - | - | High
|
||||
269 | [45.80.158.116](https://vuldb.com/?ip.45.80.158.116) | - | - | High
|
||||
270 | [45.80.158.127](https://vuldb.com/?ip.45.80.158.127) | - | - | High
|
||||
271 | [45.80.158.160](https://vuldb.com/?ip.45.80.158.160) | - | - | High
|
||||
272 | [45.80.158.237](https://vuldb.com/?ip.45.80.158.237) | - | - | High
|
||||
273 | [45.81.243.217](https://vuldb.com/?ip.45.81.243.217) | - | - | High
|
||||
274 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
|
||||
275 | [45.88.67.12](https://vuldb.com/?ip.45.88.67.12) | - | - | High
|
||||
276 | [45.88.79.224](https://vuldb.com/?ip.45.88.79.224) | free.example.com | - | High
|
||||
277 | [45.92.1.24](https://vuldb.com/?ip.45.92.1.24) | - | - | High
|
||||
278 | [45.92.1.59](https://vuldb.com/?ip.45.92.1.59) | - | - | High
|
||||
279 | [45.92.1.71](https://vuldb.com/?ip.45.92.1.71) | - | - | High
|
||||
280 | [45.95.168.110](https://vuldb.com/?ip.45.95.168.110) | news.maxko.hr | - | High
|
||||
281 | [45.95.168.116](https://vuldb.com/?ip.45.95.168.116) | maxko-hosting.com | - | High
|
||||
282 | [45.95.169.112](https://vuldb.com/?ip.45.95.169.112) | xdhmhs.com | - | High
|
||||
283 | [45.119.84.166](https://vuldb.com/?ip.45.119.84.166) | - | - | High
|
||||
284 | [45.125.48.112](https://vuldb.com/?ip.45.125.48.112) | - | - | High
|
||||
285 | [45.131.1.70](https://vuldb.com/?ip.45.131.1.70) | ip.serverscity.net | - | High
|
||||
286 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
|
||||
287 | [45.133.1.152](https://vuldb.com/?ip.45.133.1.152) | - | - | High
|
||||
288 | [45.133.174.122](https://vuldb.com/?ip.45.133.174.122) | - | - | High
|
||||
289 | [45.134.140.152](https://vuldb.com/?ip.45.134.140.152) | unn-45-134-140-152.datapacket.com | - | High
|
||||
290 | [45.134.142.193](https://vuldb.com/?ip.45.134.142.193) | unn-45-134-142-193.datapacket.com | - | High
|
||||
291 | [45.134.142.211](https://vuldb.com/?ip.45.134.142.211) | unn-45-134-142-211.datapacket.com | - | High
|
||||
292 | [45.136.4.99](https://vuldb.com/?ip.45.136.4.99) | host-45.136.4.99.saga.net.tr | - | High
|
||||
293 | [45.136.4.101](https://vuldb.com/?ip.45.136.4.101) | host-45.136.4.101.saga.net.tr | - | High
|
||||
294 | [45.136.6.79](https://vuldb.com/?ip.45.136.6.79) | - | - | High
|
||||
295 | [45.137.22.41](https://vuldb.com/?ip.45.137.22.41) | hosted-by.rootlayer.net | - | High
|
||||
296 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
|
||||
297 | [45.137.22.111](https://vuldb.com/?ip.45.137.22.111) | hosted-by.rootlayer.net | - | High
|
||||
298 | [45.137.22.115](https://vuldb.com/?ip.45.137.22.115) | hosted-by.rootlayer.net | - | High
|
||||
299 | [45.137.22.182](https://vuldb.com/?ip.45.137.22.182) | hosted-by.rootlayer.net | - | High
|
||||
300 | [45.138.16.39](https://vuldb.com/?ip.45.138.16.39) | - | - | High
|
||||
301 | ... | ... | ... | ...
|
||||
|
||||
There are 1176 more IOC items available. Please use our online service to access the data.
|
||||
There are 1202 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -325,11 +331,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-50 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-36 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -340,53 +346,62 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/addproduct.php` | High
|
||||
2 | File | `/admin/modal_add_product.php` | High
|
||||
3 | File | `/admin/positions_add.php` | High
|
||||
4 | File | `/admin/update_s6.php` | High
|
||||
5 | File | `/api/geojson` | Medium
|
||||
6 | File | `/Applications/Content%20Manager/Execute.aspx?cmd=convert&mode=HTML` | High
|
||||
7 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
8 | File | `/authenticationendpoint/login.do` | High
|
||||
9 | File | `/bin/ate` | Medium
|
||||
10 | File | `/bin/login` | Medium
|
||||
11 | File | `/cgi-bin/luci` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/changeimage.php` | High
|
||||
14 | File | `/classes/Users.php?f=save` | High
|
||||
15 | File | `/DXR.axd` | Medium
|
||||
16 | File | `/env` | Low
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/goform/WifiGuestSet` | High
|
||||
19 | File | `/HNAP1` | Low
|
||||
20 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
21 | File | `/mc` | Low
|
||||
22 | File | `/out.php` | Medium
|
||||
23 | File | `/owa/auth/logon.aspx` | High
|
||||
24 | File | `/paysystem/branch.php` | High
|
||||
25 | File | `/php-inventory-management-system/product.php` | High
|
||||
26 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
27 | File | `/send_order.cgi?parameter=restart` | High
|
||||
28 | File | `/Taier/API/tenant/listTenant` | High
|
||||
29 | File | `/tmp/boa-temp` | High
|
||||
30 | File | `/userfs/bin/tcapi` | High
|
||||
31 | File | `/var/log/nginx` | High
|
||||
32 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
33 | ... | ... | ...
|
||||
1 | File | `.github/workflows/comment.yml` | High
|
||||
2 | File | `//proc/kcore` | Medium
|
||||
3 | File | `/admin/?page=user/manage_user&id=3` | High
|
||||
4 | File | `/admin/del_feedback.php` | High
|
||||
5 | File | `/admin/edit-accepted-appointment.php` | High
|
||||
6 | File | `/admin/modal_add_product.php` | High
|
||||
7 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
8 | File | `/api/baskets/{name}` | High
|
||||
9 | File | `/api/common/ping` | High
|
||||
10 | File | `/api/upload.php` | High
|
||||
11 | File | `/api?path=profile` | High
|
||||
12 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
13 | File | `/authenticationendpoint/login.do` | High
|
||||
14 | File | `/booking/show_bookings/` | High
|
||||
15 | File | `/category.php` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/chaincity/user/ticket/create` | High
|
||||
18 | File | `/classes/Users.php?f=save` | High
|
||||
19 | File | `/contact/store` | High
|
||||
20 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
21 | File | `/csms/admin/inquiries/view_details.php` | High
|
||||
22 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
23 | File | `/ecommerce/support_ticket` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/friends/ajax_invite` | High
|
||||
26 | File | `/FuguHub/cmsdocs/` | High
|
||||
27 | File | `/graphql` | Medium
|
||||
28 | File | `/h/autoSaveDraft` | High
|
||||
29 | File | `/HNAP1` | Low
|
||||
30 | File | `/home/filter_listings` | High
|
||||
31 | File | `/include/chart_generator.php` | High
|
||||
32 | File | `/index.php` | Medium
|
||||
33 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
|
||||
34 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
35 | File | `/librarian/bookdetails.php` | High
|
||||
36 | File | `/matchmakings/question` | High
|
||||
37 | File | `/osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php` | High
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 277 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 332 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://1275.ru/ioc/195/asyncrat-rat-iocs/
|
||||
* https://app.any.run/tasks/9558b8fc-e70c-43a0-bc39-e68137d8f771
|
||||
* https://app.any.run/tasks/95160d1b-ccef-4cb0-96f3-db66219fc141
|
||||
* https://app.any.run/tasks/449279b2-867e-44d0-995b-3104cc4ca8b3
|
||||
* https://app.any.run/tasks/baf364d4-7ee4-4ccf-81b1-ede9751a429e
|
||||
* https://asec.ahnlab.com/en/36315/
|
||||
* https://bazaar.abuse.ch/sample/0a3c195993e2fc711976afcd85eaa623bc672c5945275dbd9c44b55d0930d436/
|
||||
* https://bazaar.abuse.ch/sample/0adf4ceabac0411e7c0760e5156b9b1e59e7da10ddc7c4490ae67f3f323f752d/
|
||||
* https://bazaar.abuse.ch/sample/0b430753c461abd105cc4eed23015436e3227c5dcbf63dcb49917933371257ab/
|
||||
* https://bazaar.abuse.ch/sample/0c69a4aceb2d7addb911bb4d1991e01d0f8ced3f40133f99422e1fe924be39fa/
|
||||
* https://bazaar.abuse.ch/sample/0d3b361df06306bc03b5e3f096a48119a4a9e1fc5105d2a16fad1b0acda16390/
|
||||
* https://bazaar.abuse.ch/sample/0e172e22605207b6f757d00b6a67ad8cdaed85612da5b12c386b43279b255914/
|
||||
* https://bazaar.abuse.ch/sample/0e956e8e2afee8a6ba335a2e7bcfda73afefef3fe64a21a1b115e5321ac83834/
|
||||
|
@ -399,6 +414,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/045a5dd1bdc6545c40d8d437b088d6358d13fa5bdebac6b0dd0ae25a4f3276d9/
|
||||
* https://bazaar.abuse.ch/sample/0458f3868f8d2de7057cf98c8a8c13c870293f8263e95c7189302ffdd2f4fecf/
|
||||
* https://bazaar.abuse.ch/sample/048654bb934efcab526e3bc82ea738f5a8395f2b5c31bc374ec34ae84fb22c6e/
|
||||
* https://bazaar.abuse.ch/sample/05c2195aa671d62b3b47ff42630db25f39453375de9cffa92fc4a67fa5b6493b/
|
||||
* https://bazaar.abuse.ch/sample/051fc99ae126193d3336a2539b566507f7fef112ca6c5738c404a9e56e3aeaff/
|
||||
* https://bazaar.abuse.ch/sample/0625cfca32ef97af71a4b4fed4942be195f4447dcf820bc90756ec4e097ae484/
|
||||
* https://bazaar.abuse.ch/sample/07afaa692f9b826c080cd9b1dc846bb8d6dc5404710241012f5c067d464692d3/
|
||||
|
@ -486,6 +502,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/8ad036d5f41579768454931925f1a273c98834a033507154f1db95f962dfd45e/
|
||||
* https://bazaar.abuse.ch/sample/8b3bcce39aee0df9fc37b2f009ecc2e9c570c665f632c576f7ae8c2f32a87a1d/
|
||||
* https://bazaar.abuse.ch/sample/8b99770a23cd1e75ccd0d33d3bd17f33c95f35e101b33f3f11d539571f8ce94a/
|
||||
* https://bazaar.abuse.ch/sample/8c744c2fea8dd76541d447997554d108d543261805d8f413b9a1b1293a65fb08/
|
||||
* https://bazaar.abuse.ch/sample/8c3057efae2cde8ec6748817e460e114af9379e63f3413609f3136567c1a7476/
|
||||
* https://bazaar.abuse.ch/sample/8ced69a3c6796be12a0433300b9935b4c63fe4817b0830e1965b07fffaa360df/
|
||||
* https://bazaar.abuse.ch/sample/8d49f4d62f32381186bb74d032803832867dc89aa8b9f039db8417da8f721a66/
|
||||
|
@ -520,6 +537,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/21ec49051d82d172f4077b541adef303b06cfea513c0e87e5b63694354ba4f9c/
|
||||
* https://bazaar.abuse.ch/sample/26c9ab8fc0a3fe6292881336b6d7393b9e83b5fdf2db876a16145baf84cf6e21/
|
||||
* https://bazaar.abuse.ch/sample/27c9474b8299b3b07e74c0c0f2fbcabb229e6be771f162d0ad4377282e6563ce/
|
||||
* https://bazaar.abuse.ch/sample/27e1d651db990e541da6a4721be1631c252b22b90b1566826c91e63460af08a4/
|
||||
* https://bazaar.abuse.ch/sample/29ceb3140cfb9c5816f0af8dd52d939e99455cb68c160e0b292ce9e49650fae6/
|
||||
* https://bazaar.abuse.ch/sample/30df399bde2bf189f04b5c1b3160a015763d9a35e92540a071669b69855dd495/
|
||||
* https://bazaar.abuse.ch/sample/34a78af77d1a2f1f5480dd329df09ea973e1423cc48c768fffb2374c340b5217/
|
||||
|
@ -528,6 +546,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/44b973071a7a8b22ab1a3defe1b2ec8028c39de957180e9a71e09b48c0d8a641/
|
||||
* https://bazaar.abuse.ch/sample/45e87ee0b025a7e4a783a6786564982e7735c8c50d0b3d84a3d5dd90ce735cfe/
|
||||
* https://bazaar.abuse.ch/sample/48d3bb7ee9b1c9f5cf62c4e4d72c51fed3564e4cec9909123f836981dfaf02a5/
|
||||
* https://bazaar.abuse.ch/sample/48d86eda6f7d893e3f90ee23d675b8bcd3fd6c23369d16514d0f1304de0237e0/
|
||||
* https://bazaar.abuse.ch/sample/52af020a20265e2f5c0f8d483ecf1599142eda108d6aae3b3faf17a9aed927ab/
|
||||
* https://bazaar.abuse.ch/sample/54b6c23d9bc5f44ceed5946ffc935a88488d30a848c75568b084b9c9287a3cb2/
|
||||
* https://bazaar.abuse.ch/sample/54cbb1c3b1836e762f5b2691728b806787e2345046be361b792a0ce81f894ccd/
|
||||
|
@ -587,6 +606,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/479a213e45cbdf1d7c2ce6d1fa124f334aac2ccd4111b530177cc6d887f9bc46/
|
||||
* https://bazaar.abuse.ch/sample/509f02b2a6543aab550e12f195272e0189d174ff931f72177126e295d2a96a7c/
|
||||
* https://bazaar.abuse.ch/sample/520beb909a622e4a50bcbae7a43194deda3478a4fe2c4e4c81d939761076e23f/
|
||||
* https://bazaar.abuse.ch/sample/565f27efbfaabc879f74e800abdb63f4ad46d49b654927a551a8a6cd17be5ac1/
|
||||
* https://bazaar.abuse.ch/sample/597fe94395dcd3432d4ddf6c26524a5554c8dbcc48573936203b48df42ef5e02/
|
||||
* https://bazaar.abuse.ch/sample/608e60e4a09dab9537b70b34a5497e8fd885449a8b3789d8f7412d29ea91387e/
|
||||
* https://bazaar.abuse.ch/sample/643f61fd7af19cc12fca0b1c5aeaee670a575ce6ed56540466deb760c2d20f5f/
|
||||
|
@ -661,6 +681,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/1383896f2ff5aeb8b5441ca84559cff12f36180140effe2c793c6cbc17cd7c11/
|
||||
* https://bazaar.abuse.ch/sample/3033956fcd540bc6d9f64fe4bce35b626deb627f7cc8394c19d1e3c07485ef61/
|
||||
* https://bazaar.abuse.ch/sample/8894823b84c7cde71ed40ade5752da9d7e24ef4cfc2079667a6db6343ce28ac0/
|
||||
* https://bazaar.abuse.ch/sample/9371353add3a0bdf8718f3857b94b2e2933b4ae7fe1e8b1056271c252d894666/
|
||||
* https://bazaar.abuse.ch/sample/9699022b7bd45a72cf29614bdd131400dbee0ab5d6a5c2e03ed1c13e7cf0eca0/
|
||||
* https://bazaar.abuse.ch/sample/30404171cc93acc7e757feee0945cacd68c31f041ef26c6b04b2a1b2b7cc655f/
|
||||
* https://bazaar.abuse.ch/sample/42170777c2f8740223e4491445e4da3455407c70d9e471028479403b2f9cd761/
|
||||
|
@ -693,6 +714,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/a77a1931d350c7ea71868bc6050276352ec91d322aebac8c8b2b68c95e8cfefd/
|
||||
* https://bazaar.abuse.ch/sample/a436d81ed1ad9b0b463982b6edd29a27dc53474dfdfbfa4c01815a1e12735a28/
|
||||
* https://bazaar.abuse.ch/sample/a618e4198691ffe18ae7ab2835e9a72907255fbe24917023ec17491fb3b00cd2/
|
||||
* https://bazaar.abuse.ch/sample/a716a71126549bf1d872da1f82a28c965678e833aa0470121d3144e7c33f715f/
|
||||
* https://bazaar.abuse.ch/sample/a779a194e7901ef59d91eef611fb4973560b399dfe4df6b6e64f07fd254d271a/
|
||||
* https://bazaar.abuse.ch/sample/a42171a6f32370b23364b70b7340474aa12e4b6e89d588b324d1c3b9ff8b2e1a/
|
||||
* https://bazaar.abuse.ch/sample/a61198f59a97cca6bece077d2f227f203d46b0e2d2998ed12343a0c743dd3a89/
|
||||
|
@ -714,6 +736,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/afcb71ef974b144b346c784c8e3c778ac5abe0217acb1c82352e6fda26e9bdbe/
|
||||
* https://bazaar.abuse.ch/sample/b0e1d8b8115f50b5e89ad950bb7f9d6df0c540c3eb8706656de8c3eb8992a690/
|
||||
* https://bazaar.abuse.ch/sample/b019743a2d8f648bbe2d91149e2b4d368ec619a279930421adc2ce6c50d8c098/
|
||||
* https://bazaar.abuse.ch/sample/b06b398feb7402b0dfe6173944da3413160c8608d60c89fa5311b65892135f5c/
|
||||
* https://bazaar.abuse.ch/sample/b07ef4c584528991957dfbc17e62984fe06a6ae8ab441062b3d6910bbedf36b5/
|
||||
* https://bazaar.abuse.ch/sample/b3b6795b16eee2bbf70101ce54f0a3623faca88d941402b110ee4b55964b2066/
|
||||
* https://bazaar.abuse.ch/sample/b3c03aa6149be60b83639ba25785b99cdc709d5a1e9c025e9b7a79f6553b8b22/
|
||||
|
@ -771,10 +794,12 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/c566df7033c0aafb582e41c0d9656f6292b5ee997ec4eaef85e752ba0722848f/
|
||||
* https://bazaar.abuse.ch/sample/c671d25e21e83929c1853e697f29b0e8ed3b69edc6add61d4d8b8bc2018afe14/
|
||||
* https://bazaar.abuse.ch/sample/c11663b07aa67c29c2ba5a8a52e66eef5c81b0b48ca949bfa83644d53d85ee89/
|
||||
* https://bazaar.abuse.ch/sample/c52613e3099f1cef0cd3bcdf1732504e56300c127fe150816bb30c845eeea620/
|
||||
* https://bazaar.abuse.ch/sample/c8888442d54e17743624d1f50395790864cda90a703be1d1a42fa65568c3da7b/
|
||||
* https://bazaar.abuse.ch/sample/ca0b1b8a0b420154b135f21acdc3612ad594ab31a56f0216979017514443c428/
|
||||
* https://bazaar.abuse.ch/sample/ca32420160b4ba9b029fdc12df95d54c10c2dd7d878265026a461125c6dba745/
|
||||
* https://bazaar.abuse.ch/sample/caf35ea9298dd671604af5920dccb89362fee4a67b24f8bfe73e12ceedc91504/
|
||||
* https://bazaar.abuse.ch/sample/cb9bb8d4b50cb8090ecf8af646e8b691a9c8cdd3dc0b40a217af4b84e08f7563/
|
||||
* https://bazaar.abuse.ch/sample/cc43f37f9eb41430bbfb6f1515b65c5fd2bc7b7565701c71aa65731fdf46c288/
|
||||
* https://bazaar.abuse.ch/sample/cd02a0b1cf45e920dcd91541eb6dd1e9bbf6cec30a83b5cc923707c376d9707a/
|
||||
* https://bazaar.abuse.ch/sample/cd6e2cb71c1bc0538a776949c74feb37c8b223f67eb5d373417fc75a8fae630c/
|
||||
|
@ -787,6 +812,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/cf9821c4c08a6d62cbe17ebc6c0d6ea40336c145e8e9369fe76505e1d3dc8674/
|
||||
* https://bazaar.abuse.ch/sample/d0de97d9f6773d634fe90c11579b13411bd07dbdb5faa9644f5edaba12d97856/
|
||||
* https://bazaar.abuse.ch/sample/d0fef87fd7e5a7214773deef4c445970147c88d5335867b552f9d4d22ef0231b/
|
||||
* https://bazaar.abuse.ch/sample/d02aff3e225944eb3733c89cf9cbe40cbaf64338e2d3f096d38f61217f82eeb8/
|
||||
* https://bazaar.abuse.ch/sample/d08f2d871a4e085bb7855f5d724129d789557c325962832df8a2ba18889b1b7e/
|
||||
* https://bazaar.abuse.ch/sample/d1eadc3e2bb987b3e3f83f9d0041ec5f729ef00c545c913f10d5e69e55593d75/
|
||||
* https://bazaar.abuse.ch/sample/d7d01ed2aca68c7c4bd345a7a0bf360c252464f3e6fc7751617981f3c33c152a/
|
||||
|
@ -856,6 +882,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/f793edc39acd601a04b7762adcd5c035c54e24f6f8d54a3bf6962fd4e2622de6/
|
||||
* https://bazaar.abuse.ch/sample/f5544a7ce384137ebd14a10f6d866326cc96bf504fdf1284312a5700f0e3ce45/
|
||||
* https://bazaar.abuse.ch/sample/f9927c127e880cdbe3ffd14df7c4a915b140886718b13a1785a3942d995f6920/
|
||||
* https://bazaar.abuse.ch/sample/f52211f91feb402172b2353d628d74922ec8233bffe21cb504634be39560adaf/
|
||||
* https://bazaar.abuse.ch/sample/f82670b20c35f03df591e65c3bf907fd268a9feaae5d1efc16d1adcc8ec4c8bd/
|
||||
* https://bazaar.abuse.ch/sample/f981350a49cb83f70435337518f3f822d38e4dfd9ed5f0743dea1598453eefe4/
|
||||
* https://bazaar.abuse.ch/sample/fa9e3e8282175677e1bf926361df6aa60510a6ba8d3d8857d9c9cd850d971d60/
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Aurora Stealer:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [AU](https://vuldb.com/?country.au)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
@ -94,9 +94,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -104,32 +105,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/login.php` | High
|
||||
2 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
3 | File | `/cas/logout` | Medium
|
||||
4 | File | `/film-rating.php` | High
|
||||
5 | File | `/index.php` | Medium
|
||||
6 | File | `/librarian/bookdetails.php` | High
|
||||
7 | File | `/mgmt/tm/util/bash` | High
|
||||
8 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
9 | File | `/secure/ViewCollectors` | High
|
||||
10 | File | `/Session` | Medium
|
||||
11 | File | `/student/bookdetails.php` | High
|
||||
12 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
13 | File | `account.asp` | Medium
|
||||
14 | File | `adclick.php` | Medium
|
||||
15 | File | `add_comment.php` | High
|
||||
16 | File | `admin.php` | Medium
|
||||
17 | File | `admin/establishment/manage.php` | High
|
||||
18 | File | `admin/inquiries/view_details.php` | High
|
||||
19 | File | `album_portal.php` | High
|
||||
20 | File | `announce.php` | Medium
|
||||
21 | File | `bb_usage_stats.php` | High
|
||||
22 | File | `category.cfm` | Medium
|
||||
23 | File | `category_list.php` | High
|
||||
24 | ... | ... | ...
|
||||
1 | File | `.cfm` | Low
|
||||
2 | File | `/admin/forgot-password.php` | High
|
||||
3 | File | `/admin/login.php` | High
|
||||
4 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
5 | File | `/cas/logout` | Medium
|
||||
6 | File | `/coreframe/app/member/admin/group.php` | High
|
||||
7 | File | `/film-rating.php` | High
|
||||
8 | File | `/index.php` | Medium
|
||||
9 | File | `/librarian/bookdetails.php` | High
|
||||
10 | File | `/mgmt/tm/util/bash` | High
|
||||
11 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
12 | File | `/modules/projects/vw_files.php` | High
|
||||
13 | File | `/school/model/get_events.php` | High
|
||||
14 | File | `/secure/ViewCollectors` | High
|
||||
15 | File | `/Session` | Medium
|
||||
16 | File | `/spacecom/login.php` | High
|
||||
17 | File | `/student/bookdetails.php` | High
|
||||
18 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
19 | File | `AbstractController.php` | High
|
||||
20 | File | `account.asp` | Medium
|
||||
21 | File | `adclick.php` | Medium
|
||||
22 | File | `addpost_newpoll.php` | High
|
||||
23 | File | `add_comment.php` | High
|
||||
24 | File | `admin.php` | Medium
|
||||
25 | File | `admin.remository.php` | High
|
||||
26 | File | `admin/establishment/manage.php` | High
|
||||
27 | File | `admin/inquiries/view_details.php` | High
|
||||
28 | File | `admin/news.php` | High
|
||||
29 | File | `admin/page.php` | High
|
||||
30 | File | `administrator/upload.php` | High
|
||||
31 | File | `Administrator/users.php` | High
|
||||
32 | File | `affich.php` | Medium
|
||||
33 | File | `album_portal.php` | High
|
||||
34 | File | `announce.php` | Medium
|
||||
35 | File | `archive.php` | Medium
|
||||
36 | File | `auth.inc.php` | Medium
|
||||
37 | File | `autor.php` | Medium
|
||||
38 | File | `b2archives.php` | High
|
||||
39 | File | `bbs/faq.php` | Medium
|
||||
40 | File | `bb_usage_stats.php` | High
|
||||
41 | File | `bl-kernel/ajax/upload-images.php` | High
|
||||
42 | File | `board.php` | Medium
|
||||
43 | File | `book.cfm` | Medium
|
||||
44 | File | `book.php` | Medium
|
||||
45 | File | `BookAction.class.php` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 203 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 397 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [WF](https://vuldb.com/?country.wf)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -37,12 +37,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -61,30 +62,31 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `/opac/Actions.php?a=login` | High
|
||||
10 | File | `/opt/tms/bin/cli` | High
|
||||
11 | File | `/out.php` | Medium
|
||||
12 | File | `/spip.php` | Medium
|
||||
13 | File | `/var/log/nginx` | High
|
||||
14 | File | `/wp-admin/admin-ajax.php` | High
|
||||
15 | File | `action.php` | Medium
|
||||
16 | File | `actions/beats_uploader.php` | High
|
||||
17 | File | `actions/vote_channel.php` | High
|
||||
18 | File | `ad.cgi` | Low
|
||||
19 | File | `adclick.php` | Medium
|
||||
20 | File | `Admin/ADM_Pagina.php` | High
|
||||
21 | File | `admin/article.php` | High
|
||||
22 | File | `admin/dashboard.php` | High
|
||||
23 | File | `Admin/edit-admin.php` | High
|
||||
24 | File | `admin/partials/ajax/add_field_to_form.php` | High
|
||||
25 | File | `admin/show.php?rec=update` | High
|
||||
26 | File | `album.asp` | Medium
|
||||
27 | File | `allmanageup.pl` | High
|
||||
28 | File | `allow/block` | Medium
|
||||
29 | File | `AlUpdate.exe` | Medium
|
||||
30 | File | `amadmin.pl` | Medium
|
||||
31 | File | `app/admin/controller/api/Update.php` | High
|
||||
32 | File | `ashmem.c` | Medium
|
||||
33 | ... | ... | ...
|
||||
12 | File | `/settings/account` | High
|
||||
13 | File | `/spip.php` | Medium
|
||||
14 | File | `/var/log/nginx` | High
|
||||
15 | File | `/wp-admin/admin-ajax.php` | High
|
||||
16 | File | `action.php` | Medium
|
||||
17 | File | `actions/beats_uploader.php` | High
|
||||
18 | File | `actions/vote_channel.php` | High
|
||||
19 | File | `ad.cgi` | Low
|
||||
20 | File | `adclick.php` | Medium
|
||||
21 | File | `admin/admin.php` | High
|
||||
22 | File | `Admin/ADM_Pagina.php` | High
|
||||
23 | File | `admin/article.php` | High
|
||||
24 | File | `admin/dashboard.php` | High
|
||||
25 | File | `Admin/edit-admin.php` | High
|
||||
26 | File | `admin/partials/ajax/add_field_to_form.php` | High
|
||||
27 | File | `admin/show.php?rec=update` | High
|
||||
28 | File | `album.asp` | Medium
|
||||
29 | File | `allmanageup.pl` | High
|
||||
30 | File | `allow/block` | Medium
|
||||
31 | File | `AlUpdate.exe` | Medium
|
||||
32 | File | `amadmin.pl` | Medium
|
||||
33 | File | `app/admin/controller/api/Update.php` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 277 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 294 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1150,7 +1150,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-36, CWE-37 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-36, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
|
@ -1174,61 +1174,61 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
8 | File | `/admin/maintenance/view_designation.php` | High
|
||||
9 | File | `/admin/products/manage_product.php` | High
|
||||
10 | File | `/admin/report/index.php` | High
|
||||
11 | File | `/admin/userprofile.php` | High
|
||||
12 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
13 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
14 | File | `/appliance/users?action=edit` | High
|
||||
15 | File | `/APR/login.php` | High
|
||||
16 | File | `/backup.pl` | Medium
|
||||
17 | File | `/bin/httpd` | Medium
|
||||
18 | File | `/cgi-bin/wapopen` | High
|
||||
19 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
20 | File | `/classes/Master.php?f=delete_service` | High
|
||||
21 | File | `/classes/Master.php?f=save_course` | High
|
||||
22 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
23 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
24 | File | `/edoc/doctor/patient.php` | High
|
||||
25 | File | `/feeds/post/publish` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
28 | File | `/fos/admin/index.php?page=menu` | High
|
||||
29 | File | `/home/masterConsole` | High
|
||||
30 | File | `/home/sendBroadcast` | High
|
||||
31 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
32 | File | `/inc/topBarNav.php` | High
|
||||
33 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
34 | File | `/index.php?page=category_list` | High
|
||||
35 | File | `/kelasdosen/data` | High
|
||||
36 | File | `/Moosikay/order.php` | High
|
||||
37 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
38 | File | `/opac/Actions.php?a=login` | High
|
||||
39 | File | `/osm/REGISTER.cmd` | High
|
||||
40 | File | `/out.php` | Medium
|
||||
41 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
42 | File | `/php-opos/index.php` | High
|
||||
43 | File | `/php-scrm/login.php` | High
|
||||
44 | File | `/PreviewHandler.ashx` | High
|
||||
45 | File | `/public/launchNewWindow.jsp` | High
|
||||
46 | File | `/reports/rwservlet` | High
|
||||
47 | File | `/reservation/add_message.php` | High
|
||||
48 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
49 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
50 | File | `/spip.php` | Medium
|
||||
51 | File | `/uncpath/` | Medium
|
||||
52 | File | `/user/updatePwd` | High
|
||||
53 | File | `/wireless/security.asp` | High
|
||||
54 | File | `/wp-admin/admin-ajax.php` | High
|
||||
55 | File | `01article.php` | High
|
||||
56 | File | `a-forms.php` | Medium
|
||||
57 | File | `action.php` | Medium
|
||||
58 | File | `activenews_view.asp` | High
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `admin.a6mambocredits.php` | High
|
||||
61 | File | `admin.cropcanvas.php` | High
|
||||
10 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
11 | File | `/admin/reg.php` | High
|
||||
12 | File | `/admin/report/index.php` | High
|
||||
13 | File | `/admin/userprofile.php` | High
|
||||
14 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
15 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
16 | File | `/appliance/users?action=edit` | High
|
||||
17 | File | `/APR/login.php` | High
|
||||
18 | File | `/backup.pl` | Medium
|
||||
19 | File | `/bin/httpd` | Medium
|
||||
20 | File | `/booking/show_bookings/` | High
|
||||
21 | File | `/cgi-bin/wapopen` | High
|
||||
22 | File | `/classes/Master.php?f=delete_service` | High
|
||||
23 | File | `/classes/Master.php?f=save_course` | High
|
||||
24 | File | `/dipam/athlete-profile.php` | High
|
||||
25 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
26 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
27 | File | `/edoc/doctor/patient.php` | High
|
||||
28 | File | `/feeds/post/publish` | High
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/h/` | Low
|
||||
31 | File | `/home/masterConsole` | High
|
||||
32 | File | `/home/sendBroadcast` | High
|
||||
33 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
34 | File | `/inc/topBarNav.php` | High
|
||||
35 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
36 | File | `/index.php?page=category_list` | High
|
||||
37 | File | `/jobinfo/` | Medium
|
||||
38 | File | `/kelasdosen/data` | High
|
||||
39 | File | `/Moosikay/order.php` | High
|
||||
40 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
41 | File | `/opac/Actions.php?a=login` | High
|
||||
42 | File | `/osm/REGISTER.cmd` | High
|
||||
43 | File | `/out.php` | Medium
|
||||
44 | File | `/paysystem/datatable.php` | High
|
||||
45 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
46 | File | `/php-opos/index.php` | High
|
||||
47 | File | `/php-scrm/login.php` | High
|
||||
48 | File | `/PreviewHandler.ashx` | High
|
||||
49 | File | `/public/launchNewWindow.jsp` | High
|
||||
50 | File | `/reservation/add_message.php` | High
|
||||
51 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
52 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
53 | File | `/send_order.cgi?parameter=restart` | High
|
||||
54 | File | `/spip.php` | Medium
|
||||
55 | File | `/student/bookdetails.php` | High
|
||||
56 | File | `/uncpath/` | Medium
|
||||
57 | File | `/uploads/exam_question/` | High
|
||||
58 | File | `/user/updatePwd` | High
|
||||
59 | File | `/var/lib/docker/<remapping>` | High
|
||||
60 | File | `/view-pass-detail.php` | High
|
||||
61 | File | `/wireless/security.asp` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 538 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 543 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -51,66 +51,69 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
28 | [24.152.37.45](https://vuldb.com/?ip.24.152.37.45) | 24-152-37-45.masterdaweb.com | - | High
|
||||
29 | [34.92.152.18](https://vuldb.com/?ip.34.92.152.18) | 18.152.92.34.bc.googleusercontent.com | - | Medium
|
||||
30 | [35.171.18.39](https://vuldb.com/?ip.35.171.18.39) | ec2-35-171-18-39.compute-1.amazonaws.com | - | Medium
|
||||
31 | [37.0.8.145](https://vuldb.com/?ip.37.0.8.145) | elliott.athinneru.com | - | High
|
||||
32 | [37.0.11.237](https://vuldb.com/?ip.37.0.11.237) | - | - | High
|
||||
33 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
|
||||
34 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
|
||||
35 | [37.0.14.201](https://vuldb.com/?ip.37.0.14.201) | - | - | High
|
||||
36 | [37.0.14.202](https://vuldb.com/?ip.37.0.14.202) | - | - | High
|
||||
37 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
|
||||
38 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
|
||||
39 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
|
||||
40 | [37.0.14.208](https://vuldb.com/?ip.37.0.14.208) | - | - | High
|
||||
41 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
|
||||
42 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
|
||||
43 | [37.0.14.212](https://vuldb.com/?ip.37.0.14.212) | - | - | High
|
||||
44 | [37.0.14.215](https://vuldb.com/?ip.37.0.14.215) | - | - | High
|
||||
45 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
|
||||
46 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
|
||||
47 | [37.120.206.69](https://vuldb.com/?ip.37.120.206.69) | - | - | High
|
||||
48 | [37.139.129.47](https://vuldb.com/?ip.37.139.129.47) | - | - | High
|
||||
49 | [37.139.129.100](https://vuldb.com/?ip.37.139.129.100) | - | - | High
|
||||
50 | [37.187.222.230](https://vuldb.com/?ip.37.187.222.230) | ip230.ip-37-187-222.eu | - | High
|
||||
51 | [37.220.87.3](https://vuldb.com/?ip.37.220.87.3) | ipn-37-220-87-3.artem-catv.ru | - | High
|
||||
52 | [38.117.65.122](https://vuldb.com/?ip.38.117.65.122) | 38-117-65-122.static-ip.ravand.ca | - | High
|
||||
53 | [38.132.114.178](https://vuldb.com/?ip.38.132.114.178) | - | - | High
|
||||
54 | [41.185.97.216](https://vuldb.com/?ip.41.185.97.216) | - | - | High
|
||||
55 | [41.216.183.52](https://vuldb.com/?ip.41.216.183.52) | - | - | High
|
||||
56 | [45.12.253.22](https://vuldb.com/?ip.45.12.253.22) | - | - | High
|
||||
57 | [45.12.253.146](https://vuldb.com/?ip.45.12.253.146) | - | - | High
|
||||
58 | [45.12.253.202](https://vuldb.com/?ip.45.12.253.202) | - | - | High
|
||||
59 | [45.59.119.153](https://vuldb.com/?ip.45.59.119.153) | - | - | High
|
||||
60 | [45.59.119.212](https://vuldb.com/?ip.45.59.119.212) | - | - | High
|
||||
61 | [45.61.128.246](https://vuldb.com/?ip.45.61.128.246) | - | - | High
|
||||
62 | [45.66.230.108](https://vuldb.com/?ip.45.66.230.108) | - | - | High
|
||||
63 | [45.72.96.199](https://vuldb.com/?ip.45.72.96.199) | - | - | High
|
||||
64 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
|
||||
65 | [45.81.39.89](https://vuldb.com/?ip.45.81.39.89) | - | - | High
|
||||
66 | [45.81.150.32](https://vuldb.com/?ip.45.81.150.32) | - | - | High
|
||||
67 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
|
||||
68 | [45.87.61.139](https://vuldb.com/?ip.45.87.61.139) | - | - | High
|
||||
69 | [45.87.62.181](https://vuldb.com/?ip.45.87.62.181) | - | - | High
|
||||
70 | [45.87.63.121](https://vuldb.com/?ip.45.87.63.121) | - | - | High
|
||||
71 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
|
||||
72 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
|
||||
73 | [45.88.67.72](https://vuldb.com/?ip.45.88.67.72) | - | - | High
|
||||
74 | [45.88.67.103](https://vuldb.com/?ip.45.88.67.103) | - | - | High
|
||||
75 | [45.88.67.145](https://vuldb.com/?ip.45.88.67.145) | - | - | High
|
||||
76 | [45.90.222.97](https://vuldb.com/?ip.45.90.222.97) | 45-90-222-97-hostedby.bcr.host | - | High
|
||||
77 | [45.127.101.18](https://vuldb.com/?ip.45.127.101.18) | - | - | High
|
||||
78 | [45.132.106.37](https://vuldb.com/?ip.45.132.106.37) | vm4440858.34ssd.had.wf | - | High
|
||||
79 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
|
||||
80 | [45.135.164.194](https://vuldb.com/?ip.45.135.164.194) | ibera.togeteheran.com | - | High
|
||||
81 | [45.137.22.35](https://vuldb.com/?ip.45.137.22.35) | hosted-by.rootlayer.net | - | High
|
||||
82 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
|
||||
83 | [45.137.22.79](https://vuldb.com/?ip.45.137.22.79) | hosted-by.rootlayer.net | - | High
|
||||
84 | [45.137.22.143](https://vuldb.com/?ip.45.137.22.143) | hosted-by.rootlayer.net | - | High
|
||||
85 | [45.137.65.132](https://vuldb.com/?ip.45.137.65.132) | vm4266462.34ssd.had.wf | - | High
|
||||
86 | [45.137.65.229](https://vuldb.com/?ip.45.137.65.229) | vm4437484.25ssd.had.wf | - | High
|
||||
87 | [45.137.116.170](https://vuldb.com/?ip.45.137.116.170) | vps-zap970417-5.zap-srv.com | - | High
|
||||
88 | ... | ... | ... | ...
|
||||
31 | [35.181.21.143](https://vuldb.com/?ip.35.181.21.143) | ec2-35-181-21-143.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
32 | [37.0.8.145](https://vuldb.com/?ip.37.0.8.145) | elliott.athinneru.com | - | High
|
||||
33 | [37.0.11.237](https://vuldb.com/?ip.37.0.11.237) | - | - | High
|
||||
34 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
|
||||
35 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
|
||||
36 | [37.0.14.201](https://vuldb.com/?ip.37.0.14.201) | - | - | High
|
||||
37 | [37.0.14.202](https://vuldb.com/?ip.37.0.14.202) | - | - | High
|
||||
38 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
|
||||
39 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
|
||||
40 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
|
||||
41 | [37.0.14.208](https://vuldb.com/?ip.37.0.14.208) | - | - | High
|
||||
42 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
|
||||
43 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
|
||||
44 | [37.0.14.212](https://vuldb.com/?ip.37.0.14.212) | - | - | High
|
||||
45 | [37.0.14.215](https://vuldb.com/?ip.37.0.14.215) | - | - | High
|
||||
46 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
|
||||
47 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
|
||||
48 | [37.120.206.69](https://vuldb.com/?ip.37.120.206.69) | - | - | High
|
||||
49 | [37.139.129.47](https://vuldb.com/?ip.37.139.129.47) | - | - | High
|
||||
50 | [37.139.129.100](https://vuldb.com/?ip.37.139.129.100) | - | - | High
|
||||
51 | [37.187.222.230](https://vuldb.com/?ip.37.187.222.230) | ip230.ip-37-187-222.eu | - | High
|
||||
52 | [37.220.87.3](https://vuldb.com/?ip.37.220.87.3) | ipn-37-220-87-3.artem-catv.ru | - | High
|
||||
53 | [38.117.65.122](https://vuldb.com/?ip.38.117.65.122) | 38-117-65-122.static-ip.ravand.ca | - | High
|
||||
54 | [38.132.114.178](https://vuldb.com/?ip.38.132.114.178) | - | - | High
|
||||
55 | [41.185.97.216](https://vuldb.com/?ip.41.185.97.216) | - | - | High
|
||||
56 | [41.216.183.52](https://vuldb.com/?ip.41.216.183.52) | - | - | High
|
||||
57 | [45.8.146.20](https://vuldb.com/?ip.45.8.146.20) | vm1480953.stark-industries.solutions | - | High
|
||||
58 | [45.12.253.22](https://vuldb.com/?ip.45.12.253.22) | - | - | High
|
||||
59 | [45.12.253.146](https://vuldb.com/?ip.45.12.253.146) | - | - | High
|
||||
60 | [45.12.253.202](https://vuldb.com/?ip.45.12.253.202) | - | - | High
|
||||
61 | [45.59.119.153](https://vuldb.com/?ip.45.59.119.153) | - | - | High
|
||||
62 | [45.59.119.212](https://vuldb.com/?ip.45.59.119.212) | - | - | High
|
||||
63 | [45.61.128.246](https://vuldb.com/?ip.45.61.128.246) | - | - | High
|
||||
64 | [45.66.230.108](https://vuldb.com/?ip.45.66.230.108) | - | - | High
|
||||
65 | [45.72.96.199](https://vuldb.com/?ip.45.72.96.199) | - | - | High
|
||||
66 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
|
||||
67 | [45.81.39.33](https://vuldb.com/?ip.45.81.39.33) | - | - | High
|
||||
68 | [45.81.39.55](https://vuldb.com/?ip.45.81.39.55) | - | - | High
|
||||
69 | [45.81.39.89](https://vuldb.com/?ip.45.81.39.89) | - | - | High
|
||||
70 | [45.81.150.32](https://vuldb.com/?ip.45.81.150.32) | - | - | High
|
||||
71 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
|
||||
72 | [45.87.61.139](https://vuldb.com/?ip.45.87.61.139) | - | - | High
|
||||
73 | [45.87.62.181](https://vuldb.com/?ip.45.87.62.181) | - | - | High
|
||||
74 | [45.87.63.121](https://vuldb.com/?ip.45.87.63.121) | - | - | High
|
||||
75 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
|
||||
76 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
|
||||
77 | [45.88.67.72](https://vuldb.com/?ip.45.88.67.72) | - | - | High
|
||||
78 | [45.88.67.103](https://vuldb.com/?ip.45.88.67.103) | - | - | High
|
||||
79 | [45.88.67.145](https://vuldb.com/?ip.45.88.67.145) | - | - | High
|
||||
80 | [45.90.222.97](https://vuldb.com/?ip.45.90.222.97) | 45-90-222-97-hostedby.bcr.host | - | High
|
||||
81 | [45.127.101.18](https://vuldb.com/?ip.45.127.101.18) | - | - | High
|
||||
82 | [45.132.106.37](https://vuldb.com/?ip.45.132.106.37) | vm4440858.34ssd.had.wf | - | High
|
||||
83 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
|
||||
84 | [45.135.164.194](https://vuldb.com/?ip.45.135.164.194) | ibera.togeteheran.com | - | High
|
||||
85 | [45.137.22.35](https://vuldb.com/?ip.45.137.22.35) | hosted-by.rootlayer.net | - | High
|
||||
86 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
|
||||
87 | [45.137.22.79](https://vuldb.com/?ip.45.137.22.79) | hosted-by.rootlayer.net | - | High
|
||||
88 | [45.137.22.143](https://vuldb.com/?ip.45.137.22.143) | hosted-by.rootlayer.net | - | High
|
||||
89 | [45.137.65.132](https://vuldb.com/?ip.45.137.65.132) | vm4266462.34ssd.had.wf | - | High
|
||||
90 | [45.137.65.229](https://vuldb.com/?ip.45.137.65.229) | vm4437484.25ssd.had.wf | - | High
|
||||
91 | ... | ... | ... | ...
|
||||
|
||||
There are 346 more IOC items available. Please use our online service to access the data.
|
||||
There are 359 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -136,65 +139,59 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin/?page=product/manage_product&id=2` | High
|
||||
3 | File | `/admin/casedetails.php` | High
|
||||
4 | File | `/admin/index2.html` | High
|
||||
4 | File | `/admin/del_feedback.php` | High
|
||||
5 | File | `/admin/maintenance/brand.php` | High
|
||||
6 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
7 | File | `/admin/positions_add.php` | High
|
||||
8 | File | `/admin/user/manage_user.php` | High
|
||||
9 | File | `/admin/userprofile.php` | High
|
||||
10 | File | `/admin/voters_row.php` | High
|
||||
11 | File | `/ad_js.php` | Medium
|
||||
12 | File | `/agc/vicidial.php` | High
|
||||
7 | File | `/admin/modal_add_product.php` | High
|
||||
8 | File | `/admin/positions_add.php` | High
|
||||
9 | File | `/admin/user/manage_user.php` | High
|
||||
10 | File | `/admin/userprofile.php` | High
|
||||
11 | File | `/admin/voters_row.php` | High
|
||||
12 | File | `/ad_js.php` | Medium
|
||||
13 | File | `/ajax.php?action=save_company` | High
|
||||
14 | File | `/ajax.php?action=save_user` | High
|
||||
15 | File | `/ajax/myshop` | Medium
|
||||
16 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||||
17 | File | `/api/gen/clients/{language}` | High
|
||||
18 | File | `/APR/signup.php` | High
|
||||
19 | File | `/authenticationendpoint/login.do` | High
|
||||
20 | File | `/aux` | Low
|
||||
21 | File | `/backup.pl` | Medium
|
||||
22 | File | `/cas/logout` | Medium
|
||||
23 | File | `/categorypage.php` | High
|
||||
24 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
25 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
26 | File | `/cha.php` | Medium
|
||||
27 | File | `/College/admin/teacher.php` | High
|
||||
28 | File | `/contactform/contactform.php` | High
|
||||
29 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
30 | File | `/dayrui/Fcms/View/system_log.html` | High
|
||||
31 | File | `/dcim/rack-roles/` | High
|
||||
32 | File | `/drivers/block/floppy.c` | High
|
||||
33 | File | `/DXR.axd` | Medium
|
||||
34 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
35 | File | `/etc/shadow` | Medium
|
||||
36 | File | `/forum/away.php` | High
|
||||
37 | File | `/fos/admin/ajax.php` | High
|
||||
38 | File | `/goform/aspForm` | High
|
||||
39 | File | `/goform/WifiGuestSet` | High
|
||||
40 | File | `/inc/topBarNav.php` | High
|
||||
41 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
|
||||
42 | File | `/kelas/data` | Medium
|
||||
43 | File | `/kelasdosen/data` | High
|
||||
44 | File | `/modules/projects/vw_files.php` | High
|
||||
45 | File | `/Moosikay/order.php` | High
|
||||
46 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
47 | File | `/nasm/nasm-parse.c` | High
|
||||
48 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
49 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
50 | File | `/owa/auth/logon.aspx` | High
|
||||
51 | File | `/paysystem/branch.php` | High
|
||||
52 | File | `/paysystem/datatable.php` | High
|
||||
53 | File | `/philosophy/admin/login.php` | High
|
||||
54 | File | `/php-opos/login.php` | High
|
||||
55 | File | `/priv_mgt.html` | High
|
||||
56 | File | `/resources//../` | High
|
||||
57 | File | `/see_more_details.php` | High
|
||||
58 | File | `/services/indexing/preview` | High
|
||||
59 | File | `/Taier/API/tenant/listTenant` | High
|
||||
60 | ... | ... | ...
|
||||
17 | File | `/api/baskets/{name}` | High
|
||||
18 | File | `/api/gen/clients/{language}` | High
|
||||
19 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
20 | File | `/APR/signup.php` | High
|
||||
21 | File | `/authenticationendpoint/login.do` | High
|
||||
22 | File | `/aux` | Low
|
||||
23 | File | `/backup.pl` | Medium
|
||||
24 | File | `/cas/logout` | Medium
|
||||
25 | File | `/category.php` | High
|
||||
26 | File | `/categorypage.php` | High
|
||||
27 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
28 | File | `/cha.php` | Medium
|
||||
29 | File | `/chaincity/user/ticket/create` | High
|
||||
30 | File | `/College/admin/teacher.php` | High
|
||||
31 | File | `/contactform/contactform.php` | High
|
||||
32 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
33 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
34 | File | `/dayrui/Fcms/View/system_log.html` | High
|
||||
35 | File | `/dcim/rack-roles/` | High
|
||||
36 | File | `/drivers/block/floppy.c` | High
|
||||
37 | File | `/DXR.axd` | Medium
|
||||
38 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
39 | File | `/ecommerce/support_ticket` | High
|
||||
40 | File | `/etc/shadow` | Medium
|
||||
41 | File | `/forum/away.php` | High
|
||||
42 | File | `/fos/admin/ajax.php` | High
|
||||
43 | File | `/friends/ajax_invite` | High
|
||||
44 | File | `/goform/aspForm` | High
|
||||
45 | File | `/goform/WifiGuestSet` | High
|
||||
46 | File | `/home/filter_listings` | High
|
||||
47 | File | `/inc/topBarNav.php` | High
|
||||
48 | File | `/index.php` | Medium
|
||||
49 | File | `/index.php/client/message/message_read/xxxxxxxx[random-msg-hash]` | High
|
||||
50 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
51 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
|
||||
52 | File | `/items/search` | High
|
||||
53 | File | `/kelas/data` | Medium
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 522 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 473 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,14 +23,16 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
|
||||
2 | [23.106.124.148](https://vuldb.com/?ip.23.106.124.148) | - | - | High
|
||||
3 | [37.140.192.153](https://vuldb.com/?ip.37.140.192.153) | scp59.hosting.reg.ru | - | High
|
||||
4 | [37.140.192.166](https://vuldb.com/?ip.37.140.192.166) | scp46.hosting.reg.ru | - | High
|
||||
5 | [45.76.18.39](https://vuldb.com/?ip.45.76.18.39) | 45.76.18.39.vultrusercontent.com | - | High
|
||||
6 | [45.139.236.14](https://vuldb.com/?ip.45.139.236.14) | - | - | High
|
||||
7 | [66.151.174.10](https://vuldb.com/?ip.66.151.174.10) | da1.hosteons.com | - | High
|
||||
8 | ... | ... | ... | ...
|
||||
3 | [23.221.227.176](https://vuldb.com/?ip.23.221.227.176) | a23-221-227-176.deploy.static.akamaitechnologies.com | - | High
|
||||
4 | [34.117.59.81](https://vuldb.com/?ip.34.117.59.81) | 81.59.117.34.bc.googleusercontent.com | - | Medium
|
||||
5 | [37.140.192.153](https://vuldb.com/?ip.37.140.192.153) | scp59.hosting.reg.ru | - | High
|
||||
6 | [37.140.192.166](https://vuldb.com/?ip.37.140.192.166) | scp46.hosting.reg.ru | - | High
|
||||
7 | [45.76.18.39](https://vuldb.com/?ip.45.76.18.39) | 45.76.18.39.vultrusercontent.com | - | High
|
||||
8 | [45.139.236.14](https://vuldb.com/?ip.45.139.236.14) | - | - | High
|
||||
9 | [45.140.147.214](https://vuldb.com/?ip.45.140.147.214) | vm1329418.stark-industries.solutions | - | High
|
||||
10 | ... | ... | ... | ...
|
||||
|
||||
There are 29 more IOC items available. Please use our online service to access the data.
|
||||
There are 38 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -45,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -54,39 +56,64 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/deluser.php` | High
|
||||
3 | File | `/administration/theme.php` | High
|
||||
4 | File | `/auparse/auparse.c` | High
|
||||
5 | File | `/aux` | Low
|
||||
6 | File | `/BindAccount/SuccessTips.js` | High
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/goform/QuickIndex` | High
|
||||
9 | File | `/goform/setMacFilterCfg` | High
|
||||
10 | File | `/goform/WifiBasicSet` | High
|
||||
11 | File | `/home/httpd/cgi-bin/cgi.cgi` | High
|
||||
12 | File | `/login.html` | Medium
|
||||
13 | File | `/medical/inventories.php` | High
|
||||
14 | File | `/pages.php` | Medium
|
||||
15 | File | `/pages/save_user.php` | High
|
||||
16 | File | `/patient/doctors.php` | High
|
||||
17 | File | `/rom-0` | Low
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/usr/local/psa/admin/sbin/wrapper` | High
|
||||
20 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
21 | File | `/vloggers_merch/classes/Master.php?f=delete_order` | High
|
||||
22 | File | `abm.aspx` | Medium
|
||||
23 | File | `actions/ChangeConfiguration.html` | High
|
||||
24 | ... | ... | ...
|
||||
2 | File | `/admin/ajax.php` | High
|
||||
3 | File | `/admin/ajax.php?action=save_window` | High
|
||||
4 | File | `/admin/article.php` | High
|
||||
5 | File | `/admin/countrymanagement.php` | High
|
||||
6 | File | `/admin/deluser.php` | High
|
||||
7 | File | `/admin/transactions/track_shipment.php` | High
|
||||
8 | File | `/admin/user/manage_user.php` | High
|
||||
9 | File | `/administration/theme.php` | High
|
||||
10 | File | `/ajax-files/postComment.php` | High
|
||||
11 | File | `/auparse/auparse.c` | High
|
||||
12 | File | `/aux` | Low
|
||||
13 | File | `/BindAccount/SuccessTips.js` | High
|
||||
14 | File | `/categorypage.php` | High
|
||||
15 | File | `/classes/Master.php` | High
|
||||
16 | File | `/config/list` | Medium
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/goform/QuickIndex` | High
|
||||
19 | File | `/goform/setMacFilterCfg` | High
|
||||
20 | File | `/goform/WifiBasicSet` | High
|
||||
21 | File | `/home.php` | Medium
|
||||
22 | File | `/home/httpd/cgi-bin/cgi.cgi` | High
|
||||
23 | File | `/list_temp_photo_pin_upload.php` | High
|
||||
24 | File | `/login.html` | Medium
|
||||
25 | File | `/login.php` | Medium
|
||||
26 | File | `/medical/inventories.php` | High
|
||||
27 | File | `/news-portal-script/information.php` | High
|
||||
28 | File | `/pages.php` | Medium
|
||||
29 | File | `/pages/save_user.php` | High
|
||||
30 | File | `/patient/doctors.php` | High
|
||||
31 | File | `/print.php` | Medium
|
||||
32 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
33 | File | `/rom-0` | Low
|
||||
34 | File | `/searchpin.php` | High
|
||||
35 | File | `/services/Card/findUser` | High
|
||||
36 | File | `/showfile.php` | High
|
||||
37 | File | `/show_group_members.php` | High
|
||||
38 | File | `/timeline2.php` | High
|
||||
39 | File | `/uncpath/` | Medium
|
||||
40 | File | `/usr/local/psa/admin/sbin/wrapper` | High
|
||||
41 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
42 | File | `/vloggers_merch/classes/Master.php?f=delete_order` | High
|
||||
43 | File | `/whbs/?page=manage_account` | High
|
||||
44 | File | `abm.aspx` | Medium
|
||||
45 | File | `actions/ChangeConfiguration.html` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 200 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 401 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://1275.ru/ioc/308/gs-031-azorult-stealer-iocs/
|
||||
* https://bazaar.abuse.ch/sample/7897cbf57b2a25446cedc1995c9950478a2c371c99ef87a0c82c7544742925f8/
|
||||
* https://bazaar.abuse.ch/sample/c157531bb4d14cd35fc3ffe2a62fdd292f8e16566c663dcfbf083d75c4a94773/
|
||||
* https://blog.cyble.com/2021/10/26/a-deep-dive-analysis-of-azorult-stealer/
|
||||
* https://blog.talosintelligence.com/2020/01/threat-roundup-0117-0124.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0630-0707-2/
|
||||
* https://cert.gov.ua/article/2806
|
||||
* https://isc.sans.edu/forums/diary/More+malspam+pushing+passwordprotected+Word+docs+for+AZORult+and+Hermes+Ransomware/23992/
|
||||
* https://threatfox.abuse.ch
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LU](https://vuldb.com/?country.lu)
|
||||
* ...
|
||||
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -41,14 +41,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-36 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -57,65 +57,70 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin` | Low
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
4 | File | `/admin/addproduct.php` | High
|
||||
5 | File | `/admin/attendance_row.php` | High
|
||||
6 | File | `/admin/bookings/manage_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_booking.php` | High
|
||||
8 | File | `/admin/bookings/view_details.php` | High
|
||||
9 | File | `/admin/budget/manage_budget.php` | High
|
||||
10 | File | `/admin/cashadvance_row.php` | High
|
||||
11 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
12 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
13 | File | `/admin/deduction_row.php` | High
|
||||
14 | File | `/admin/departments/view_department.php` | High
|
||||
15 | File | `/admin/edit_subject.php` | High
|
||||
16 | File | `/admin/employee_row.php` | High
|
||||
17 | File | `/admin/index.php` | High
|
||||
18 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
19 | File | `/admin/login.php` | High
|
||||
20 | File | `/admin/maintenance/brand.php` | High
|
||||
21 | File | `/admin/maintenance/manage_category.php` | High
|
||||
22 | File | `/admin/maintenance/view_designation.php` | High
|
||||
23 | File | `/admin/manage_academic.php` | High
|
||||
24 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
25 | File | `/admin/modal_add_product.php` | High
|
||||
26 | File | `/admin/offenses/view_details.php` | High
|
||||
27 | File | `/admin/orders/update_status.php` | High
|
||||
28 | File | `/admin/product/manage.php` | High
|
||||
29 | File | `/admin/products/manage_product.php` | High
|
||||
30 | File | `/admin/products/view_product.php` | High
|
||||
31 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
32 | File | `/admin/report/index.php` | High
|
||||
33 | File | `/admin/reportupload.aspx` | High
|
||||
34 | File | `/admin/sales/manage_sale.php` | High
|
||||
35 | File | `/admin/service.php` | High
|
||||
36 | File | `/admin/services/manage_service.php` | High
|
||||
37 | File | `/admin/services/view_service.php` | High
|
||||
38 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
39 | File | `/admin/transactions/track_shipment.php` | High
|
||||
40 | File | `/admin/update_s6.php` | High
|
||||
41 | File | `/admin/user/manage_user.php` | High
|
||||
42 | File | `/admin/userprofile.php` | High
|
||||
43 | File | `/ajax.php?action=read_msg` | High
|
||||
44 | File | `/ajax.php?action=save_company` | High
|
||||
45 | File | `/api/gen/clients/{language}` | High
|
||||
46 | File | `/api/stl/actions/search` | High
|
||||
47 | File | `/api/v2/cli/commands` | High
|
||||
48 | File | `/articles/{id}` | High
|
||||
49 | File | `/boafrm/formFilter` | High
|
||||
50 | File | `/boafrm/formHomeWlanSetup` | High
|
||||
51 | File | `/cgi-bin` | Medium
|
||||
52 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
53 | File | `/cgi-bin/ping.cgi` | High
|
||||
54 | File | `/cgi-bin/touchlist_sync.cgi` | High
|
||||
55 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
56 | File | `/changeimage.php` | High
|
||||
57 | File | `/classes/Login.php` | High
|
||||
58 | ... | ... | ...
|
||||
5 | File | `/admin/bookings/manage_booking.php` | High
|
||||
6 | File | `/admin/bookings/view_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_details.php` | High
|
||||
8 | File | `/admin/budget/manage_budget.php` | High
|
||||
9 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
10 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
11 | File | `/admin/departments/view_department.php` | High
|
||||
12 | File | `/admin/edit_subject.php` | High
|
||||
13 | File | `/admin/index.php` | High
|
||||
14 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
15 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
16 | File | `/admin/modal_add_product.php` | High
|
||||
17 | File | `/admin/project/update/2` | High
|
||||
18 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
19 | File | `/admin/reg.php` | High
|
||||
20 | File | `/admin/reportupload.aspx` | High
|
||||
21 | File | `/admin/service.php` | High
|
||||
22 | File | `/admin/services/view_service.php` | High
|
||||
23 | File | `/admin/sys_sql_query.php` | High
|
||||
24 | File | `/admin/test_status.php` | High
|
||||
25 | File | `/admin/update_s6.php` | High
|
||||
26 | File | `/admin/user/manage_user.php` | High
|
||||
27 | File | `/admin/vote_edit.php` | High
|
||||
28 | File | `/ajax.php?action=read_msg` | High
|
||||
29 | File | `/ajax.php?action=save_company` | High
|
||||
30 | File | `/api/stl/actions/search` | High
|
||||
31 | File | `/api/v2/cli/commands` | High
|
||||
32 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
33 | File | `/author_posts.php` | High
|
||||
34 | File | `/bin/ate` | Medium
|
||||
35 | File | `/bin/sh` | Low
|
||||
36 | File | `/blog` | Low
|
||||
37 | File | `/blog-single.php` | High
|
||||
38 | File | `/boafrm/formFilter` | High
|
||||
39 | File | `/boafrm/formHomeWlanSetup` | High
|
||||
40 | File | `/booking/show_bookings/` | High
|
||||
41 | File | `/cgi-bin` | Medium
|
||||
42 | File | `/cgi-bin/ping.cgi` | High
|
||||
43 | File | `/change-language/de_DE` | High
|
||||
44 | File | `/changeimage.php` | High
|
||||
45 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
46 | File | `/classes/Master.php?f=delete_item` | High
|
||||
47 | File | `/classes/Master.php?f=delete_service` | High
|
||||
48 | File | `/classes/Master.php?f=save_course` | High
|
||||
49 | File | `/classes/Master.php?f=save_inquiry` | High
|
||||
50 | File | `/classes/Master.php?f=save_item` | High
|
||||
51 | File | `/classes/Users.php?f=save` | High
|
||||
52 | File | `/company/store` | High
|
||||
53 | File | `/config` | Low
|
||||
54 | File | `/contact.php` | Medium
|
||||
55 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
56 | File | `/dcim/rack/` | Medium
|
||||
57 | File | `/dipam/save-delegates.php` | High
|
||||
58 | File | `/dosen/data` | Medium
|
||||
59 | File | `/Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx` | High
|
||||
60 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
61 | File | `/ecommerce/support_ticket` | High
|
||||
62 | File | `/EditEventTypes.php` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 510 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 556 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -47,8 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
7 | ... | ... | ... | ...
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -59,52 +58,52 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/administrator/components/table_manager/` | High
|
||||
3 | File | `/ajax.php?action=read_msg` | High
|
||||
4 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
5 | File | `/api/gen/clients/{language}` | High
|
||||
6 | File | `/app/options.py` | High
|
||||
7 | File | `/bin/httpd` | Medium
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
9 | File | `/ci_spms/admin/category` | High
|
||||
10 | File | `/ci_spms/admin/search/searching/` | High
|
||||
11 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
12 | File | `/classes/Master.php?f=delete_train` | High
|
||||
13 | File | `/cms/print.php` | High
|
||||
14 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
15 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
16 | File | `/ctcprotocol/Protocol` | High
|
||||
17 | File | `/dashboard/menu-list.php` | High
|
||||
18 | File | `/data/remove` | Medium
|
||||
19 | File | `/ebics-server/ebics.aspx` | High
|
||||
20 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
21 | File | `/filemanager/upload/drop` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goforms/rlminfo` | High
|
||||
24 | File | `/HNAP1` | Low
|
||||
25 | File | `/HNAP1/SetClientInfo` | High
|
||||
26 | File | `/index.php/newsletter/subscriber/new/` | High
|
||||
27 | File | `/Items/*/RemoteImages/Download` | High
|
||||
28 | File | `/menu.html` | Medium
|
||||
29 | File | `/mkshop/Men/profile.php` | High
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/navigate/navigate_download.php` | High
|
||||
32 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
33 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/password.html` | High
|
||||
36 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
37 | File | `/property-list/property_view.php` | High
|
||||
38 | File | `/ptms/classes/Users.php` | High
|
||||
39 | File | `/resources//../` | High
|
||||
40 | File | `/rest/api/2/search` | High
|
||||
41 | File | `/s/` | Low
|
||||
42 | File | `/scripts/cpan_config` | High
|
||||
43 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/administrator/components/table_manager/` | High
|
||||
4 | File | `/ajax.php?action=read_msg` | High
|
||||
5 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
6 | File | `/api/gen/clients/{language}` | High
|
||||
7 | File | `/app/options.py` | High
|
||||
8 | File | `/bin/httpd` | Medium
|
||||
9 | File | `/cgi-bin/wapopen` | High
|
||||
10 | File | `/ci_spms/admin/category` | High
|
||||
11 | File | `/ci_spms/admin/search/searching/` | High
|
||||
12 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
13 | File | `/classes/Master.php?f=delete_train` | High
|
||||
14 | File | `/cms/print.php` | High
|
||||
15 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
16 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
17 | File | `/ctcprotocol/Protocol` | High
|
||||
18 | File | `/dashboard/menu-list.php` | High
|
||||
19 | File | `/data/remove` | Medium
|
||||
20 | File | `/ebics-server/ebics.aspx` | High
|
||||
21 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
22 | File | `/filemanager/upload/drop` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goforms/rlminfo` | High
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/HNAP1/SetClientInfo` | High
|
||||
27 | File | `/index.php/newsletter/subscriber/new/` | High
|
||||
28 | File | `/Items/*/RemoteImages/Download` | High
|
||||
29 | File | `/menu.html` | Medium
|
||||
30 | File | `/mkshop/Men/profile.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/navigate/navigate_download.php` | High
|
||||
33 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
34 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/password.html` | High
|
||||
37 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
38 | File | `/property-list/property_view.php` | High
|
||||
39 | File | `/ptms/classes/Users.php` | High
|
||||
40 | File | `/resources//../` | High
|
||||
41 | File | `/rest/api/2/search` | High
|
||||
42 | File | `/s/` | Low
|
||||
43 | File | `/scripts/cpan_config` | High
|
||||
44 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 387 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 389 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -86,23 +86,23 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `/classes/Master.php?f=save_course` | High
|
||||
17 | File | `/demo/module/?module=HERE` | High
|
||||
18 | File | `/download/set.cgi` | High
|
||||
19 | File | `/dvcset/sysset/set.cgi` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/goform/SysToolReboot` | High
|
||||
22 | File | `/goform/WifiExtraSet` | High
|
||||
23 | File | `/inc/topBarNav.php` | High
|
||||
24 | File | `/index.php?m=admin&c=custom&a=plugindelhandle` | High
|
||||
25 | File | `/mkshop/Men/profile.php` | High
|
||||
26 | File | `/mngset/authset` | High
|
||||
27 | File | `/mobile/downloadfile.aspx` | High
|
||||
28 | File | `/net/nfc/netlink.c` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
30 | File | `/outgoing.php` | High
|
||||
31 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
32 | File | `/presale/join` | High
|
||||
19 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
20 | File | `/dvcset/sysset/set.cgi` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/SysToolReboot` | High
|
||||
23 | File | `/goform/WifiExtraSet` | High
|
||||
24 | File | `/inc/topBarNav.php` | High
|
||||
25 | File | `/index.php?m=admin&c=custom&a=plugindelhandle` | High
|
||||
26 | File | `/mkshop/Men/profile.php` | High
|
||||
27 | File | `/mngset/authset` | High
|
||||
28 | File | `/mobile/downloadfile.aspx` | High
|
||||
29 | File | `/net/nfc/netlink.c` | High
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/outgoing.php` | High
|
||||
32 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -18,33 +18,35 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.8.88.198](https://vuldb.com/?ip.5.8.88.198) | - | - | High
|
||||
2 | [5.45.73.87](https://vuldb.com/?ip.5.45.73.87) | - | - | High
|
||||
3 | [5.188.60.7](https://vuldb.com/?ip.5.188.60.7) | - | - | High
|
||||
4 | [5.188.60.18](https://vuldb.com/?ip.5.188.60.18) | - | - | High
|
||||
5 | [5.188.60.24](https://vuldb.com/?ip.5.188.60.24) | - | - | High
|
||||
6 | [5.188.60.30](https://vuldb.com/?ip.5.188.60.30) | - | - | High
|
||||
7 | [5.188.60.54](https://vuldb.com/?ip.5.188.60.54) | - | - | High
|
||||
8 | [5.188.60.68](https://vuldb.com/?ip.5.188.60.68) | - | - | High
|
||||
9 | [5.188.60.74](https://vuldb.com/?ip.5.188.60.74) | - | - | High
|
||||
10 | [5.188.60.101](https://vuldb.com/?ip.5.188.60.101) | - | - | High
|
||||
11 | [5.188.60.115](https://vuldb.com/?ip.5.188.60.115) | - | - | High
|
||||
12 | [5.188.60.206](https://vuldb.com/?ip.5.188.60.206) | - | - | High
|
||||
13 | [5.188.231.96](https://vuldb.com/?ip.5.188.231.96) | - | - | High
|
||||
14 | [5.188.231.210](https://vuldb.com/?ip.5.188.231.210) | - | - | High
|
||||
15 | [18.207.217.146](https://vuldb.com/?ip.18.207.217.146) | ec2-18-207-217-146.compute-1.amazonaws.com | - | Medium
|
||||
16 | [18.221.49.166](https://vuldb.com/?ip.18.221.49.166) | ec2-18-221-49-166.us-east-2.compute.amazonaws.com | - | Medium
|
||||
17 | [23.19.58.101](https://vuldb.com/?ip.23.19.58.101) | - | - | High
|
||||
18 | [23.95.95.61](https://vuldb.com/?ip.23.95.95.61) | 23-95-95-61-host.colocrossing.com | - | High
|
||||
19 | [23.254.217.112](https://vuldb.com/?ip.23.254.217.112) | hwsrv-930282.hostwindsdns.com | - | High
|
||||
20 | [23.254.225.240](https://vuldb.com/?ip.23.254.225.240) | sha29.phpautomailer.com | - | High
|
||||
21 | [45.64.186.10](https://vuldb.com/?ip.45.64.186.10) | 45-64-186-10.static.bangmod-idc.com | - | High
|
||||
22 | [45.77.252.143](https://vuldb.com/?ip.45.77.252.143) | 45.77.252.143.vultr.com | - | Medium
|
||||
23 | [46.30.42.130](https://vuldb.com/?ip.46.30.42.130) | assetshub.com | - | High
|
||||
24 | [46.249.62.196](https://vuldb.com/?ip.46.249.62.196) | - | - | High
|
||||
25 | ... | ... | ... | ...
|
||||
1 | [1.23.82.72](https://vuldb.com/?ip.1.23.82.72) | - | - | High
|
||||
2 | [2.2.82.64](https://vuldb.com/?ip.2.2.82.64) | - | - | High
|
||||
3 | [2.12.51.56](https://vuldb.com/?ip.2.12.51.56) | arennes-655-1-148-56.w2-12.abo.wanadoo.fr | - | High
|
||||
4 | [3.95.29.25](https://vuldb.com/?ip.3.95.29.25) | ec2-3-95-29-25.compute-1.amazonaws.com | - | Medium
|
||||
5 | [4.96.46.65](https://vuldb.com/?ip.4.96.46.65) | - | - | High
|
||||
6 | [5.8.88.198](https://vuldb.com/?ip.5.8.88.198) | - | - | High
|
||||
7 | [5.45.73.87](https://vuldb.com/?ip.5.45.73.87) | - | - | High
|
||||
8 | [5.188.60.7](https://vuldb.com/?ip.5.188.60.7) | - | - | High
|
||||
9 | [5.188.60.18](https://vuldb.com/?ip.5.188.60.18) | - | - | High
|
||||
10 | [5.188.60.24](https://vuldb.com/?ip.5.188.60.24) | - | - | High
|
||||
11 | [5.188.60.30](https://vuldb.com/?ip.5.188.60.30) | - | - | High
|
||||
12 | [5.188.60.54](https://vuldb.com/?ip.5.188.60.54) | - | - | High
|
||||
13 | [5.188.60.68](https://vuldb.com/?ip.5.188.60.68) | - | - | High
|
||||
14 | [5.188.60.74](https://vuldb.com/?ip.5.188.60.74) | - | - | High
|
||||
15 | [5.188.60.101](https://vuldb.com/?ip.5.188.60.101) | - | - | High
|
||||
16 | [5.188.60.115](https://vuldb.com/?ip.5.188.60.115) | - | - | High
|
||||
17 | [5.188.60.206](https://vuldb.com/?ip.5.188.60.206) | - | - | High
|
||||
18 | [5.188.231.96](https://vuldb.com/?ip.5.188.231.96) | - | - | High
|
||||
19 | [5.188.231.210](https://vuldb.com/?ip.5.188.231.210) | - | - | High
|
||||
20 | [18.207.217.146](https://vuldb.com/?ip.18.207.217.146) | ec2-18-207-217-146.compute-1.amazonaws.com | - | Medium
|
||||
21 | [18.221.49.166](https://vuldb.com/?ip.18.221.49.166) | ec2-18-221-49-166.us-east-2.compute.amazonaws.com | - | Medium
|
||||
22 | [19.2.45.3](https://vuldb.com/?ip.19.2.45.3) | - | - | High
|
||||
23 | [21.15.46.55](https://vuldb.com/?ip.21.15.46.55) | - | - | High
|
||||
24 | [23.19.58.101](https://vuldb.com/?ip.23.19.58.101) | - | - | High
|
||||
25 | [23.95.95.61](https://vuldb.com/?ip.23.95.95.61) | 23-95-95-61-host.colocrossing.com | - | High
|
||||
26 | [23.254.217.112](https://vuldb.com/?ip.23.254.217.112) | hwsrv-930282.hostwindsdns.com | - | High
|
||||
27 | ... | ... | ... | ...
|
||||
|
||||
There are 97 more IOC items available. Please use our online service to access the data.
|
||||
There are 103 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -53,12 +55,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -91,10 +93,9 @@ ID | Type | Indicator | Confidence
|
|||
23 | File | `/user/loader.php?api=1` | High
|
||||
24 | File | `/var/log/nginx` | High
|
||||
25 | File | `/var/run/watchman.pid` | High
|
||||
26 | File | `/viewer/krpano.html` | High
|
||||
27 | ... | ... | ...
|
||||
26 | ... | ... | ...
|
||||
|
||||
There are 224 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [ME](https://vuldb.com/?country.me)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
@ -68,7 +68,7 @@ ID | Type | Indicator | Confidence
|
|||
16 | File | `cgi-bin/jc.cgi` | High
|
||||
17 | ... | ... | ...
|
||||
|
||||
There are 137 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 138 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -61,15 +61,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/as/authorization.oauth2` | High
|
||||
2 | File | `/Forms/WLAN_General_1` | High
|
||||
3 | File | `/html/portal/flash.jsp` | High
|
||||
4 | File | `/index.php` | Medium
|
||||
5 | File | `/lua/set-passwd.lua` | High
|
||||
6 | File | `/oauth/authorize` | High
|
||||
7 | ... | ... | ...
|
||||
1 | File | `/api/baskets/{name}` | High
|
||||
2 | File | `/as/authorization.oauth2` | High
|
||||
3 | File | `/Forms/WLAN_General_1` | High
|
||||
4 | File | `/html/portal/flash.jsp` | High
|
||||
5 | File | `/index.php` | Medium
|
||||
6 | File | `/lua/set-passwd.lua` | High
|
||||
7 | File | `/oauth/authorize` | High
|
||||
8 | ... | ... | ...
|
||||
|
||||
There are 52 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 53 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -75,46 +75,46 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/tmp/adb.log` | Medium
|
||||
13 | File | `/usr/bin/cu` | Medium
|
||||
14 | File | `/var/crash/vmcore.log` | High
|
||||
15 | File | `aclient.exe` | Medium
|
||||
16 | File | `admin` | Low
|
||||
17 | File | `admin.php` | Medium
|
||||
18 | File | `admin.rssreader.php` | High
|
||||
19 | File | `admin/batch_manager_unit.php` | High
|
||||
20 | File | `admin/configuration/modifier.php` | High
|
||||
21 | File | `admin/skins.php` | High
|
||||
22 | File | `admin/system_manage/save.html` | High
|
||||
23 | File | `admin/system_manage/user_config_add.html` | High
|
||||
24 | File | `adminconsole` | Medium
|
||||
25 | File | `administrator/mail/download.cfm` | High
|
||||
26 | File | `admin_board.php` | High
|
||||
27 | File | `af_netlink.c` | Medium
|
||||
28 | File | `ajax.php` | Medium
|
||||
29 | File | `ajaxRequest/methodCall.do` | High
|
||||
30 | File | `announcements.php` | High
|
||||
31 | File | `apache2/modsecurity.c` | High
|
||||
32 | File | `apply.cgi` | Medium
|
||||
33 | File | `app_new.php` | Medium
|
||||
34 | File | `aspx` | Low
|
||||
35 | File | `AttachmentsList.aspx` | High
|
||||
36 | File | `Atx45.ocx` | Medium
|
||||
37 | File | `auction_details.php` | High
|
||||
38 | File | `auth-gss2.c` | Medium
|
||||
39 | File | `auth.php` | Medium
|
||||
40 | File | `aut_verifica.inc.php` | High
|
||||
41 | File | `awsguest.php` | Medium
|
||||
42 | File | `b2edit.showposts.php` | High
|
||||
43 | File | `backend.php/screen.php/comment.php` | High
|
||||
44 | File | `basicfunctions.php` | High
|
||||
45 | File | `board.cgi` | Medium
|
||||
46 | File | `bug_actiongroup_ext_page.php` | High
|
||||
47 | File | `canned_opr.php` | High
|
||||
48 | File | `cart.cgi` | Medium
|
||||
49 | File | `cat.asp` | Low
|
||||
50 | File | `cddbcontrolaol.cddbaolcontrol` | High
|
||||
51 | File | `channel.asp` | Medium
|
||||
15 | File | `/_next` | Low
|
||||
16 | File | `aclient.exe` | Medium
|
||||
17 | File | `admin` | Low
|
||||
18 | File | `admin.php` | Medium
|
||||
19 | File | `admin.rssreader.php` | High
|
||||
20 | File | `admin/batch_manager_unit.php` | High
|
||||
21 | File | `admin/configuration/modifier.php` | High
|
||||
22 | File | `admin/skins.php` | High
|
||||
23 | File | `admin/system_manage/save.html` | High
|
||||
24 | File | `admin/system_manage/user_config_add.html` | High
|
||||
25 | File | `adminconsole` | Medium
|
||||
26 | File | `administrator/mail/download.cfm` | High
|
||||
27 | File | `admin_board.php` | High
|
||||
28 | File | `af_netlink.c` | Medium
|
||||
29 | File | `ajax.php` | Medium
|
||||
30 | File | `ajaxRequest/methodCall.do` | High
|
||||
31 | File | `announcements.php` | High
|
||||
32 | File | `apache2/modsecurity.c` | High
|
||||
33 | File | `apply.cgi` | Medium
|
||||
34 | File | `app_new.php` | Medium
|
||||
35 | File | `aspx` | Low
|
||||
36 | File | `AttachmentsList.aspx` | High
|
||||
37 | File | `Atx45.ocx` | Medium
|
||||
38 | File | `auction_details.php` | High
|
||||
39 | File | `auth-gss2.c` | Medium
|
||||
40 | File | `auth.php` | Medium
|
||||
41 | File | `aut_verifica.inc.php` | High
|
||||
42 | File | `awsguest.php` | Medium
|
||||
43 | File | `b2edit.showposts.php` | High
|
||||
44 | File | `backend.php/screen.php/comment.php` | High
|
||||
45 | File | `basicfunctions.php` | High
|
||||
46 | File | `board.cgi` | Medium
|
||||
47 | File | `bug_actiongroup_ext_page.php` | High
|
||||
48 | File | `canned_opr.php` | High
|
||||
49 | File | `cart.cgi` | Medium
|
||||
50 | File | `cat.asp` | Low
|
||||
51 | File | `cddbcontrolaol.cddbaolcontrol` | High
|
||||
52 | ... | ... | ...
|
||||
|
||||
There are 453 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 452 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -33,143 +33,147 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
10 | [5.154.181.68](https://vuldb.com/?ip.5.154.181.68) | 667477-vds-nisik737.gmhost.pp.ua | - | High
|
||||
11 | [5.181.80.13](https://vuldb.com/?ip.5.181.80.13) | - | - | High
|
||||
12 | [5.181.80.18](https://vuldb.com/?ip.5.181.80.18) | innovproduct.com | - | High
|
||||
13 | [5.181.80.119](https://vuldb.com/?ip.5.181.80.119) | rate-lead.cheapjerseysbrewers.com | - | High
|
||||
14 | [5.181.80.188](https://vuldb.com/?ip.5.181.80.188) | lewis.autoshowvolvo.com | - | High
|
||||
15 | [5.181.159.19](https://vuldb.com/?ip.5.181.159.19) | 5-181-159-19.mivocloud.com | - | High
|
||||
16 | [5.181.159.128](https://vuldb.com/?ip.5.181.159.128) | no-rdns.mivocloud.com | - | High
|
||||
17 | [5.182.210.145](https://vuldb.com/?ip.5.182.210.145) | - | - | High
|
||||
18 | [5.188.6.139](https://vuldb.com/?ip.5.188.6.139) | roy9.ren.example.com | - | High
|
||||
19 | [5.189.141.159](https://vuldb.com/?ip.5.189.141.159) | vmi1293024.contaboserver.net | - | High
|
||||
20 | [5.199.169.12](https://vuldb.com/?ip.5.199.169.12) | - | - | High
|
||||
21 | [5.199.169.21](https://vuldb.com/?ip.5.199.169.21) | - | - | High
|
||||
22 | [5.206.227.11](https://vuldb.com/?ip.5.206.227.11) | - | - | High
|
||||
23 | [5.206.227.77](https://vuldb.com/?ip.5.206.227.77) | neptun | - | High
|
||||
24 | [5.206.227.132](https://vuldb.com/?ip.5.206.227.132) | ioweytqwd.423.com | - | High
|
||||
25 | [5.249.162.136](https://vuldb.com/?ip.5.249.162.136) | - | - | High
|
||||
26 | [5.252.199.138](https://vuldb.com/?ip.5.252.199.138) | - | - | High
|
||||
27 | [5.255.98.75](https://vuldb.com/?ip.5.255.98.75) | - | - | High
|
||||
28 | [5.255.101.135](https://vuldb.com/?ip.5.255.101.135) | - | - | High
|
||||
29 | [13.250.126.74](https://vuldb.com/?ip.13.250.126.74) | ec2-13-250-126-74.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
30 | [15.204.49.165](https://vuldb.com/?ip.15.204.49.165) | ip165.ip-15-204-49.us | - | High
|
||||
31 | [15.235.131.10](https://vuldb.com/?ip.15.235.131.10) | ip10.ip-15-235-131.net | - | High
|
||||
32 | [20.25.153.134](https://vuldb.com/?ip.20.25.153.134) | - | - | High
|
||||
33 | [20.63.103.150](https://vuldb.com/?ip.20.63.103.150) | - | - | High
|
||||
34 | [23.88.113.7](https://vuldb.com/?ip.23.88.113.7) | static.7.113.88.23.clients.your-server.de | - | High
|
||||
35 | [23.94.7.153](https://vuldb.com/?ip.23.94.7.153) | ac13.xxmails.com | - | High
|
||||
36 | [23.94.7.197](https://vuldb.com/?ip.23.94.7.197) | 23-94-7-197-host.colocrossing.com | - | High
|
||||
37 | [23.94.22.112](https://vuldb.com/?ip.23.94.22.112) | 23-94-22-112-host.colocrossing.com | - | High
|
||||
38 | [23.94.24.109](https://vuldb.com/?ip.23.94.24.109) | 23-94-24-109-host.colocrossing.com | - | High
|
||||
39 | [23.94.26.138](https://vuldb.com/?ip.23.94.26.138) | 23-94-26-138-host.colocrossing.com | - | High
|
||||
40 | [23.94.27.204](https://vuldb.com/?ip.23.94.27.204) | 23-94-27-204-host.colocrossing.com | - | High
|
||||
41 | [23.94.36.134](https://vuldb.com/?ip.23.94.36.134) | 23-94-36-134-host.colocrossing.com | - | High
|
||||
42 | [23.94.77.150](https://vuldb.com/?ip.23.94.77.150) | 23-94-77-150-host.colocrossing.com | - | High
|
||||
43 | [23.94.138.109](https://vuldb.com/?ip.23.94.138.109) | 23-94-138-109-host.colocrossing.com | - | High
|
||||
44 | [23.94.182.29](https://vuldb.com/?ip.23.94.182.29) | 23-94-182-29-host.colocrossing.com | - | High
|
||||
45 | [23.94.190.149](https://vuldb.com/?ip.23.94.190.149) | 23-94-190-149-host.colocrossing.com | - | High
|
||||
46 | [23.94.245.9](https://vuldb.com/?ip.23.94.245.9) | 23-94-245-9-host.colocrossing.com | - | High
|
||||
47 | [23.95.9.231](https://vuldb.com/?ip.23.95.9.231) | 23-95-9-231-host.colocrossing.com | - | High
|
||||
48 | [23.95.213.111](https://vuldb.com/?ip.23.95.213.111) | 23-95-213-111-host.colocrossing.com | - | High
|
||||
49 | [23.95.222.185](https://vuldb.com/?ip.23.95.222.185) | - | - | High
|
||||
50 | [23.95.226.100](https://vuldb.com/?ip.23.95.226.100) | 100-226-tizess.hornbe.sbs | - | High
|
||||
51 | [23.95.230.108](https://vuldb.com/?ip.23.95.230.108) | 108-230-kharoshthi.conessf.cloud | - | High
|
||||
52 | [23.160.192.157](https://vuldb.com/?ip.23.160.192.157) | unknown.ip-xfer.net | - | High
|
||||
53 | [23.160.193.38](https://vuldb.com/?ip.23.160.193.38) | unknown.ip-xfer.net | - | High
|
||||
54 | [23.160.193.99](https://vuldb.com/?ip.23.160.193.99) | unknown.ip-xfer.net | - | High
|
||||
55 | [23.160.193.123](https://vuldb.com/?ip.23.160.193.123) | unknown.ip-xfer.net | - | High
|
||||
56 | [23.224.189.182](https://vuldb.com/?ip.23.224.189.182) | - | - | High
|
||||
57 | [23.225.14.201](https://vuldb.com/?ip.23.225.14.201) | - | - | High
|
||||
58 | [23.225.14.209](https://vuldb.com/?ip.23.225.14.209) | - | - | High
|
||||
59 | [23.227.146.106](https://vuldb.com/?ip.23.227.146.106) | - | - | High
|
||||
60 | [23.227.184.194](https://vuldb.com/?ip.23.227.184.194) | glad.allrico.in | - | High
|
||||
61 | [31.7.62.22](https://vuldb.com/?ip.31.7.62.22) | amaz0nprime.club | - | High
|
||||
62 | [31.42.186.52](https://vuldb.com/?ip.31.42.186.52) | remaintaintinue.com | - | High
|
||||
63 | [31.42.186.77](https://vuldb.com/?ip.31.42.186.77) | itay.org.uk | - | High
|
||||
64 | [31.210.20.60](https://vuldb.com/?ip.31.210.20.60) | - | - | High
|
||||
65 | [31.214.243.29](https://vuldb.com/?ip.31.214.243.29) | - | - | High
|
||||
66 | [31.214.243.99](https://vuldb.com/?ip.31.214.243.99) | - | - | High
|
||||
67 | [31.220.51.145](https://vuldb.com/?ip.31.220.51.145) | - | - | High
|
||||
68 | [31.222.202.229](https://vuldb.com/?ip.31.222.202.229) | - | - | High
|
||||
69 | [34.127.55.77](https://vuldb.com/?ip.34.127.55.77) | 77.55.127.34.bc.googleusercontent.com | - | Medium
|
||||
70 | [35.204.65.246](https://vuldb.com/?ip.35.204.65.246) | 246.65.204.35.bc.googleusercontent.com | - | Medium
|
||||
71 | [37.0.10.182](https://vuldb.com/?ip.37.0.10.182) | - | - | High
|
||||
72 | [37.0.10.210](https://vuldb.com/?ip.37.0.10.210) | - | - | High
|
||||
73 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
|
||||
74 | [37.44.238.172](https://vuldb.com/?ip.37.44.238.172) | ssd2-1227.9023 | - | High
|
||||
75 | [37.44.238.182](https://vuldb.com/?ip.37.44.238.182) | ssd1-2031.9321 | - | High
|
||||
76 | [37.44.238.191](https://vuldb.com/?ip.37.44.238.191) | - | - | High
|
||||
77 | [37.44.238.234](https://vuldb.com/?ip.37.44.238.234) | - | - | High
|
||||
78 | [37.49.229.52](https://vuldb.com/?ip.37.49.229.52) | - | - | High
|
||||
79 | [37.49.230.83](https://vuldb.com/?ip.37.49.230.83) | - | - | High
|
||||
80 | [37.49.230.122](https://vuldb.com/?ip.37.49.230.122) | - | - | High
|
||||
81 | [37.221.65.77](https://vuldb.com/?ip.37.221.65.77) | vivid | - | High
|
||||
82 | [37.221.65.228](https://vuldb.com/?ip.37.221.65.228) | cenmiesteamul1989 | - | High
|
||||
83 | [37.221.92.202](https://vuldb.com/?ip.37.221.92.202) | static-202-37.bulletvm.io | - | High
|
||||
84 | [38.48.123.55](https://vuldb.com/?ip.38.48.123.55) | - | - | High
|
||||
85 | [41.216.182.17](https://vuldb.com/?ip.41.216.182.17) | - | - | High
|
||||
86 | [41.216.182.42](https://vuldb.com/?ip.41.216.182.42) | - | - | High
|
||||
87 | [41.216.182.131](https://vuldb.com/?ip.41.216.182.131) | - | - | High
|
||||
88 | [41.216.182.140](https://vuldb.com/?ip.41.216.182.140) | - | - | High
|
||||
89 | [41.216.182.144](https://vuldb.com/?ip.41.216.182.144) | - | - | High
|
||||
90 | [41.216.182.203](https://vuldb.com/?ip.41.216.182.203) | - | - | High
|
||||
91 | [41.216.182.214](https://vuldb.com/?ip.41.216.182.214) | - | - | High
|
||||
92 | [43.153.37.45](https://vuldb.com/?ip.43.153.37.45) | - | - | High
|
||||
93 | [45.9.168.102](https://vuldb.com/?ip.45.9.168.102) | - | - | High
|
||||
94 | [45.11.181.37](https://vuldb.com/?ip.45.11.181.37) | - | - | High
|
||||
95 | [45.14.226.72](https://vuldb.com/?ip.45.14.226.72) | hml03.pugginesl.info | - | High
|
||||
96 | [45.32.202.111](https://vuldb.com/?ip.45.32.202.111) | 45.32.202.111.vultrusercontent.com | - | High
|
||||
97 | [45.33.63.122](https://vuldb.com/?ip.45.33.63.122) | 45-33-63-122.ip.linodeusercontent.com | - | High
|
||||
98 | [45.56.96.91](https://vuldb.com/?ip.45.56.96.91) | 45-56-96-91.ip.linodeusercontent.com | - | High
|
||||
99 | [45.61.144.146](https://vuldb.com/?ip.45.61.144.146) | - | - | High
|
||||
100 | [45.61.186.4](https://vuldb.com/?ip.45.61.186.4) | - | - | High
|
||||
101 | [45.61.187.108](https://vuldb.com/?ip.45.61.187.108) | sayonara.hp | - | High
|
||||
102 | [45.61.188.118](https://vuldb.com/?ip.45.61.188.118) | ms2.hostwithlove.com | - | High
|
||||
103 | [45.61.188.150](https://vuldb.com/?ip.45.61.188.150) | - | - | High
|
||||
104 | [45.61.188.220](https://vuldb.com/?ip.45.61.188.220) | - | - | High
|
||||
105 | [45.66.230.173](https://vuldb.com/?ip.45.66.230.173) | - | - | High
|
||||
106 | [45.76.253.113](https://vuldb.com/?ip.45.76.253.113) | 45.76.253.113.vultrusercontent.com | - | High
|
||||
107 | [45.77.46.118](https://vuldb.com/?ip.45.77.46.118) | 8.8.8.8.google.com | - | High
|
||||
108 | [45.79.127.90](https://vuldb.com/?ip.45.79.127.90) | 45-79-127-90.ip.linodeusercontent.com | - | High
|
||||
109 | [45.79.207.123](https://vuldb.com/?ip.45.79.207.123) | se1.izlae.com | - | High
|
||||
110 | [45.81.39.172](https://vuldb.com/?ip.45.81.39.172) | - | - | High
|
||||
111 | [45.81.234.229](https://vuldb.com/?ip.45.81.234.229) | 45.81.234.229.mc-host24.de | - | High
|
||||
112 | [45.85.90.172](https://vuldb.com/?ip.45.85.90.172) | lanenap.sa.com | - | High
|
||||
113 | [45.88.66.177](https://vuldb.com/?ip.45.88.66.177) | - | - | High
|
||||
114 | [45.90.14.172](https://vuldb.com/?ip.45.90.14.172) | chivalrous.acquiretm.com | - | High
|
||||
115 | [45.90.160.173](https://vuldb.com/?ip.45.90.160.173) | - | - | High
|
||||
116 | [45.90.161.73](https://vuldb.com/?ip.45.90.161.73) | - | - | High
|
||||
117 | [45.90.161.92](https://vuldb.com/?ip.45.90.161.92) | - | - | High
|
||||
118 | [45.90.162.184](https://vuldb.com/?ip.45.90.162.184) | - | - | High
|
||||
119 | [45.95.55.54](https://vuldb.com/?ip.45.95.55.54) | flyhosting.de | - | High
|
||||
120 | [45.95.55.232](https://vuldb.com/?ip.45.95.55.232) | flyhosting.de | - | High
|
||||
121 | [45.95.169.115](https://vuldb.com/?ip.45.95.169.115) | - | - | High
|
||||
122 | [45.95.169.119](https://vuldb.com/?ip.45.95.169.119) | 0mrn.hitoritabifans.com | - | High
|
||||
123 | [45.95.169.133](https://vuldb.com/?ip.45.95.169.133) | - | - | High
|
||||
124 | [45.124.84.253](https://vuldb.com/?ip.45.124.84.253) | sv-84253.bkns.vn | - | High
|
||||
125 | [45.128.153.154](https://vuldb.com/?ip.45.128.153.154) | - | - | High
|
||||
126 | [45.128.232.144](https://vuldb.com/?ip.45.128.232.144) | 144.232.128.45.pfcloud.io | - | High
|
||||
127 | [45.128.232.180](https://vuldb.com/?ip.45.128.232.180) | - | - | High
|
||||
128 | [45.128.234.72](https://vuldb.com/?ip.45.128.234.72) | - | - | High
|
||||
129 | [45.132.88.184](https://vuldb.com/?ip.45.132.88.184) | 45.132.88.184.mc-host24.de | - | High
|
||||
130 | [45.134.10.88](https://vuldb.com/?ip.45.134.10.88) | hosted-by.infraly.co | - | High
|
||||
131 | [45.134.11.110](https://vuldb.com/?ip.45.134.11.110) | mail.knowallthings.com | - | High
|
||||
132 | [45.137.206.188](https://vuldb.com/?ip.45.137.206.188) | hosted-by.varixx.org | - | High
|
||||
133 | [45.140.188.33](https://vuldb.com/?ip.45.140.188.33) | hosted-by.royalehosting.net | - | High
|
||||
134 | [45.140.188.40](https://vuldb.com/?ip.45.140.188.40) | minrow.populatively.com | - | High
|
||||
135 | [45.140.188.109](https://vuldb.com/?ip.45.140.188.109) | hosted-by.royalehosting.net | - | High
|
||||
136 | [45.141.239.114](https://vuldb.com/?ip.45.141.239.114) | - | - | High
|
||||
137 | [45.142.107.167](https://vuldb.com/?ip.45.142.107.167) | tube-hosting.com | - | High
|
||||
138 | [45.144.29.99](https://vuldb.com/?ip.45.144.29.99) | vm467374.stark-industries.solutions | - | High
|
||||
139 | [45.144.179.23](https://vuldb.com/?ip.45.144.179.23) | zhaibingyeshishabi.xyz | - | High
|
||||
140 | [45.145.226.64](https://vuldb.com/?ip.45.145.226.64) | - | - | High
|
||||
141 | [45.148.10.76](https://vuldb.com/?ip.45.148.10.76) | - | - | High
|
||||
142 | [45.148.10.243](https://vuldb.com/?ip.45.148.10.243) | - | - | High
|
||||
143 | [45.148.120.80](https://vuldb.com/?ip.45.148.120.80) | - | - | High
|
||||
144 | [45.148.120.171](https://vuldb.com/?ip.45.148.120.171) | - | - | High
|
||||
145 | [45.148.120.226](https://vuldb.com/?ip.45.148.120.226) | 45-148-120-226.hosted-by.phanes.cloud | - | High
|
||||
146 | [45.148.121.228](https://vuldb.com/?ip.45.148.121.228) | - | - | High
|
||||
147 | ... | ... | ... | ...
|
||||
13 | [5.181.80.102](https://vuldb.com/?ip.5.181.80.102) | ip-80-102-bullethost.net | - | High
|
||||
14 | [5.181.80.119](https://vuldb.com/?ip.5.181.80.119) | rate-lead.cheapjerseysbrewers.com | - | High
|
||||
15 | [5.181.80.141](https://vuldb.com/?ip.5.181.80.141) | ip-80-141-bullethost.net | - | High
|
||||
16 | [5.181.80.188](https://vuldb.com/?ip.5.181.80.188) | lewis.autoshowvolvo.com | - | High
|
||||
17 | [5.181.159.19](https://vuldb.com/?ip.5.181.159.19) | 5-181-159-19.mivocloud.com | - | High
|
||||
18 | [5.181.159.128](https://vuldb.com/?ip.5.181.159.128) | no-rdns.mivocloud.com | - | High
|
||||
19 | [5.182.210.145](https://vuldb.com/?ip.5.182.210.145) | - | - | High
|
||||
20 | [5.188.6.139](https://vuldb.com/?ip.5.188.6.139) | roy9.ren.example.com | - | High
|
||||
21 | [5.189.141.159](https://vuldb.com/?ip.5.189.141.159) | vmi1293024.contaboserver.net | - | High
|
||||
22 | [5.199.169.12](https://vuldb.com/?ip.5.199.169.12) | - | - | High
|
||||
23 | [5.199.169.21](https://vuldb.com/?ip.5.199.169.21) | - | - | High
|
||||
24 | [5.206.227.11](https://vuldb.com/?ip.5.206.227.11) | - | - | High
|
||||
25 | [5.206.227.77](https://vuldb.com/?ip.5.206.227.77) | neptun | - | High
|
||||
26 | [5.206.227.132](https://vuldb.com/?ip.5.206.227.132) | ioweytqwd.423.com | - | High
|
||||
27 | [5.249.161.98](https://vuldb.com/?ip.5.249.161.98) | vps-zap1110372-1.zap-srv.com | - | High
|
||||
28 | [5.249.162.136](https://vuldb.com/?ip.5.249.162.136) | - | - | High
|
||||
29 | [5.252.199.138](https://vuldb.com/?ip.5.252.199.138) | - | - | High
|
||||
30 | [5.255.98.75](https://vuldb.com/?ip.5.255.98.75) | - | - | High
|
||||
31 | [5.255.101.135](https://vuldb.com/?ip.5.255.101.135) | - | - | High
|
||||
32 | [13.250.126.74](https://vuldb.com/?ip.13.250.126.74) | ec2-13-250-126-74.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
33 | [15.204.49.165](https://vuldb.com/?ip.15.204.49.165) | ip165.ip-15-204-49.us | - | High
|
||||
34 | [15.235.131.10](https://vuldb.com/?ip.15.235.131.10) | ip10.ip-15-235-131.net | - | High
|
||||
35 | [20.25.153.134](https://vuldb.com/?ip.20.25.153.134) | - | - | High
|
||||
36 | [20.63.103.150](https://vuldb.com/?ip.20.63.103.150) | - | - | High
|
||||
37 | [23.88.113.7](https://vuldb.com/?ip.23.88.113.7) | static.7.113.88.23.clients.your-server.de | - | High
|
||||
38 | [23.94.7.153](https://vuldb.com/?ip.23.94.7.153) | ac13.xxmails.com | - | High
|
||||
39 | [23.94.7.197](https://vuldb.com/?ip.23.94.7.197) | 23-94-7-197-host.colocrossing.com | - | High
|
||||
40 | [23.94.22.112](https://vuldb.com/?ip.23.94.22.112) | 23-94-22-112-host.colocrossing.com | - | High
|
||||
41 | [23.94.24.109](https://vuldb.com/?ip.23.94.24.109) | 23-94-24-109-host.colocrossing.com | - | High
|
||||
42 | [23.94.26.138](https://vuldb.com/?ip.23.94.26.138) | 23-94-26-138-host.colocrossing.com | - | High
|
||||
43 | [23.94.27.204](https://vuldb.com/?ip.23.94.27.204) | 23-94-27-204-host.colocrossing.com | - | High
|
||||
44 | [23.94.36.134](https://vuldb.com/?ip.23.94.36.134) | 23-94-36-134-host.colocrossing.com | - | High
|
||||
45 | [23.94.77.150](https://vuldb.com/?ip.23.94.77.150) | 23-94-77-150-host.colocrossing.com | - | High
|
||||
46 | [23.94.138.109](https://vuldb.com/?ip.23.94.138.109) | 23-94-138-109-host.colocrossing.com | - | High
|
||||
47 | [23.94.182.29](https://vuldb.com/?ip.23.94.182.29) | 23-94-182-29-host.colocrossing.com | - | High
|
||||
48 | [23.94.190.149](https://vuldb.com/?ip.23.94.190.149) | 23-94-190-149-host.colocrossing.com | - | High
|
||||
49 | [23.94.245.9](https://vuldb.com/?ip.23.94.245.9) | 23-94-245-9-host.colocrossing.com | - | High
|
||||
50 | [23.95.9.231](https://vuldb.com/?ip.23.95.9.231) | 23-95-9-231-host.colocrossing.com | - | High
|
||||
51 | [23.95.213.111](https://vuldb.com/?ip.23.95.213.111) | 23-95-213-111-host.colocrossing.com | - | High
|
||||
52 | [23.95.222.185](https://vuldb.com/?ip.23.95.222.185) | - | - | High
|
||||
53 | [23.95.226.100](https://vuldb.com/?ip.23.95.226.100) | 100-226-tizess.hornbe.sbs | - | High
|
||||
54 | [23.95.230.108](https://vuldb.com/?ip.23.95.230.108) | 108-230-kharoshthi.conessf.cloud | - | High
|
||||
55 | [23.160.192.157](https://vuldb.com/?ip.23.160.192.157) | unknown.ip-xfer.net | - | High
|
||||
56 | [23.160.193.38](https://vuldb.com/?ip.23.160.193.38) | unknown.ip-xfer.net | - | High
|
||||
57 | [23.160.193.99](https://vuldb.com/?ip.23.160.193.99) | unknown.ip-xfer.net | - | High
|
||||
58 | [23.160.193.123](https://vuldb.com/?ip.23.160.193.123) | unknown.ip-xfer.net | - | High
|
||||
59 | [23.224.189.182](https://vuldb.com/?ip.23.224.189.182) | - | - | High
|
||||
60 | [23.225.14.201](https://vuldb.com/?ip.23.225.14.201) | - | - | High
|
||||
61 | [23.225.14.209](https://vuldb.com/?ip.23.225.14.209) | - | - | High
|
||||
62 | [23.227.146.106](https://vuldb.com/?ip.23.227.146.106) | - | - | High
|
||||
63 | [23.227.184.194](https://vuldb.com/?ip.23.227.184.194) | glad.allrico.in | - | High
|
||||
64 | [31.7.62.22](https://vuldb.com/?ip.31.7.62.22) | amaz0nprime.club | - | High
|
||||
65 | [31.42.186.52](https://vuldb.com/?ip.31.42.186.52) | remaintaintinue.com | - | High
|
||||
66 | [31.42.186.77](https://vuldb.com/?ip.31.42.186.77) | itay.org.uk | - | High
|
||||
67 | [31.210.20.60](https://vuldb.com/?ip.31.210.20.60) | - | - | High
|
||||
68 | [31.214.243.29](https://vuldb.com/?ip.31.214.243.29) | - | - | High
|
||||
69 | [31.214.243.99](https://vuldb.com/?ip.31.214.243.99) | - | - | High
|
||||
70 | [31.220.51.145](https://vuldb.com/?ip.31.220.51.145) | - | - | High
|
||||
71 | [31.222.202.229](https://vuldb.com/?ip.31.222.202.229) | - | - | High
|
||||
72 | [34.127.55.77](https://vuldb.com/?ip.34.127.55.77) | 77.55.127.34.bc.googleusercontent.com | - | Medium
|
||||
73 | [35.72.132.42](https://vuldb.com/?ip.35.72.132.42) | ec2-35-72-132-42.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
74 | [35.204.65.246](https://vuldb.com/?ip.35.204.65.246) | 246.65.204.35.bc.googleusercontent.com | - | Medium
|
||||
75 | [37.0.10.182](https://vuldb.com/?ip.37.0.10.182) | - | - | High
|
||||
76 | [37.0.10.210](https://vuldb.com/?ip.37.0.10.210) | - | - | High
|
||||
77 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
|
||||
78 | [37.44.238.169](https://vuldb.com/?ip.37.44.238.169) | ssd1-490.9378 | - | High
|
||||
79 | [37.44.238.172](https://vuldb.com/?ip.37.44.238.172) | ssd2-1227.9023 | - | High
|
||||
80 | [37.44.238.182](https://vuldb.com/?ip.37.44.238.182) | ssd1-2031.9321 | - | High
|
||||
81 | [37.44.238.191](https://vuldb.com/?ip.37.44.238.191) | - | - | High
|
||||
82 | [37.44.238.234](https://vuldb.com/?ip.37.44.238.234) | - | - | High
|
||||
83 | [37.49.229.52](https://vuldb.com/?ip.37.49.229.52) | - | - | High
|
||||
84 | [37.49.230.83](https://vuldb.com/?ip.37.49.230.83) | - | - | High
|
||||
85 | [37.49.230.122](https://vuldb.com/?ip.37.49.230.122) | - | - | High
|
||||
86 | [37.221.65.77](https://vuldb.com/?ip.37.221.65.77) | vivid | - | High
|
||||
87 | [37.221.65.228](https://vuldb.com/?ip.37.221.65.228) | cenmiesteamul1989 | - | High
|
||||
88 | [37.221.92.202](https://vuldb.com/?ip.37.221.92.202) | static-202-37.bulletvm.io | - | High
|
||||
89 | [38.48.123.55](https://vuldb.com/?ip.38.48.123.55) | - | - | High
|
||||
90 | [38.60.81.66](https://vuldb.com/?ip.38.60.81.66) | - | - | High
|
||||
91 | [41.216.182.17](https://vuldb.com/?ip.41.216.182.17) | - | - | High
|
||||
92 | [41.216.182.42](https://vuldb.com/?ip.41.216.182.42) | - | - | High
|
||||
93 | [41.216.182.131](https://vuldb.com/?ip.41.216.182.131) | - | - | High
|
||||
94 | [41.216.182.140](https://vuldb.com/?ip.41.216.182.140) | - | - | High
|
||||
95 | [41.216.182.144](https://vuldb.com/?ip.41.216.182.144) | - | - | High
|
||||
96 | [41.216.182.203](https://vuldb.com/?ip.41.216.182.203) | - | - | High
|
||||
97 | [41.216.182.214](https://vuldb.com/?ip.41.216.182.214) | - | - | High
|
||||
98 | [43.153.37.45](https://vuldb.com/?ip.43.153.37.45) | - | - | High
|
||||
99 | [43.204.217.160](https://vuldb.com/?ip.43.204.217.160) | ec2-43-204-217-160.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
100 | [45.9.168.102](https://vuldb.com/?ip.45.9.168.102) | - | - | High
|
||||
101 | [45.11.181.37](https://vuldb.com/?ip.45.11.181.37) | - | - | High
|
||||
102 | [45.14.226.72](https://vuldb.com/?ip.45.14.226.72) | hml03.pugginesl.info | - | High
|
||||
103 | [45.32.202.111](https://vuldb.com/?ip.45.32.202.111) | 45.32.202.111.vultrusercontent.com | - | High
|
||||
104 | [45.33.63.122](https://vuldb.com/?ip.45.33.63.122) | 45-33-63-122.ip.linodeusercontent.com | - | High
|
||||
105 | [45.56.96.91](https://vuldb.com/?ip.45.56.96.91) | 45-56-96-91.ip.linodeusercontent.com | - | High
|
||||
106 | [45.61.144.146](https://vuldb.com/?ip.45.61.144.146) | - | - | High
|
||||
107 | [45.61.186.4](https://vuldb.com/?ip.45.61.186.4) | - | - | High
|
||||
108 | [45.61.187.108](https://vuldb.com/?ip.45.61.187.108) | sayonara.hp | - | High
|
||||
109 | [45.61.188.118](https://vuldb.com/?ip.45.61.188.118) | ms2.hostwithlove.com | - | High
|
||||
110 | [45.61.188.150](https://vuldb.com/?ip.45.61.188.150) | - | - | High
|
||||
111 | [45.61.188.220](https://vuldb.com/?ip.45.61.188.220) | - | - | High
|
||||
112 | [45.66.230.173](https://vuldb.com/?ip.45.66.230.173) | - | - | High
|
||||
113 | [45.76.253.113](https://vuldb.com/?ip.45.76.253.113) | 45.76.253.113.vultrusercontent.com | - | High
|
||||
114 | [45.77.46.118](https://vuldb.com/?ip.45.77.46.118) | 8.8.8.8.google.com | - | High
|
||||
115 | [45.79.127.90](https://vuldb.com/?ip.45.79.127.90) | 45-79-127-90.ip.linodeusercontent.com | - | High
|
||||
116 | [45.79.207.123](https://vuldb.com/?ip.45.79.207.123) | se1.izlae.com | - | High
|
||||
117 | [45.81.39.172](https://vuldb.com/?ip.45.81.39.172) | - | - | High
|
||||
118 | [45.81.234.229](https://vuldb.com/?ip.45.81.234.229) | 45.81.234.229.mc-host24.de | - | High
|
||||
119 | [45.85.90.172](https://vuldb.com/?ip.45.85.90.172) | lanenap.sa.com | - | High
|
||||
120 | [45.88.66.177](https://vuldb.com/?ip.45.88.66.177) | - | - | High
|
||||
121 | [45.90.14.172](https://vuldb.com/?ip.45.90.14.172) | chivalrous.acquiretm.com | - | High
|
||||
122 | [45.90.160.173](https://vuldb.com/?ip.45.90.160.173) | - | - | High
|
||||
123 | [45.90.161.73](https://vuldb.com/?ip.45.90.161.73) | - | - | High
|
||||
124 | [45.90.161.92](https://vuldb.com/?ip.45.90.161.92) | - | - | High
|
||||
125 | [45.90.162.184](https://vuldb.com/?ip.45.90.162.184) | - | - | High
|
||||
126 | [45.95.55.54](https://vuldb.com/?ip.45.95.55.54) | flyhosting.de | - | High
|
||||
127 | [45.95.55.232](https://vuldb.com/?ip.45.95.55.232) | flyhosting.de | - | High
|
||||
128 | [45.95.169.115](https://vuldb.com/?ip.45.95.169.115) | - | - | High
|
||||
129 | [45.95.169.119](https://vuldb.com/?ip.45.95.169.119) | 0mrn.hitoritabifans.com | - | High
|
||||
130 | [45.95.169.133](https://vuldb.com/?ip.45.95.169.133) | - | - | High
|
||||
131 | [45.124.84.253](https://vuldb.com/?ip.45.124.84.253) | sv-84253.bkns.vn | - | High
|
||||
132 | [45.128.153.154](https://vuldb.com/?ip.45.128.153.154) | - | - | High
|
||||
133 | [45.128.232.144](https://vuldb.com/?ip.45.128.232.144) | 144.232.128.45.pfcloud.io | - | High
|
||||
134 | [45.128.232.180](https://vuldb.com/?ip.45.128.232.180) | - | - | High
|
||||
135 | [45.128.234.72](https://vuldb.com/?ip.45.128.234.72) | - | - | High
|
||||
136 | [45.132.88.184](https://vuldb.com/?ip.45.132.88.184) | 45.132.88.184.mc-host24.de | - | High
|
||||
137 | [45.134.10.88](https://vuldb.com/?ip.45.134.10.88) | hosted-by.infraly.co | - | High
|
||||
138 | [45.134.11.110](https://vuldb.com/?ip.45.134.11.110) | mail.knowallthings.com | - | High
|
||||
139 | [45.137.206.188](https://vuldb.com/?ip.45.137.206.188) | hosted-by.varixx.org | - | High
|
||||
140 | [45.140.188.33](https://vuldb.com/?ip.45.140.188.33) | hosted-by.royalehosting.net | - | High
|
||||
141 | [45.140.188.40](https://vuldb.com/?ip.45.140.188.40) | minrow.populatively.com | - | High
|
||||
142 | [45.140.188.109](https://vuldb.com/?ip.45.140.188.109) | hosted-by.royalehosting.net | - | High
|
||||
143 | [45.141.239.114](https://vuldb.com/?ip.45.141.239.114) | - | - | High
|
||||
144 | [45.142.107.167](https://vuldb.com/?ip.45.142.107.167) | tube-hosting.com | - | High
|
||||
145 | [45.144.29.99](https://vuldb.com/?ip.45.144.29.99) | vm467374.stark-industries.solutions | - | High
|
||||
146 | [45.144.179.23](https://vuldb.com/?ip.45.144.179.23) | zhaibingyeshishabi.xyz | - | High
|
||||
147 | [45.145.226.64](https://vuldb.com/?ip.45.145.226.64) | - | - | High
|
||||
148 | [45.148.10.76](https://vuldb.com/?ip.45.148.10.76) | - | - | High
|
||||
149 | [45.148.10.243](https://vuldb.com/?ip.45.148.10.243) | - | - | High
|
||||
150 | [45.148.120.80](https://vuldb.com/?ip.45.148.120.80) | - | - | High
|
||||
151 | ... | ... | ... | ...
|
||||
|
||||
There are 584 more IOC items available. Please use our online service to access the data.
|
||||
There are 599 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -193,52 +197,53 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/?p=products` | Medium
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/user/manage_user.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/ajax.php?action=read_msg` | High
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
10 | File | `/api/` | Low
|
||||
11 | File | `/api/admin/store/product/list` | High
|
||||
12 | File | `/api/gen/clients/{language}` | High
|
||||
13 | File | `/api/stl/actions/search` | High
|
||||
14 | File | `/api/v2/cli/commands` | High
|
||||
15 | File | `/apply.cgi` | Medium
|
||||
16 | File | `/bin/ate` | Medium
|
||||
17 | File | `/boat/login.php` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin` | Medium
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/College/admin/teacher.php` | High
|
||||
22 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
23 | File | `/ctcprotocol/Protocol` | High
|
||||
24 | File | `/dcim/rack-roles/` | High
|
||||
25 | File | `/debug/pprof` | Medium
|
||||
26 | File | `/ebics-server/ebics.aspx` | High
|
||||
27 | File | `/env` | Low
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/goform/aspForm` | High
|
||||
30 | File | `/HNAP1` | Low
|
||||
31 | File | `/HNAP1/SetClientInfo` | High
|
||||
32 | File | `/inc/topBarNav.php` | High
|
||||
33 | File | `/kelas/data` | Medium
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/menu.html` | Medium
|
||||
36 | File | `/modules/profile/index.php` | High
|
||||
37 | File | `/Moosikay/order.php` | High
|
||||
38 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | File | `/resources//../` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
43 | File | `/sys/dict/queryTableData` | High
|
||||
44 | File | `/tmp` | Low
|
||||
45 | ... | ... | ...
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
4 | File | `/admin/?page=user/manage` | High
|
||||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/user/manage_user.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/ajax.php?action=read_msg` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/api/baskets/{name}` | High
|
||||
14 | File | `/api/gen/clients/{language}` | High
|
||||
15 | File | `/api/stl/actions/search` | High
|
||||
16 | File | `/api/v2/cli/commands` | High
|
||||
17 | File | `/apply.cgi` | Medium
|
||||
18 | File | `/bin/ate` | Medium
|
||||
19 | File | `/boat/login.php` | High
|
||||
20 | File | `/booking/show_bookings/` | High
|
||||
21 | File | `/bsms_ci/index.php/book` | High
|
||||
22 | File | `/cgi-bin` | Medium
|
||||
23 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
24 | File | `/College/admin/teacher.php` | High
|
||||
25 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
26 | File | `/dcim/rack-roles/` | High
|
||||
27 | File | `/debug/pprof` | Medium
|
||||
28 | File | `/ebics-server/ebics.aspx` | High
|
||||
29 | File | `/env` | Low
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/goform/aspForm` | High
|
||||
32 | File | `/HNAP1` | Low
|
||||
33 | File | `/HNAP1/SetClientInfo` | High
|
||||
34 | File | `/inc/topBarNav.php` | High
|
||||
35 | File | `/index.php` | Medium
|
||||
36 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
37 | File | `/kelas/data` | Medium
|
||||
38 | File | `/medicines/profile.php` | High
|
||||
39 | File | `/modules/profile/index.php` | High
|
||||
40 | File | `/Moosikay/order.php` | High
|
||||
41 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/resources//../` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 387 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 398 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -270,6 +275,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/05d8b67cc42a50c1f378306a2db89010bf7bc75893e90efbd27f063e1ad6843c/
|
||||
* https://bazaar.abuse.ch/sample/053dfe1d55db9fc07748eb595f288efc0904fbf3c89a4fbdd258280048e2c3bb/
|
||||
* https://bazaar.abuse.ch/sample/057859bcea5d19150290766188f7789ed023f4c99c20d7ea0c76974799af1577/
|
||||
* https://bazaar.abuse.ch/sample/061553ba0f1cfd8aa69c311f668afc8ff7fb1660c2cb5cff1c34fb0250af9710/
|
||||
* https://bazaar.abuse.ch/sample/0753eb8af4e2d47a6926a92c78fcd50f14a5f468560e27497cd1be84dbf29059/
|
||||
* https://bazaar.abuse.ch/sample/08fd9158c57a1d04a37270f7c79734d68559e2fb84d2c91f03710de05eec454b/
|
||||
* https://bazaar.abuse.ch/sample/080962356bd8d2e7199382f72ab52d0f22c519963a33a485dc73f9a5e30fdcfc/
|
||||
|
@ -332,6 +338,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/5a07b285b9570b7de1288c461e1af9cded90d45a373ac8630776d00938d2980a/
|
||||
* https://bazaar.abuse.ch/sample/5a88c770aef6ae42389637c81f10ab0c530195a247da3f4d50303d455040c0dc/
|
||||
* https://bazaar.abuse.ch/sample/5aa4af96e9c1fa6573f4278551acd0bcb4f03872b23cbfe2d987f4baba52555d/
|
||||
* https://bazaar.abuse.ch/sample/5b08ff6cdc7d1a22acdfa9fb15ea2aafa85b6649fdfd2995c896768bf9c22df2/
|
||||
* https://bazaar.abuse.ch/sample/5b4be7dfe4720047c633de7e8e3b707b001ce15ea0acfecf9502294ed363c981/
|
||||
* https://bazaar.abuse.ch/sample/5b544e55498088ff1a6ad7412daad8f846cb82f403e53255a2e4eaea27c31310/
|
||||
* https://bazaar.abuse.ch/sample/5bd0d26b144f8f383ec5a5740cfa7c95a0a686b624b0fecdce62c80c4babd535/
|
||||
|
@ -344,6 +351,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/5de5b346d86298f7141f8f7f002a9b79d515a01d4aed8e8ffc0b04013836cf9f/
|
||||
* https://bazaar.abuse.ch/sample/5e866674c172062d52754720cf27032841a489b380e2d739a859b6a9240e524a/
|
||||
* https://bazaar.abuse.ch/sample/5f580543da4c8cba5244b16daa7ef25fcd8a80e89f9fb0bcab0289bc3fb0a8c9/
|
||||
* https://bazaar.abuse.ch/sample/6ad3ebd22fab278cd7c33006740c8bcdae23a56a244b9739d13f3fd152bfb07c/
|
||||
* https://bazaar.abuse.ch/sample/6b53099c9ab97e6ac90382855ffb8a80be49cf2eca9ab0877dc498ac233af1ea/
|
||||
* https://bazaar.abuse.ch/sample/6b929647b82fc4a7a292e10026f1d90a23fab3a712c89505e05282a90a92f860/
|
||||
* https://bazaar.abuse.ch/sample/6c901ba15327da68159712a9726807fb08868309726c55ef202818bfde22a5a7/
|
||||
|
@ -365,6 +373,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/8b9ae45f6e43d11ff3dd540e6d8c64c8ffc23f5df652212652359ed229fde0a8/
|
||||
* https://bazaar.abuse.ch/sample/8baa61d17f084601d9b4014c73c391ab6a893f46d076e9e5d55a55991d94b057/
|
||||
* https://bazaar.abuse.ch/sample/8c0e1b9faeacac7b923f6f907f740c8b65d31c22248b3a765775809fc23002b5/
|
||||
* https://bazaar.abuse.ch/sample/8c65aa2ad5e46c0dd63ebbb6cd04a3dac2651a1bfa0f16ee80d444b4db789dc9/
|
||||
* https://bazaar.abuse.ch/sample/8c55851ca920533baf36b529bc0dde320630234f9e2f10395be7c4262e03d3b6/
|
||||
* https://bazaar.abuse.ch/sample/8ce82806ab6b604dca17051bf30d96f6ddd8c09067ad0dcb3abf0b4587566584/
|
||||
* https://bazaar.abuse.ch/sample/8d11aac643d27f90e7e53b84fdad477d6514c039cde8a00ef08a5e709576630b/
|
||||
|
@ -377,6 +386,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/9ab929ac75e5c3627fd537aeb34d137b246129e5fad1158d845e4021ce6bb3e1/
|
||||
* https://bazaar.abuse.ch/sample/9ae1feeadd3edd6deee7789debbfb1798274151ab1734c07d86f6d837642cc93/
|
||||
* https://bazaar.abuse.ch/sample/9b6cacb165255fdca79ee4a39d4ad6983000e5f6b6f0af864164a4918b9d60f7/
|
||||
* https://bazaar.abuse.ch/sample/9b7cf91e7ac44e2815bd58ceca04188c8600ca6f08f73eea4aeab89e2587685a/
|
||||
* https://bazaar.abuse.ch/sample/9c4a05cdd18b7371ea16dc9b2d54f6fb11225943b71ed9c5aa31a0bdca6721d2/
|
||||
* https://bazaar.abuse.ch/sample/9c8abd912146833d4a8c7c8bd8b80dc2ff0f07be12603307ca20245fd63b0172/
|
||||
* https://bazaar.abuse.ch/sample/9ce4e4cd565ac19ae4ff5b47a5b1146921ff31d71aa951146df5464da0d93dd7/
|
||||
|
@ -490,6 +500,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/700f0f5b1634b0326d186bbf8b34582150cb37b660c3563148c89e85fc2d5801/
|
||||
* https://bazaar.abuse.ch/sample/716c8bae6e915d3096635bb6af81f44d8ca977447ec8efb099053633daf781f6/
|
||||
* https://bazaar.abuse.ch/sample/788db01a3b8ddbdfc3f82858e61102003ba23ebab2dc9a442fa681d4067812e4/
|
||||
* https://bazaar.abuse.ch/sample/796d4d5f4b37df2763982c82f899e2db6ec72d2706f33c61f105467182bb39eb/
|
||||
* https://bazaar.abuse.ch/sample/798fd1cb5b6cf836d652a40c6863891381a2b5b7b07f29da33f1c60c14c8558a/
|
||||
* https://bazaar.abuse.ch/sample/816cc7c06ccc6b156f1709ddfded9605dc250afea795120055d7809efb7fda86/
|
||||
* https://bazaar.abuse.ch/sample/821daf19dc278c67757faf18294ab37b3358f68e1e67e27332c762162273d891/
|
||||
|
@ -545,6 +556,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/86448f366987e93e624e385654552787d4c576a36506fee3d094415f0cb672d1/
|
||||
* https://bazaar.abuse.ch/sample/92194a7fbc46e88dbb9876c458c742cb55426825d25ce7e01279b55927355d60/
|
||||
* https://bazaar.abuse.ch/sample/92838d046d9253542c557765602e0673ebadc74258f11f362e52a29cc74f778c/
|
||||
* https://bazaar.abuse.ch/sample/93186fffde6fd904f67dec7f1a1b72993f93862a35f0fe452bb911be874836f2/
|
||||
* https://bazaar.abuse.ch/sample/97587e55695db5f8f31133862969a7ce9a60757cfc2a097e89cd6fa8cc16c365/
|
||||
* https://bazaar.abuse.ch/sample/97854ff0a53e12a5520c938c04efa3821c91b77ee612d11cc8c0c4472b6b5c59/
|
||||
* https://bazaar.abuse.ch/sample/121191aea9560df7d2a365d4c94a524bbf94d69bc59b0e2ba9bfda93db50184c/
|
||||
|
@ -569,6 +581,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/89256664ae53f104949f2099d36fabf6931cd63e97955684c8bceab2a9f05c35/
|
||||
* https://bazaar.abuse.ch/sample/89297556dfffc6740eca7398405e7e1e2e831195e99d8fcb775e7d0179128d78/
|
||||
* https://bazaar.abuse.ch/sample/155274479e685c418a739c230bd50abe3e5d6a4bef6dfb7306883f7bca3d7c24/
|
||||
* https://bazaar.abuse.ch/sample/454296067e60713bec415ee9608f512b273068d53f5bb3d125f4076d43458f32/
|
||||
* https://bazaar.abuse.ch/sample/560296973dd92fda1e2021abd5ac5948983438edeea35934c389b4b99a787bdb/
|
||||
* https://bazaar.abuse.ch/sample/653529923b9c7e2f8fe1b1f5f1cfe2b2e3a4ee53f787ad7ff055e1503bbe3b8f/
|
||||
* https://bazaar.abuse.ch/sample/911152997ded7b2964b7abfdf7c38e96f2748068b8bbd5975d9d4519cd762807/
|
||||
|
@ -579,10 +592,12 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/a2f7038b284919469460eb64955c0eb15ad3c179da78afc265ea6300eb57e833/
|
||||
* https://bazaar.abuse.ch/sample/a3d97ce15ba1a46f6b040463f07f35ae62454e468f08addcd71fd5ed216a625c/
|
||||
* https://bazaar.abuse.ch/sample/a3ed4e0b85e3944b34e4103e0a73fb1d2dfb3118eb20e1ccd324b32e0cb42998/
|
||||
* https://bazaar.abuse.ch/sample/a5d016d6887f05f4655b10f693c457fbdc78b3f88520ffcd83243d8df6177d47/
|
||||
* https://bazaar.abuse.ch/sample/a43f8a03ecb56e7ca54cad97e507ebf568c58abf5108a76039506518850a3470/
|
||||
* https://bazaar.abuse.ch/sample/a98f0121ed69d9e8a58159cf7037d1132db7af469c5f61fcff2e519ed9f99957/
|
||||
* https://bazaar.abuse.ch/sample/a128a62d2290a71183bcb46e10cf300c1ce2182ed74be355bb270145012cd163/
|
||||
* https://bazaar.abuse.ch/sample/a280f0feec3658eb9438564ea791ceb7bfccf134133cfcd1f8386fcd371848db/
|
||||
* https://bazaar.abuse.ch/sample/a322ebbb0d7ce281198df18d5a79eb638fc29c18e15c700d5bbc21c86dfd0cfc/
|
||||
* https://bazaar.abuse.ch/sample/a809ffcdf246527ce3c76173fb4f11ff82c01f2b90b936a41ce1f209430a8a1c/
|
||||
* https://bazaar.abuse.ch/sample/a3920a9315258284fe20bbb5525527f1d0ff1e4c656c72703a3a566f8eb42d93/
|
||||
* https://bazaar.abuse.ch/sample/a4850d2639c53f42081617542401a5dba968499141d228505a9315fa0064e5be/
|
||||
|
@ -623,6 +638,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/b834031099391abd42f95f8015f800844d6ea957031e8119bf6d01a186d2b4d3/
|
||||
* https://bazaar.abuse.ch/sample/ba79cf9aec445aad98d9ba7ad8f85f5a8f8617c8482ed8913f725f10b2942b42/
|
||||
* https://bazaar.abuse.ch/sample/bb7ac2ba0dea3b0ac95a9f76a8c52df6dac96dbb2c8506e0708524f1b57ac88c/
|
||||
* https://bazaar.abuse.ch/sample/bb8ad39a7dbd454077bd7c920ea621ca42ddfdcc13b2330cb4d912572a45c320/
|
||||
* https://bazaar.abuse.ch/sample/bbd0f0b8c5440c362fb7cf52086a9f9e01b1eed018b5d5b9d7eb75f1eedb2b28/
|
||||
* https://bazaar.abuse.ch/sample/bc57dc3abe88b1681c2933e91c2ef90f69cb4eb0b9cd46f554ca393d9c0b39c5/
|
||||
* https://bazaar.abuse.ch/sample/bc58169d1ae4c532367e1f9bb92118378ac466f05ed19e1555b2eec170046ba8/
|
||||
|
@ -674,6 +690,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/d5c453472c0f8126597b02e76692c50b19476cc509ee4355f34f1eddde8067cc/
|
||||
* https://bazaar.abuse.ch/sample/d7f604f7fb86dde0a2f046efab5b29392db97de0e2021cbb997aeb3520dbd417/
|
||||
* https://bazaar.abuse.ch/sample/d15f455f94422a433215a6343aa6f4c3cc44d5af601d074e3722f900bbafc85e/
|
||||
* https://bazaar.abuse.ch/sample/d28df8812363a5217be8e13f17c07d528c0ddb1db65d077a4523de88c0bd46b1/
|
||||
* https://bazaar.abuse.ch/sample/d34acff690e42b6bb4ec5d1a43b2fafac9611a625643fa55926a48cdd0355f77/
|
||||
* https://bazaar.abuse.ch/sample/d49a93c84e608ea820329306c6fc9dd5e6e027fb2ea996f2a79d12f4626068a5/
|
||||
* https://bazaar.abuse.ch/sample/d55bba7134bb5b4f6ab2454b824d0555ebcb5acdcd06006cfc13e5b19f429ebc/
|
||||
|
@ -708,6 +725,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://bazaar.abuse.ch/sample/e5cac3c9f6322d4930a4a8a35f065de26c24867a587746ac452bca595d2f260d/
|
||||
* https://bazaar.abuse.ch/sample/e9fdb91e74b0c3cf9b9a01082d5e4d909472d7f0c0efca65d09acf7e889d5563/
|
||||
* https://bazaar.abuse.ch/sample/e39fcf296425503e05a92c86c9523f7279448dae58d6afe6401103dd3ec304c3/
|
||||
* https://bazaar.abuse.ch/sample/e45f62b8266b8b757125080858e3c2a112e57f27dde26fcb6a5878df94dc1fd4/
|
||||
* https://bazaar.abuse.ch/sample/e53b7b07c8814fb00785fbf62f0df13c75f01b3f9bfcaa8ec8a056a845e30014/
|
||||
* https://bazaar.abuse.ch/sample/e90bcf0c8b3bb16278148d37cad1fa4d586281c83cfa0399b4eea33753b5353d/
|
||||
* https://bazaar.abuse.ch/sample/e93f538792474d1f37881188edd57bd48cd65efd04a4020b145cdd5db7f85b9b/
|
||||
|
|
|
@ -177,11 +177,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -192,44 +192,42 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/action/wirelessConnect` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
6 | File | `/admin/assign/assign.php` | High
|
||||
7 | File | `/admin/cashadvance_row.php` | High
|
||||
8 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
9 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
10 | File | `/admin/departments/view_department.php` | High
|
||||
11 | File | `/admin/login.php` | High
|
||||
12 | File | `/admin/maintenance/view_designation.php` | High
|
||||
13 | File | `/admin/suppliers/view_details.php` | High
|
||||
14 | File | `/admin/user/manage_user.php` | High
|
||||
15 | File | `/admin/user/uploadImg` | High
|
||||
16 | File | `/api/admin/store/product/list` | High
|
||||
17 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
18 | File | `/authenticationendpoint/login.do` | High
|
||||
19 | File | `/bin/login` | Medium
|
||||
20 | File | `/cgi-bin/kerbynet` | High
|
||||
21 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
22 | File | `/churchcrm/EventAttendance.php` | High
|
||||
23 | File | `/classes/Master.php` | High
|
||||
24 | File | `/classes/Master.php?f=delete_item` | High
|
||||
25 | File | `/config/getuser` | High
|
||||
26 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
27 | File | `/forms/doLogin` | High
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/HNAP1` | Low
|
||||
30 | File | `/licenses` | Medium
|
||||
31 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
32 | File | `/login/index.php` | High
|
||||
33 | File | `/menu.html` | Medium
|
||||
34 | File | `/mims/login.php` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/plain` | Low
|
||||
37 | File | `/public/launchNewWindow.jsp` | High
|
||||
38 | File | `/qsr_server/device/reboot` | High
|
||||
39 | ... | ... | ...
|
||||
4 | File | `/admin/assign/assign.php` | High
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
7 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
8 | File | `/admin/departments/view_department.php` | High
|
||||
9 | File | `/admin/maintenance/view_designation.php` | High
|
||||
10 | File | `/admin/suppliers/view_details.php` | High
|
||||
11 | File | `/admin/user/manage_user.php` | High
|
||||
12 | File | `/admin/user/uploadImg` | High
|
||||
13 | File | `/api/admin/store/product/list` | High
|
||||
14 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
15 | File | `/authenticationendpoint/login.do` | High
|
||||
16 | File | `/bin/login` | Medium
|
||||
17 | File | `/cgi-bin/kerbynet` | High
|
||||
18 | File | `/cgi-bin/luci` | High
|
||||
19 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
20 | File | `/classes/Master.php` | High
|
||||
21 | File | `/classes/Master.php?f=delete_item` | High
|
||||
22 | File | `/config/getuser` | High
|
||||
23 | File | `/contact/store` | High
|
||||
24 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
25 | File | `/forms/doLogin` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/HNAP1` | Low
|
||||
28 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
29 | File | `/login/index.php` | High
|
||||
30 | File | `/mc` | Low
|
||||
31 | File | `/menu.html` | Medium
|
||||
32 | File | `/mims/login.php` | High
|
||||
33 | File | `/out.php` | Medium
|
||||
34 | File | `/php-inventory-management-system/product.php` | High
|
||||
35 | File | `/plain` | Low
|
||||
36 | File | `/qsr_server/device/reboot` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 339 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 320 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -93,9 +93,10 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
|
||||
9 | File | `add.php` | Low
|
||||
10 | File | `admin/admin.shtml` | High
|
||||
11 | ... | ... | ...
|
||||
11 | File | `bpf-object-fuzzer.c` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 87 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 89 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -36,10 +36,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,15 +47,15 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/cgi-bin/webproc` | High
|
||||
2 | File | `/crmeb/crmeb/services/UploadService.php` | High
|
||||
3 | File | `/env` | Low
|
||||
4 | File | `/expert_wizard.php` | High
|
||||
5 | File | `/s/` | Low
|
||||
6 | File | `/static/ueditor/php/controller.php` | High
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/cgi-bin/webproc` | High
|
||||
3 | File | `/crmeb/crmeb/services/UploadService.php` | High
|
||||
4 | File | `/env` | Low
|
||||
5 | File | `/expert_wizard.php` | High
|
||||
6 | File | `/s/` | Low
|
||||
7 | ... | ... | ...
|
||||
|
||||
There are 45 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 46 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -2074,14 +2074,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-36, CWE-37, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -2089,71 +2089,50 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
5 | File | `/admin/bookings/view_booking.php` | High
|
||||
6 | File | `/admin/bookings/view_details.php` | High
|
||||
7 | File | `/admin/budget/manage_budget.php` | High
|
||||
8 | File | `/admin/configurations/userInfo` | High
|
||||
9 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
10 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
11 | File | `/admin/departments/view_department.php` | High
|
||||
12 | File | `/admin/edit_subject.php` | High
|
||||
13 | File | `/admin/index.php` | High
|
||||
14 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
15 | File | `/admin/maintenance/manage_category.php` | High
|
||||
16 | File | `/admin/maintenance/view_designation.php` | High
|
||||
17 | File | `/admin/misc/script-proxy` | High
|
||||
18 | File | `/admin/orders/update_status.php` | High
|
||||
19 | File | `/admin/reportupload.aspx` | High
|
||||
20 | File | `/admin/save_teacher.php` | High
|
||||
21 | File | `/admin/service.php` | High
|
||||
22 | File | `/admin/services/manage_service.php` | High
|
||||
23 | File | `/admin/user/manage_user.php` | High
|
||||
24 | File | `/advanced-tools/nova/bin/netwatch` | High
|
||||
25 | File | `/api/stl/actions/search` | High
|
||||
26 | File | `/bin/ate` | Medium
|
||||
27 | File | `/bitrix/admin/ldap_server_edit.php` | High
|
||||
28 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
|
||||
29 | File | `/cas/logout` | Medium
|
||||
30 | File | `/cgi-bin/ping.cgi` | High
|
||||
31 | File | `/circuits/circuit-types/` | High
|
||||
32 | File | `/circuits/provider-accounts/` | High
|
||||
33 | File | `/classes/Master.php` | High
|
||||
34 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
35 | File | `/classes/Master.php?f=delete_item` | High
|
||||
36 | File | `/classes/Master.php?f=delete_service` | High
|
||||
37 | File | `/classes/Master.php?f=save_service` | High
|
||||
38 | File | `/dcim/power-panels/` | High
|
||||
39 | File | `/dcim/rack-roles/` | High
|
||||
40 | File | `/dcim/rack/` | Medium
|
||||
41 | File | `/dialog/select_media.php` | High
|
||||
42 | File | `/dosen/data` | Medium
|
||||
43 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
44 | File | `/Electron/download` | High
|
||||
45 | File | `/feeds/post/publish` | High
|
||||
46 | File | `/forms/doLogin` | High
|
||||
47 | File | `/forum/away.php` | High
|
||||
48 | File | `/goform/aspForm` | High
|
||||
49 | File | `/goForm/aspForm` | High
|
||||
50 | File | `/goform/sysTools` | High
|
||||
51 | File | `/hslist` | Low
|
||||
52 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
53 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
54 | File | `/index.php?page=category_list` | High
|
||||
55 | File | `/jurusan/data` | High
|
||||
56 | File | `/jurusanmatkul/data` | High
|
||||
57 | File | `/kelas/data` | Medium
|
||||
58 | File | `/kelasdosen/data` | High
|
||||
59 | File | `/knowagecockpitengine/api/1.0/pages/execute` | High
|
||||
60 | File | `/Login/CheckLogin` | High
|
||||
61 | File | `/mahasiswa/data` | High
|
||||
62 | File | `/matkul/data` | Medium
|
||||
63 | ... | ... | ...
|
||||
1 | File | `/admin/addproduct.php` | High
|
||||
2 | File | `/admin/add_user_modal.php` | High
|
||||
3 | File | `/admin/edit_product.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/read.php?mudi=announContent` | High
|
||||
6 | File | `/admin/reg.php` | High
|
||||
7 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
8 | File | `/admin/test_status.php` | High
|
||||
9 | File | `/ajax.php?action=read_msg` | High
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/api/ping` | Medium
|
||||
12 | File | `/api/set-password` | High
|
||||
13 | File | `/author_posts.php` | High
|
||||
14 | File | `/booking/show_bookings/` | High
|
||||
15 | File | `/cgi-bin/adm.cgi` | High
|
||||
16 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
17 | File | `/classes/Master.php?f=save_inquiry` | High
|
||||
18 | File | `/classes/Master.php?f=save_item` | High
|
||||
19 | File | `/classes/Users.php?f=save` | High
|
||||
20 | File | `/company/store` | High
|
||||
21 | File | `/config` | Low
|
||||
22 | File | `/contact.php` | Medium
|
||||
23 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
24 | File | `/csms/admin/inquiries/view_details.php` | High
|
||||
25 | File | `/dipam/athlete-profile.php` | High
|
||||
26 | File | `/dipam/save-delegates.php` | High
|
||||
27 | File | `/Duty/AjaxHandle/UpLoadFloodPlanFile.ashx` | High
|
||||
28 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
29 | File | `/en/blog-comment-4` | High
|
||||
30 | File | `/etc/passwd` | Medium
|
||||
31 | File | `/EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3` | High
|
||||
32 | File | `/forum/away.php` | High
|
||||
33 | File | `/getcfg.php` | Medium
|
||||
34 | File | `/h/` | Low
|
||||
35 | File | `/include/chart_generator.php` | High
|
||||
36 | File | `/index.php` | Medium
|
||||
37 | File | `/jobinfo/` | Medium
|
||||
38 | File | `/LandingPages/api/otp/send?id=[ID][ampersand]method=sms` | High
|
||||
39 | File | `/load.php` | Medium
|
||||
40 | File | `/Objects/unicodeobject.c` | High
|
||||
41 | File | `/out.php` | Medium
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 549 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 365 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -75,41 +75,41 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/api/file_uploader.php` | High
|
||||
11 | File | `/default.php?idx=17` | High
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/include/commrecc.inc.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
17 | File | `/opt/bin/cli` | Medium
|
||||
18 | File | `/out.php` | Medium
|
||||
19 | File | `/p` | Low
|
||||
20 | File | `/patient/doctors.php` | High
|
||||
21 | File | `/phpinventory/editcategory.php` | High
|
||||
22 | File | `/product-list.php` | High
|
||||
23 | File | `/setup/finish` | High
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/system-info/health` | High
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/updown/upload.cgi` | High
|
||||
28 | File | `/user/del.php` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `/_next` | Low
|
||||
31 | File | `123flashchat.php` | High
|
||||
32 | File | `act.php` | Low
|
||||
33 | File | `admin/bad.php` | High
|
||||
34 | File | `admin/index.php` | High
|
||||
35 | File | `admin/index.php/user/del/1` | High
|
||||
36 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
37 | File | `admin/loginform.php` | High
|
||||
38 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
39 | File | `administrator/index.php` | High
|
||||
40 | File | `administrator/mail/download.cfm` | High
|
||||
41 | File | `AdminUpdateController.class.php` | High
|
||||
42 | File | `Advanced_ASUSDDNS_Content.asp` | High
|
||||
43 | File | `affich.php` | Medium
|
||||
44 | File | `agenda.php` | Medium
|
||||
13 | File | `/env` | Low
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/include/commrecc.inc.php` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
17 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
18 | File | `/opt/bin/cli` | Medium
|
||||
19 | File | `/out.php` | Medium
|
||||
20 | File | `/p` | Low
|
||||
21 | File | `/patient/doctors.php` | High
|
||||
22 | File | `/phpinventory/editcategory.php` | High
|
||||
23 | File | `/product-list.php` | High
|
||||
24 | File | `/setup/finish` | High
|
||||
25 | File | `/spip.php` | Medium
|
||||
26 | File | `/system-info/health` | High
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/updown/upload.cgi` | High
|
||||
29 | File | `/user/del.php` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
31 | File | `/_next` | Low
|
||||
32 | File | `123flashchat.php` | High
|
||||
33 | File | `act.php` | Low
|
||||
34 | File | `admin/bad.php` | High
|
||||
35 | File | `admin/index.php` | High
|
||||
36 | File | `admin/index.php/user/del/1` | High
|
||||
37 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
38 | File | `admin/loginform.php` | High
|
||||
39 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
40 | File | `administrator/index.php` | High
|
||||
41 | File | `administrator/mail/download.cfm` | High
|
||||
42 | File | `AdminUpdateController.class.php` | High
|
||||
43 | File | `Advanced_ASUSDDNS_Content.asp` | High
|
||||
44 | File | `affich.php` | Medium
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 393 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -44,68 +44,75 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
21 | [5.230.73.234](https://vuldb.com/?ip.5.230.73.234) | - | - | High
|
||||
22 | [5.230.74.62](https://vuldb.com/?ip.5.230.74.62) | placeholder.noezserver.de | - | High
|
||||
23 | [5.230.74.81](https://vuldb.com/?ip.5.230.74.81) | - | - | High
|
||||
24 | [13.38.37.128](https://vuldb.com/?ip.13.38.37.128) | ec2-13-38-37-128.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
25 | [13.39.160.220](https://vuldb.com/?ip.13.39.160.220) | ec2-13-39-160-220.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
26 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
27 | [13.59.168.154](https://vuldb.com/?ip.13.59.168.154) | ec2-13-59-168-154.us-east-2.compute.amazonaws.com | - | Medium
|
||||
28 | [15.188.49.63](https://vuldb.com/?ip.15.188.49.63) | ec2-15-188-49-63.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
29 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
30 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
31 | [18.144.70.39](https://vuldb.com/?ip.18.144.70.39) | ec2-18-144-70-39.us-west-1.compute.amazonaws.com | - | Medium
|
||||
32 | [18.159.131.20](https://vuldb.com/?ip.18.159.131.20) | ec2-18-159-131-20.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
33 | [18.159.131.209](https://vuldb.com/?ip.18.159.131.209) | ec2-18-159-131-209.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
34 | [18.191.133.139](https://vuldb.com/?ip.18.191.133.139) | ec2-18-191-133-139.us-east-2.compute.amazonaws.com | - | Medium
|
||||
35 | [18.204.17.193](https://vuldb.com/?ip.18.204.17.193) | ec2-18-204-17-193.compute-1.amazonaws.com | - | Medium
|
||||
36 | [18.221.191.129](https://vuldb.com/?ip.18.221.191.129) | ec2-18-221-191-129.us-east-2.compute.amazonaws.com | - | Medium
|
||||
37 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
|
||||
38 | [23.106.223.117](https://vuldb.com/?ip.23.106.223.117) | - | - | High
|
||||
39 | [23.163.0.34](https://vuldb.com/?ip.23.163.0.34) | hehomeset.com | - | High
|
||||
40 | [23.163.0.51](https://vuldb.com/?ip.23.163.0.51) | good-jikmoon.electmum.com | - | High
|
||||
41 | [23.163.0.149](https://vuldb.com/?ip.23.163.0.149) | lyfb-000149.lyfbuz.com | - | High
|
||||
42 | [23.163.0.168](https://vuldb.com/?ip.23.163.0.168) | tech-000168.techydrov.com | - | High
|
||||
43 | [23.163.0.228](https://vuldb.com/?ip.23.163.0.228) | scary-pencil.fluentbeam.com | - | High
|
||||
44 | [23.163.0.241](https://vuldb.com/?ip.23.163.0.241) | way2-000241.way2moveis.com | - | High
|
||||
45 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
|
||||
46 | [23.229.117.247](https://vuldb.com/?ip.23.229.117.247) | - | - | High
|
||||
47 | [34.172.205.52](https://vuldb.com/?ip.34.172.205.52) | 52.205.172.34.bc.googleusercontent.com | - | Medium
|
||||
48 | [34.219.121.232](https://vuldb.com/?ip.34.219.121.232) | ec2-34-219-121-232.us-west-2.compute.amazonaws.com | - | Medium
|
||||
49 | [34.249.53.58](https://vuldb.com/?ip.34.249.53.58) | ec2-34-249-53-58.eu-west-1.compute.amazonaws.com | - | Medium
|
||||
50 | [35.157.43.44](https://vuldb.com/?ip.35.157.43.44) | ec2-35-157-43-44.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
51 | [35.180.225.185](https://vuldb.com/?ip.35.180.225.185) | ec2-35-180-225-185.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
52 | [35.181.59.201](https://vuldb.com/?ip.35.181.59.201) | ec2-35-181-59-201.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
53 | [35.183.14.149](https://vuldb.com/?ip.35.183.14.149) | ec2-35-183-14-149.ca-central-1.compute.amazonaws.com | - | Medium
|
||||
54 | [37.220.31.17](https://vuldb.com/?ip.37.220.31.17) | aviation.metagroups.info | - | High
|
||||
55 | [37.220.31.54](https://vuldb.com/?ip.37.220.31.54) | d6.wve.futuristi-ccoding.com | - | High
|
||||
56 | [37.220.31.104](https://vuldb.com/?ip.37.220.31.104) | 10-4netw0rk.mynet.com.tr | - | High
|
||||
57 | [37.228.129.4](https://vuldb.com/?ip.37.228.129.4) | - | - | High
|
||||
58 | [37.235.54.42](https://vuldb.com/?ip.37.235.54.42) | 42.54.235.37.in-addr.arpa | - | High
|
||||
59 | [37.235.54.52](https://vuldb.com/?ip.37.235.54.52) | 52.54.235.37.in-addr.arpa | - | High
|
||||
60 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
|
||||
61 | [41.199.178.166](https://vuldb.com/?ip.41.199.178.166) | HOST-166-178.199.41.nile-online.net | - | High
|
||||
62 | [43.139.241.58](https://vuldb.com/?ip.43.139.241.58) | - | - | High
|
||||
63 | [43.155.77.226](https://vuldb.com/?ip.43.155.77.226) | - | - | High
|
||||
64 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
|
||||
65 | [43.239.158.5](https://vuldb.com/?ip.43.239.158.5) | - | - | High
|
||||
66 | [44.212.9.14](https://vuldb.com/?ip.44.212.9.14) | ec2-44-212-9-14.compute-1.amazonaws.com | - | Medium
|
||||
67 | [44.212.18.9](https://vuldb.com/?ip.44.212.18.9) | ec2-44-212-18-9.compute-1.amazonaws.com | - | Medium
|
||||
68 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
|
||||
69 | [45.32.124.182](https://vuldb.com/?ip.45.32.124.182) | 45.32.124.182.vultrusercontent.com | - | High
|
||||
70 | [45.33.119.19](https://vuldb.com/?ip.45.33.119.19) | li1056-19.members.linode.com | - | High
|
||||
71 | [45.56.165.17](https://vuldb.com/?ip.45.56.165.17) | nordns.crowncloud.net | - | High
|
||||
72 | [45.61.136.152](https://vuldb.com/?ip.45.61.136.152) | - | - | High
|
||||
73 | [45.66.249.118](https://vuldb.com/?ip.45.66.249.118) | 7r277nw66g.shybeaveronline.com | - | High
|
||||
74 | [45.76.181.107](https://vuldb.com/?ip.45.76.181.107) | 45.76.181.107.vultrusercontent.com | - | High
|
||||
75 | [45.77.198.117](https://vuldb.com/?ip.45.77.198.117) | 45.77.198.117.vultrusercontent.com | - | High
|
||||
76 | [45.82.72.227](https://vuldb.com/?ip.45.82.72.227) | - | - | High
|
||||
77 | [45.86.163.228](https://vuldb.com/?ip.45.86.163.228) | - | - | High
|
||||
78 | [45.86.230.64](https://vuldb.com/?ip.45.86.230.64) | srv2.lg-c.net | - | High
|
||||
79 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
|
||||
80 | [45.114.129.150](https://vuldb.com/?ip.45.114.129.150) | hostedby.idfnv.net | - | High
|
||||
81 | [45.125.64.198](https://vuldb.com/?ip.45.125.64.198) | openisa.dealingdeals4us.info | - | High
|
||||
82 | [45.128.156.3](https://vuldb.com/?ip.45.128.156.3) | webfair.store | - | High
|
||||
83 | ... | ... | ... | ...
|
||||
24 | [13.38.36.123](https://vuldb.com/?ip.13.38.36.123) | ec2-13-38-36-123.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
25 | [13.38.37.128](https://vuldb.com/?ip.13.38.37.128) | ec2-13-38-37-128.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
26 | [13.39.160.220](https://vuldb.com/?ip.13.39.160.220) | ec2-13-39-160-220.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
27 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
28 | [13.59.168.154](https://vuldb.com/?ip.13.59.168.154) | ec2-13-59-168-154.us-east-2.compute.amazonaws.com | - | Medium
|
||||
29 | [13.215.227.78](https://vuldb.com/?ip.13.215.227.78) | ec2-13-215-227-78.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
30 | [13.215.228.73](https://vuldb.com/?ip.13.215.228.73) | ec2-13-215-228-73.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
31 | [15.188.49.63](https://vuldb.com/?ip.15.188.49.63) | ec2-15-188-49-63.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
32 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
33 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
34 | [18.144.70.39](https://vuldb.com/?ip.18.144.70.39) | ec2-18-144-70-39.us-west-1.compute.amazonaws.com | - | Medium
|
||||
35 | [18.159.131.20](https://vuldb.com/?ip.18.159.131.20) | ec2-18-159-131-20.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
36 | [18.159.131.209](https://vuldb.com/?ip.18.159.131.209) | ec2-18-159-131-209.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
37 | [18.191.133.139](https://vuldb.com/?ip.18.191.133.139) | ec2-18-191-133-139.us-east-2.compute.amazonaws.com | - | Medium
|
||||
38 | [18.204.17.193](https://vuldb.com/?ip.18.204.17.193) | ec2-18-204-17-193.compute-1.amazonaws.com | - | Medium
|
||||
39 | [18.221.191.129](https://vuldb.com/?ip.18.221.191.129) | ec2-18-221-191-129.us-east-2.compute.amazonaws.com | - | Medium
|
||||
40 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
|
||||
41 | [23.106.215.47](https://vuldb.com/?ip.23.106.215.47) | - | - | High
|
||||
42 | [23.106.223.117](https://vuldb.com/?ip.23.106.223.117) | - | - | High
|
||||
43 | [23.163.0.32](https://vuldb.com/?ip.23.163.0.32) | gods-cible.hotelalder.com | - | High
|
||||
44 | [23.163.0.34](https://vuldb.com/?ip.23.163.0.34) | hehomeset.com | - | High
|
||||
45 | [23.163.0.50](https://vuldb.com/?ip.23.163.0.50) | nordns.crowncloud.net | - | High
|
||||
46 | [23.163.0.51](https://vuldb.com/?ip.23.163.0.51) | good-jikmoon.electmum.com | - | High
|
||||
47 | [23.163.0.149](https://vuldb.com/?ip.23.163.0.149) | lyfb-000149.lyfbuz.com | - | High
|
||||
48 | [23.163.0.168](https://vuldb.com/?ip.23.163.0.168) | tech-000168.techydrov.com | - | High
|
||||
49 | [23.163.0.228](https://vuldb.com/?ip.23.163.0.228) | scary-pencil.fluentbeam.com | - | High
|
||||
50 | [23.163.0.241](https://vuldb.com/?ip.23.163.0.241) | way2-000241.way2moveis.com | - | High
|
||||
51 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
|
||||
52 | [23.229.117.247](https://vuldb.com/?ip.23.229.117.247) | - | - | High
|
||||
53 | [34.172.205.52](https://vuldb.com/?ip.34.172.205.52) | 52.205.172.34.bc.googleusercontent.com | - | Medium
|
||||
54 | [34.219.121.232](https://vuldb.com/?ip.34.219.121.232) | ec2-34-219-121-232.us-west-2.compute.amazonaws.com | - | Medium
|
||||
55 | [34.249.53.58](https://vuldb.com/?ip.34.249.53.58) | ec2-34-249-53-58.eu-west-1.compute.amazonaws.com | - | Medium
|
||||
56 | [35.157.43.44](https://vuldb.com/?ip.35.157.43.44) | ec2-35-157-43-44.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
57 | [35.180.225.185](https://vuldb.com/?ip.35.180.225.185) | ec2-35-180-225-185.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
58 | [35.181.59.201](https://vuldb.com/?ip.35.181.59.201) | ec2-35-181-59-201.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
59 | [35.183.14.149](https://vuldb.com/?ip.35.183.14.149) | ec2-35-183-14-149.ca-central-1.compute.amazonaws.com | - | Medium
|
||||
60 | [37.1.220.35](https://vuldb.com/?ip.37.1.220.35) | - | - | High
|
||||
61 | [37.220.31.17](https://vuldb.com/?ip.37.220.31.17) | aviation.metagroups.info | - | High
|
||||
62 | [37.220.31.54](https://vuldb.com/?ip.37.220.31.54) | d6.wve.futuristi-ccoding.com | - | High
|
||||
63 | [37.220.31.104](https://vuldb.com/?ip.37.220.31.104) | 10-4netw0rk.mynet.com.tr | - | High
|
||||
64 | [37.228.129.4](https://vuldb.com/?ip.37.228.129.4) | - | - | High
|
||||
65 | [37.235.54.42](https://vuldb.com/?ip.37.235.54.42) | 42.54.235.37.in-addr.arpa | - | High
|
||||
66 | [37.235.54.52](https://vuldb.com/?ip.37.235.54.52) | 52.54.235.37.in-addr.arpa | - | High
|
||||
67 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
|
||||
68 | [41.199.178.166](https://vuldb.com/?ip.41.199.178.166) | HOST-166-178.199.41.nile-online.net | - | High
|
||||
69 | [43.139.241.58](https://vuldb.com/?ip.43.139.241.58) | - | - | High
|
||||
70 | [43.155.77.226](https://vuldb.com/?ip.43.155.77.226) | - | - | High
|
||||
71 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
|
||||
72 | [43.239.158.5](https://vuldb.com/?ip.43.239.158.5) | - | - | High
|
||||
73 | [44.212.9.14](https://vuldb.com/?ip.44.212.9.14) | ec2-44-212-9-14.compute-1.amazonaws.com | - | Medium
|
||||
74 | [44.212.18.9](https://vuldb.com/?ip.44.212.18.9) | ec2-44-212-18-9.compute-1.amazonaws.com | - | Medium
|
||||
75 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
|
||||
76 | [45.32.124.182](https://vuldb.com/?ip.45.32.124.182) | 45.32.124.182.vultrusercontent.com | - | High
|
||||
77 | [45.33.119.19](https://vuldb.com/?ip.45.33.119.19) | li1056-19.members.linode.com | - | High
|
||||
78 | [45.56.165.17](https://vuldb.com/?ip.45.56.165.17) | nordns.crowncloud.net | - | High
|
||||
79 | [45.61.136.152](https://vuldb.com/?ip.45.61.136.152) | - | - | High
|
||||
80 | [45.66.249.118](https://vuldb.com/?ip.45.66.249.118) | 7r277nw66g.shybeaveronline.com | - | High
|
||||
81 | [45.76.181.107](https://vuldb.com/?ip.45.76.181.107) | 45.76.181.107.vultrusercontent.com | - | High
|
||||
82 | [45.77.198.117](https://vuldb.com/?ip.45.77.198.117) | 45.77.198.117.vultrusercontent.com | - | High
|
||||
83 | [45.80.151.49](https://vuldb.com/?ip.45.80.151.49) | - | - | High
|
||||
84 | [45.82.72.227](https://vuldb.com/?ip.45.82.72.227) | - | - | High
|
||||
85 | [45.86.163.228](https://vuldb.com/?ip.45.86.163.228) | - | - | High
|
||||
86 | [45.86.230.64](https://vuldb.com/?ip.45.86.230.64) | srv2.lg-c.net | - | High
|
||||
87 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
|
||||
88 | [45.114.129.150](https://vuldb.com/?ip.45.114.129.150) | hostedby.idfnv.net | - | High
|
||||
89 | [45.125.64.198](https://vuldb.com/?ip.45.125.64.198) | openisa.dealingdeals4us.info | - | High
|
||||
90 | ... | ... | ... | ...
|
||||
|
||||
There are 329 more IOC items available. Please use our online service to access the data.
|
||||
There are 355 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -142,30 +149,31 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/DXR.axd` | Medium
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/goform/aspForm` | High
|
||||
16 | File | `/hocms/classes/Master.php?f=delete_collection` | High
|
||||
17 | File | `/htdocs/cgibin` | High
|
||||
18 | File | `/login/index.php` | High
|
||||
19 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
20 | File | `/ms/cms/content/list.do` | High
|
||||
21 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
22 | File | `/orms/` | Low
|
||||
23 | File | `/plesk-site-preview/` | High
|
||||
24 | File | `/project/PROJECTNAME/reports/` | High
|
||||
25 | File | `/school/model/get_admin_profile.php` | High
|
||||
26 | File | `/student-grading-system/rms.php?page=grade` | High
|
||||
27 | File | `/timeline2.php` | High
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/usr/local/psa/admin/sbin/wrapper` | High
|
||||
30 | File | `/usr/sbin/suexec` | High
|
||||
31 | File | `/videotalk` | Medium
|
||||
32 | File | `/WEB-INF/web.xml` | High
|
||||
33 | File | `/web/MCmsAction.java` | High
|
||||
34 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
35 | ... | ... | ...
|
||||
14 | File | `/en/blog-comment-4` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/goform/aspForm` | High
|
||||
17 | File | `/h/` | Low
|
||||
18 | File | `/hocms/classes/Master.php?f=delete_collection` | High
|
||||
19 | File | `/htdocs/cgibin` | High
|
||||
20 | File | `/login/index.php` | High
|
||||
21 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
22 | File | `/ms/cms/content/list.do` | High
|
||||
23 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
24 | File | `/orms/` | Low
|
||||
25 | File | `/plesk-site-preview/` | High
|
||||
26 | File | `/project/PROJECTNAME/reports/` | High
|
||||
27 | File | `/school/model/get_admin_profile.php` | High
|
||||
28 | File | `/student-grading-system/rms.php?page=grade` | High
|
||||
29 | File | `/timeline2.php` | High
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | File | `/usr/local/psa/admin/sbin/wrapper` | High
|
||||
32 | File | `/usr/sbin/suexec` | High
|
||||
33 | File | `/videotalk` | Medium
|
||||
34 | File | `/WEB-INF/web.xml` | High
|
||||
35 | File | `/web/MCmsAction.java` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 304 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 310 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -175,9 +183,11 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://rhisac.org/threat-intelligence/bianlian-ransomware-expanding-c2-infrastructure-and-operational-tempo/
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a0ca093b2efdccb6a832251c03cab67f70af4d918a2158376f5521017fb65e2b%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a08312fb4d7c732f34cbfe5d7a9f84b6638cf53c4b7a994a39d77de2aeb40e4b%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a4b8d09a8591152f354bf5916dd9a7f54cb3bb1c61252398ccdeaf612a37f2d0%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a8a6dd7f1e20f24c866586b93479cec20c62a92821298973ceeb249e5789a844%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a9f0dba902298a463c27d83b8c539ba267995f5e7ee65e6ac24b0fad9d4b83c4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a6150f19c37c92bfbc6d92db21a83fea6d08116bfeec2e88443603fc9b65aef0%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a6554a45d0225a144e52fd54c91fc3063bf524660eeb028541bf41af1beba1ac%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a27982e0af10780db6224003b8e218125615499d536f297770cf7c6bcf9c8b76%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a681760a71d31230a323648f4b6c5429dcf0c245c9c7a2d7a53aa65005c67a8f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22a7326393f03e54e90918dc7729821ed29ae88b550040641405923a694604f911%22
|
||||
|
@ -187,8 +197,10 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b0eb7b9460f11f2dbe05aa15ca0905e18124384ec1451191e1f956220addb6a5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b07b0aa2108ad7c8c05d3a55bd9f7d7f8e02a90884b8b99eaf54101b83d29a0a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b1d48d3b1e2de4f34c5d0a84b5d615cff0a5ef03c20bd3673a35a67e2889f6c5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b5d3c2c448ce35bf88d563450dc664f92899f3e438f1cbbc4c7dee7c85a49fb9%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b5dd58d8484de4efe0e67ee0e7bde49bf64d729c313c231bbb83f85a9697c228%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b6e8925438d85fa4ce8e8936bbd3cf968a7bb2b07be58b2175d057bf729f2fcd%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b6f81955b79259fe591adc7a3252069b83eabe3e3d19e76a6ddea8fc6d40da10%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b15ef04543738a78c4da894fc64cd5cbca6973a2194550f9a9616d2004950c16%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b39f885726c989e40aa7bcb78fb417d65f3f1b2169c03e030e9eeb5d266a9197%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b58b9ebe1f519edc160ec4f56d5522caa4596230257ec75d82d93b9cfaec0c63%22
|
||||
|
@ -202,7 +214,10 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22bedcfe4814f058c7a61c1bf6d8e44465c624114cb8260e0d8e55282dea5de0c6%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c0be0b8925a769e0d6d7d541a26d380d3e462752c3a4b0a90a230020a2283bcc%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c0ce6a1b2387e7593f84ea25fda98899c79d00e481fb2f3809cbebac820b2999%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c082b56316daa4f945464a5341edbfc777afa094303211e15999083829b6ac28%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c7b44aeaaa1c88d4579d37705661b9c2821a6c65a586205e1eef92b0dca7bf92%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c9cb3353676114a2dd6f4336677a34d369604ac9be7038ce76e0a189e1f4983e%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c22d0427dbb178fc6cfcb87cecdc5bc7641f26fa13fdb08e84364397489cdb9b%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c37cae2ad2e1f96cc5f86bfe8369418d4b7551818f755057996c8e8e8c57e1ed%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c65e53ea76a8af7ec4f704fd953d3901397d213fbb00a0a5815b95b1a4ff62c6%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22c66b5d341d656ef280c1095374c3982ecca1807bc119250be97a527d060a7639%22
|
||||
|
@ -218,8 +233,10 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22cce80bdb9741cc1b5b2f7a0ef7734007e09662cbac94a32487d8c2745ba00d03%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22cd155b015ea2e8d4b4ad255bde80522605cce7dd45e63a553da19eb40f4ba164%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22cd274fe56f25f49fa8b2108e8692611aed1eff06908b1929b13701a7b8121757%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22ce97cd23fb93eb9f406f25fe588758adcc842f7d299ccd14dec1dfa4634aa0c5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d0a1ce295d8cb17121c2d53fc57720071168552b851cb8dcb48d0d8291d19495%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d2e05d4f95be739ccf38400ec3bff07850d45694b409919f7ffeeb2e045ad739%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d12ba4226456edac1c9b5937fb0ea3bdc508d1120e5912d7c9d0eb8ee9cc2d32%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d62e30b1ad3e4a5e6af1f3e0451ee6432c7949b73751d3a456be5b40c13a447e%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d360ecb50280e8747808acda5f0e2bc9f7e29f4b60576af14284ec6aa87f676b%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22dbddfe3e7c9f992b12a776387ec36baef4689c90e76e70c32f5742fca707cf07%22
|
||||
|
@ -229,10 +246,12 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e079e26331ab421908da3c609f1aa97d58b6c030150498c74aace849c9d7aa12%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e1caf0308e9eb8602a988b80c1cc99b11123733769ffe2f970d969a5421e4c31%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e2e7399fae3b50cfb2d9f2055430ef5a10ff15f8f05e5b090615af121fef0454%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e5b3c9488f8014de65315d11f82217fa31cae4db8510d2db9cf078cf73d6a7e7%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e9ee059af7f17eb82141660167684b7b3e4a4513996fa9b27d918c13b78a4def%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e9fe9545a439564a7c1052eb0e572b8b41609b0f0d96238cff2b8ff567612836%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e51ba208f09bc6e4626291120c559fd76abf1acca7be95a3b9317585f46b1176%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e68b22310a3b37aa797514afcc489366347af5666d9afe3d83b770693173fc2f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e3298af9fe892648035a035d22de962ffaa2abe523cf3c0b0318a4317752c857%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e4357b9507e9ddd2dd566551d30a8d495fea13c42a8df96ce2584eb5cde36dbb%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e8171da4f1059e0b1e48d8ec788a975159f28a0bdc27b4cdba014fb55aa6f236%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22e8751ab788f4ff73d0facc30a0b2ec5ea37a18fce1b1aa38f8eadcec19745a5e%22
|
||||
|
@ -247,9 +266,11 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f23ed6427518eefd9997a0b609323388fba9333491c39e1d43f8d3229545dcf7%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f57b2b95a950bd6302f60f750df5f7d90b7f8183db725a4889d510e20bf1fbac%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f88fcd9cdebfb4c3ba3d8e3f2bab9fdc9fff545a2cb508808c6cc1c4de8c9c60%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f712b515820652c318efaf8c5fa3e0e2af9b38068fee609ac51677ac82d824e4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f782f3796a8573c91e048ea6ab8ee035f8dace14d0c304b7595ef86258df3fd2%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22f5774387001af3aaf2ee4f23b1e9049f444b24fb6af06978ce0f3282cda2e133%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fa1c8a1f4b99f38d747883b80c46b8e523f55e11e1020e481d5007b8e22c16d9%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fb3e3847d4f2a20cd56b2e3ac03d24aa126e05115822d15bd7e72fb9a564be6d%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fb6815abaf3d9260cd76d0b9119c88e69ae4b66804c8d357c1662b4b6f11f439%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fdbfb2e037b1276e0a70cae3fb21ff4f8052df57117967e0af038d5999f8ae9a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fdffacdd96db3eb4c84ea257e4ecdfd2c18ccf184804e78315545be0026314b7%22
|
||||
|
@ -264,16 +285,22 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221ebe4f6c1b7578cfae6d609d2dc69913cb0ca7fade5c6ae3d4f116e145f50f4d%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221edc93cfb7498f3bd6827783eb2c464c0d58dfab47964f3d9412f9baf828f68f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221efe88adbb16d17952851e961e3a1937735bd63faf208fe7fa1efcfaa0180222%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221f45a7a12cc9bdd9712584e317a3d1f765f87af196682600728350bf86898f8e%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221f168a4d8532e3222ce7b947eb6acb66f1ca41917e95bf19a1e6086896c43c46%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%222d02e5aa8065bca63541458fc190780583486548b3f1beae1c623ac915efc5a0%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%222d2f08e2a84aa19e48a6ae61e0b8dad491e5d0ec5a86c27c582927026061178a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223b41807b1368cefedf5c70842a73166497bc95121dad4b3ff2a93555420cc656%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223caffa7444082a5a57c5be7072fe249cc6d3ff54d3ed97921dcda91e9fd9d7e3%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224a943035ece09785d49f4ed52e49faf12c3559fec100e3937f009d7f585854df%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224a5267702429ff9be90c1551a33984297ef388f440de12b60c1c90a959490309%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224b48b862c654b5ea4ed623522704b945ce28e222feb6738bf95f9513617eb203%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224cf314b141acb1f2cf2a4a88d39e1d6aa7c8bda40fb44edf5c33850416bea988%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224da0d71509226e8aed9a04e389b2a78fedd527469c1c429c634ab821d9b8ec65%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225b36c58791e18728d53b05f27abc88b93724c4ce08c3f62c749c5e563da82a14%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225c4b8f572f297bb98b1d2e47075aec68b3b9da1fb76606e07d8176edbe1338c8%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225d5ff125ad48581ab86d75669d2ca79c1e02de1be746508c5cdcf767fd6b1eb0%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225ea2161f353b71cc360d245cfdeaafa1cac41d672d0035780aa42cac6da6c5dd%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225eb8ad1c658feb35f33ca16ec02391f23dc44c0f7be5fcd424b1f8eeef424b5a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a80cb5adacc61a445d3b1962a79ed40adb62e4eaddebea7131ddbc2bfebf108%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a93688d69aeab73fb28239f0b7ccb8b15ef876d6b134c379ae36a2526d29d83%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a165551d34f38fd44b9fb1949685d14cc36220c99e0e6b05db8907229f7182d%22
|
||||
|
@ -299,21 +326,29 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229ae1a707bdb87aa40ec1139533ee543b5bcdf6ce89f7b9c560520d5868e5353e%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229c71fdb3c7ac17591c355ba028b6a86f243246fac32eb07af552199037c2faf2%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229ccaaf6ad700e922565d1947ac46839e4a8c8a18af7a94605f4ebfcbb916b4f4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229e0669706895d46f35764c53f31a85889132bbe9fe1794945d12794dfb0532b5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229e470e79949459e89b8fb0a496c6d21614c54148e7b5bf0d311f55ae225b8b5b%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229f280c1d40c86e88f341db63b3a55cae35bdfcf345744a9006aa0410ca9a3bd2%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2206fc02e9726474160349c6e7e545bf03d18ada8f74a3fa1159f9fb25a48e5b74%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2207deb33f61bd7d79b0217dbeff588f3f08f262da0432ac97430a582b6ed2f364%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2208a8e1e3cb2491c12bd0e1d5dd63d67948c286ea89b6683ad8333b312edc80b5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2209ae17b8d2b01e133acca4ada71af97af40c215071d27a8b6fd1115876baecc4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2210a89450a5e9101d0a34a222fe35f37f56d8ce9714db8622d3cdb6a9a8939cc5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2213fec9dcab49872fcfa8dc703a7baca213497abb1b5a2f8862be0aa1a9e93c83%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2214c9b49486497c56292f24e25801ed4f76998d4798ca51d801a666b0e2a397d6%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2216f6b23467f25774cecf38e7732ff15ed1c8c4fad3d22803145b8881d99dd8ee%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2217ccb41be152e06d81028fa8db241befbedc1f6abe2859381764efa1572eb756%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2218f3618dfd6257ef264e2b046d2acededb423e7558b0f3b405b9366953b74f8d%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2220cb8ebe1f1cc16e7650f45c75b3ca0e9d6308998bb58ac3f3fbb1c501f1a0dc%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2222e86fc171d87ccc9c172c719af38245ef9bf8161b54f60ca274e01891a94c08%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2225abb180e92da37e426fc8f49970596a5fb1d989a4475a2c8c95d95edcbed5e4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2227b04ac57339ca7542a1c1a9ebd0cc84a4cb13f5add52da4a563e7a12d23b105%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2227b262ee97133072dff8ecef3062eeb69d658f0f240d618b6a7f0d5d7cbed34f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2228f6d72bb14e1db565dd560d261adac5f4e82559d7a0f6103f27be82e36a219c%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2233b6af004f0cd8ab4a9976dba81ca09d682d3531eda5b889a4c6f5debaeaf8f8%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2235cde68303f6694d9b3947bd945ee98dd088c98199381fd5b52778513dd283b8%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2250c04f351427fa98e7e798473358918229e8cbdca9d273a8ded4de2dc1d34f2d%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2253cf2866db1951850ca80b982e179991835366e9fdcdf390cb5c62accfec3850%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2256a81b6bd6f430fe13065283fc4d0024ccb6ca71253692dd00c04b803d49665a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2257e048e6ef05549d71e3bdcb969d80a9167e7631438e3bf4d259395f286f887f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2262df3eb31b15ce349607fac96133903f7d79217711b41765930bcfbc35e2e254%22
|
||||
|
@ -327,6 +362,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2280b4844cfce9fcfaaa849478a079e757eff4c268a26c6895c2a1dd4099fcd5d4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2284dd10727e6b29b3278e3f64dbbab293711957835f23cc755b3226b58ec5ef51%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2296af81d660c79e3f90f94b28c419a86b89071aa6c17648e95bcb961460d24152%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2296b9e7d6181d332d6cbf5dc573a2883328ff9b092faadc94be0dd753c2b0e337%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2296cce5f34ad1dac4100822fa1f8e4ed96d06a9aa08f98ded27891eeec656d4f7%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2298af871908ffc7c141802d96f585def4a160491c875118ef88c545ce04194cd8%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2299b3f3b85d0fc68918abbde16579009b2ebae3300d633fd0ed81d96ba98a38d8%22
|
||||
|
@ -343,6 +379,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22520e684445f6257e1aeb5f74ceee23789d75517270876b92dd2860705aec037c%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22532a3c38c20c60a3c64f548ad9bd3807e0585f70c78db495c0983fae44da056e%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22674a2fef172685c51fda91aba205c20fb95e0c63fa4f0ecb598fb6213775ede5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22723c18cc60cbfd6430123a2c5326ac021826f9b750f43159628fe4a0df882537%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22727f93738823de234b1ade5e45d5e5de82c86ce5baa7e52bbb4f9ef7a5e352d0%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22795d565f61de6456820bf2df946764ceb251073b7f46113275a0fe2d0030f3d4%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22800f5e4b53f4eb3cec54b39687bdb55f56f39c636c1ee51547dea1122e6aee1d%22
|
||||
|
@ -354,10 +391,12 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220267c808cbe3071af19aab7a23a4e625a8bdd921fd92e1d65cbd9bb97551f806%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220300c2545a5b5aa0f2d13f9e2819f4563db00831e6c660ebc91abc285c00d49a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220549e6274ad01e9b42e34b570f051da9c9b1bd92236a7adedd592c1756ea0910%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220707e03d90e4138be59a2d3779566d5aa07ee8e7846b14bf73ba89a5bdaeb66f%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%222016d102393229720048514df99f31e821a384a54cd9a798438b391cf64c50e8%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%222135c35a4e33fd6c4b9d1d0adc13b6596904839d59d7d748a4f29c2bda2db82a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%222500e2a73d5d43830685d230b0f03d8de5235a9417e51fe5679657f4e96327b5%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223130cf99bca84e6a6c2ce0b2dc7732af1b856fa3473560da0e965795e41cdb36%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223202a6af54e02d88858b8ab87adca351db9eb05f3368a7bf928bc5f5fa4715e7%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223264f4065c115bbebd21e49f375bda46a7157fda6e51ed6a4e82b3cc6c1c5749%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%223894fa1237b19f6173003ffcb010e6ea426fa974914b70c104be17c9122cb240%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224779babbd7d7db7fc16ae9bf3eb01051e71bc25906c0721d57cac33220435d87%22
|
||||
|
@ -369,6 +408,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%228108be22dfee1edc49d5b9bc71fb32ef527108974221005e0e5ea1782eec0b75%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%228401e0832c27e16c0785e88c38134a87de66f197dfbddc9c224142f34676892a%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229137e3566c17a08b37c85fd4ea64d5f2d45e54390b82dc326ab4f2544cb96d06%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%229280bdf16dde768c7e0ab2015ea987ac7c8e853c6df18f39eeec502812c476b6%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2201031e2c5206b868aef93bfc97e7f336daaf90f54518e95bcc5c81806a53a536%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2212414ffbbb9d89905eccbb3529cbeec829e492e21f7f8ccce902eebb05061e59%22
|
||||
* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2220743d0b9dbb07cafe875ba9ed1642b630c421c4956b20f3fb7a127b39350b9f%22
|
||||
|
|
|
@ -10,6 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [TH](https://vuldb.com/?country.th)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -17,9 +18,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [116.193.155.38](https://vuldb.com/?ip.116.193.155.38) | - | - | High
|
||||
2 | [137.220.176.165](https://vuldb.com/?ip.137.220.176.165) | - | - | High
|
||||
3 | [196.44.49.154](https://vuldb.com/?ip.196.44.49.154) | - | - | High
|
||||
1 | [0.0.0.0](https://vuldb.com/?ip.0.0.0.0) | - | - | High
|
||||
2 | [61.90.202.197](https://vuldb.com/?ip.61.90.202.197) | 61-90-202-197.static.asianet.co.th | - | High
|
||||
3 | [61.90.202.198](https://vuldb.com/?ip.61.90.202.198) | 61-90-202-198.static.asianet.co.th | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -32,7 +36,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -40,15 +44,19 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `restore.php` | Medium
|
||||
2 | Library | `system/libraries/Email.php` | High
|
||||
3 | Argument | `email->from` | Medium
|
||||
1 | File | `browse_group.asp` | High
|
||||
2 | File | `data/gbconfiguration.dat` | High
|
||||
3 | File | `restore.php` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 8 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://1275.ru/ioc/368/bisonal-malware-iocs/
|
||||
* https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html?m=1
|
||||
* https://www.threatminer.org/report.php?q=BisonalMalwareUsedinAttacksAgainstRussiaandSouthKorea-PaloAltoNetworksBlog.pdf&y=2018
|
||||
|
||||
## Literature
|
||||
|
|
|
@ -1,54 +1,66 @@
|
|||
# Bistromath - Cyber Threat Intelligence
|
||||
# BistroMath - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Bistromath](https://vuldb.com/?actor.bistromath). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [BistroMath](https://vuldb.com/?actor.bistromath). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.bistromath](https://vuldb.com/?actor.bistromath)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bistromath:
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BistroMath:
|
||||
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Bistromath.
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of BistroMath.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [159.100.250.231](https://vuldb.com/?ip.159.100.250.231) | - | - | High
|
||||
1 | [159.0.0.0](https://vuldb.com/?ip.159.0.0.0) | - | - | High
|
||||
2 | [159.100.0.0](https://vuldb.com/?ip.159.100.0.0) | - | - | High
|
||||
3 | [159.100.245.0](https://vuldb.com/?ip.159.100.245.0) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Bistromath_. This data is unique as it uses our predictive model for actor profiling.
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _BistroMath_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1202 | CWE-78 | Command Injection | High
|
||||
3 | T1505 | CWE-89 | SQL Injection | High
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Bistromath. This data is unique as it uses our predictive model for actor profiling.
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by BistroMath. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/app/register.php` | High
|
||||
2 | File | `admin/login.asp` | High
|
||||
3 | File | `cat.php` | Low
|
||||
4 | ... | ... | ...
|
||||
2 | File | `/etc/cron.d/` | Medium
|
||||
3 | File | `/rom-0` | Low
|
||||
4 | File | `/uncpath/` | Medium
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 6 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 34 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://www.cisa.gov/uscert/ncas/analysis-reports/ar20-045a
|
||||
* https://www.us-cert.gov/ncas/analysis-reports/ar20-045a
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -95,7 +95,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
72 | [41.102.8.156](https://vuldb.com/?ip.41.102.8.156) | - | - | High
|
||||
73 | ... | ... | ... | ...
|
||||
|
||||
There are 288 more IOC items available. Please use our online service to access the data.
|
||||
There are 290 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -104,13 +104,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -127,59 +127,56 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/apply.cgi` | Medium
|
||||
10 | File | `/api/baskets/{name}` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/cimom` | Low
|
||||
15 | File | `/classes/master.php?f=delete_order` | High
|
||||
16 | File | `/College/admin/teacher.php` | High
|
||||
17 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
18 | File | `/dcim/rack-roles/` | High
|
||||
19 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
20 | File | `/DXR.axd` | Medium
|
||||
21 | File | `/feeds/post/publish` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
24 | File | `/fos/admin/index.php?page=menu` | High
|
||||
25 | File | `/goform/aspForm` | High
|
||||
26 | File | `/home/masterConsole` | High
|
||||
27 | File | `/home/sendBroadcast` | High
|
||||
28 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
29 | File | `/inc/topBarNav.php` | High
|
||||
30 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
31 | File | `/index.php?page=category_list` | High
|
||||
19 | File | `/DXR.axd` | Medium
|
||||
20 | File | `/feeds/post/publish` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/aspForm` | High
|
||||
23 | File | `/h/` | Low
|
||||
24 | File | `/home/masterConsole` | High
|
||||
25 | File | `/home/sendBroadcast` | High
|
||||
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
27 | File | `/inc/topBarNav.php` | High
|
||||
28 | File | `/index.php` | Medium
|
||||
29 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
30 | File | `/index.php?page=category_list` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/kelas/data` | Medium
|
||||
33 | File | `/Moosikay/order.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/opac/Actions.php?a=login` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
33 | File | `/librarian/bookdetails.php` | High
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/opac/Actions.php?a=login` | High
|
||||
37 | File | `/owa/auth/logon.aspx` | High
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/PreviewHandler.ashx` | High
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/student/bookdetails.php` | High
|
||||
43 | File | `/uncpath/` | Medium
|
||||
44 | File | `/user/updatePwd` | High
|
||||
45 | File | `/webman/info.cgi` | High
|
||||
46 | File | `/wireless/security.asp` | High
|
||||
47 | File | `/wp-admin/admin-ajax.php` | High
|
||||
48 | File | `/zm/index.php` | High
|
||||
49 | File | `01article.php` | High
|
||||
50 | File | `a-forms.php` | Medium
|
||||
51 | File | `acloudCosAction.php.SQL` | High
|
||||
52 | File | `activenews_view.asp` | High
|
||||
53 | File | `ActiveServices.java` | High
|
||||
54 | File | `adclick.php` | Medium
|
||||
55 | File | `add_product.php` | High
|
||||
44 | File | `/uploads/exam_question/` | High
|
||||
45 | File | `/user/profile` | High
|
||||
46 | File | `/user/updatePwd` | High
|
||||
47 | File | `/var/lib/docker/<remapping>` | High
|
||||
48 | File | `/wireless/security.asp` | High
|
||||
49 | File | `/wp-admin/admin-ajax.php` | High
|
||||
50 | File | `/zm/index.php` | High
|
||||
51 | File | `a-forms.php` | Medium
|
||||
52 | File | `acloudCosAction.php.SQL` | High
|
||||
53 | File | `activenews_view.asp` | High
|
||||
54 | File | `ActiveServices.java` | High
|
||||
55 | File | `adclick.php` | Medium
|
||||
56 | File | `admin.a6mambocredits.php` | High
|
||||
57 | File | `admin.cropcanvas.php` | High
|
||||
58 | File | `admin.jcomments.php` | High
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | ... | ... | ...
|
||||
57 | ... | ... | ...
|
||||
|
||||
There are 526 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 496 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [TR](https://vuldb.com/?country.tr)
|
||||
* ...
|
||||
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -54,34 +54,35 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin.php/news/admin/topic/save` | High
|
||||
4 | File | `/admin/comn/service/update.json` | High
|
||||
5 | File | `/admin/moduleinterface.php` | High
|
||||
6 | File | `/dev/shm` | Medium
|
||||
7 | File | `/dl/dl_print.php` | High
|
||||
8 | File | `/etc/gsissh/sshd_config` | High
|
||||
9 | File | `/forms/nslookupHandler` | High
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/getcfg.php` | Medium
|
||||
12 | File | `/index.php` | Medium
|
||||
13 | File | `/modules/profile/index.php` | High
|
||||
14 | File | `/news.dtl.php` | High
|
||||
15 | File | `/ofcms/company-c-47` | High
|
||||
16 | File | `/out.php` | Medium
|
||||
17 | File | `/ptms/?page=user` | High
|
||||
18 | File | `/systemrw/` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/upload/file.php` | High
|
||||
21 | File | `/usr/sbin/httpd` | High
|
||||
22 | File | `/util/print.c` | High
|
||||
23 | File | `/web/MCmsAction.java` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
26 | File | `5.2.9\syscrb.exe` | High
|
||||
27 | File | `abc-pcie.c` | Medium
|
||||
28 | File | `accounts/payment_history.php` | High
|
||||
29 | File | `adclick.php` | Medium
|
||||
30 | File | `admin.cgi` | Medium
|
||||
31 | ... | ... | ...
|
||||
6 | File | `/classes/master.php?f=delete_order` | High
|
||||
7 | File | `/dev/shm` | Medium
|
||||
8 | File | `/dl/dl_print.php` | High
|
||||
9 | File | `/etc/gsissh/sshd_config` | High
|
||||
10 | File | `/forms/nslookupHandler` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/getcfg.php` | Medium
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/librarian/bookdetails.php` | High
|
||||
15 | File | `/modules/profile/index.php` | High
|
||||
16 | File | `/news.dtl.php` | High
|
||||
17 | File | `/ofcms/company-c-47` | High
|
||||
18 | File | `/out.php` | Medium
|
||||
19 | File | `/ptms/?page=user` | High
|
||||
20 | File | `/systemrw/` | Medium
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/upload/file.php` | High
|
||||
23 | File | `/usr/sbin/httpd` | High
|
||||
24 | File | `/util/print.c` | High
|
||||
25 | File | `/web/MCmsAction.java` | High
|
||||
26 | File | `/wp-admin/admin-ajax.php` | High
|
||||
27 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
28 | File | `5.2.9\syscrb.exe` | High
|
||||
29 | File | `abc-pcie.c` | Medium
|
||||
30 | File | `accounts/payment_history.php` | High
|
||||
31 | File | `adclick.php` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 266 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -56,55 +56,56 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/?n=logs&c=index&a=dode` | High
|
||||
3 | File | `/admin/index2.html` | High
|
||||
4 | File | `/ajax.php?action=read_msg` | High
|
||||
5 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
6 | File | `/api/gen/clients/{language}` | High
|
||||
7 | File | `/app/options.py` | High
|
||||
8 | File | `/bin/httpd` | Medium
|
||||
9 | File | `/cgi-bin/wapopen` | High
|
||||
10 | File | `/ci_spms/admin/category` | High
|
||||
11 | File | `/ci_spms/admin/search/searching/` | High
|
||||
12 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
13 | File | `/classes/Master.php?f=delete_train` | High
|
||||
14 | File | `/clients/editclient.php` | High
|
||||
15 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
16 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
17 | File | `/core/MY_Security.php` | High
|
||||
18 | File | `/ctcprotocol/Protocol` | High
|
||||
19 | File | `/dashboard/menu-list.php` | High
|
||||
20 | File | `/data/remove` | Medium
|
||||
21 | File | `/ebics-server/ebics.aspx` | High
|
||||
22 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goforms/rlminfo` | High
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/HNAP1/SetClientInfo` | High
|
||||
27 | File | `/installer/upgrade_start` | High
|
||||
28 | File | `/Items/*/RemoteImages/Download` | High
|
||||
29 | File | `/menu.html` | Medium
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/navigate/navigate_download.php` | High
|
||||
32 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
33 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/password.html` | High
|
||||
36 | File | `/PC/WebService.asmx` | High
|
||||
37 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
38 | File | `/property-list/property_view.php` | High
|
||||
39 | File | `/ptms/classes/Users.php` | High
|
||||
40 | File | `/resources//../` | High
|
||||
41 | File | `/rest/api/2/search` | High
|
||||
42 | File | `/s/` | Low
|
||||
43 | File | `/scripts/cpan_config` | High
|
||||
44 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
47 | File | `/sys/dict/queryTableData` | High
|
||||
48 | ... | ... | ...
|
||||
2 | File | `/act/ActDao.xml` | High
|
||||
3 | File | `/admin/?n=logs&c=index&a=dode` | High
|
||||
4 | File | `/admin/index2.html` | High
|
||||
5 | File | `/ajax.php?action=read_msg` | High
|
||||
6 | File | `/ajax/networking/get_netcfg.php` | High
|
||||
7 | File | `/api/baskets/{name}` | High
|
||||
8 | File | `/api/gen/clients/{language}` | High
|
||||
9 | File | `/app/options.py` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/ci_spms/admin/category` | High
|
||||
13 | File | `/ci_spms/admin/search/searching/` | High
|
||||
14 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
15 | File | `/classes/Master.php?f=delete_train` | High
|
||||
16 | File | `/clients/editclient.php` | High
|
||||
17 | File | `/concat?/%2557EB-INF/web.xml` | High
|
||||
18 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
19 | File | `/core/MY_Security.php` | High
|
||||
20 | File | `/ctcprotocol/Protocol` | High
|
||||
21 | File | `/dashboard/menu-list.php` | High
|
||||
22 | File | `/data/remove` | Medium
|
||||
23 | File | `/ebics-server/ebics.aspx` | High
|
||||
24 | File | `/ffos/classes/Master.php?f=save_category` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/goforms/rlminfo` | High
|
||||
27 | File | `/HNAP1` | Low
|
||||
28 | File | `/HNAP1/SetClientInfo` | High
|
||||
29 | File | `/installer/upgrade_start` | High
|
||||
30 | File | `/Items/*/RemoteImages/Download` | High
|
||||
31 | File | `/menu.html` | Medium
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/navigate/navigate_download.php` | High
|
||||
34 | File | `/ocwbs/admin/?page=user/manage_user` | High
|
||||
35 | File | `/ofrs/admin/?page=user/manage_user` | High
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/password.html` | High
|
||||
38 | File | `/PC/WebService.asmx` | High
|
||||
39 | File | `/php_action/fetchSelectedUser.php` | High
|
||||
40 | File | `/property-list/property_view.php` | High
|
||||
41 | File | `/ptms/classes/Users.php` | High
|
||||
42 | File | `/resources//../` | High
|
||||
43 | File | `/rest/api/2/search` | High
|
||||
44 | File | `/s/` | Low
|
||||
45 | File | `/scripts/cpan_config` | High
|
||||
46 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
47 | File | `/spip.php` | Medium
|
||||
48 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 413 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 423 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -81,23 +81,23 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/ConsoleHelp/` | High
|
||||
12 | File | `/etc/sudoers` | Medium
|
||||
13 | File | `/export` | Low
|
||||
14 | File | `/horde/imp/search.php` | High
|
||||
15 | File | `/index.php` | Medium
|
||||
16 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
17 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
18 | File | `/login` | Low
|
||||
19 | File | `/messageboard/view.php` | High
|
||||
20 | File | `/modules/projects/vw_files.php` | High
|
||||
21 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
22 | File | `/opensis/modules/users/Staff.php` | High
|
||||
23 | File | `/plesk-site-preview/` | High
|
||||
24 | File | `/proc/self/environ` | High
|
||||
25 | File | `/rest/api/2/user/picker` | High
|
||||
26 | File | `/s/` | Low
|
||||
27 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
28 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
29 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
30 | File | `/services` | Medium
|
||||
14 | File | `/home/filter_listings` | High
|
||||
15 | File | `/horde/imp/search.php` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
17 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
18 | File | `/LEPTON_stable_2.2.2/upload/admins/media/index.php` | High
|
||||
19 | File | `/login` | Low
|
||||
20 | File | `/messageboard/view.php` | High
|
||||
21 | File | `/modules/projects/vw_files.php` | High
|
||||
22 | File | `/opensis/modules/grades/InputFinalGrades.php` | High
|
||||
23 | File | `/opensis/modules/users/Staff.php` | High
|
||||
24 | File | `/plesk-site-preview/` | High
|
||||
25 | File | `/proc/self/environ` | High
|
||||
26 | File | `/rest/api/2/user/picker` | High
|
||||
27 | File | `/s/` | Low
|
||||
28 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
|
||||
29 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
30 | File | `/sendrcpackage?keyid=-2544&keysymbol=-4081` | High
|
||||
31 | File | `/system?action=ServiceAdmin` | High
|
||||
32 | File | `/var/WEB-GUI/cgi-bin/downloadfile.cgi` | High
|
||||
33 | File | `/vicidial/user_stats.php` | High
|
||||
|
@ -106,32 +106,32 @@ ID | Type | Indicator | Confidence
|
|||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `addsuppliers.php` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
40 | File | `admin.remository.php` | High
|
||||
41 | File | `admin/admin_users.php` | High
|
||||
42 | File | `admin/login.php` | High
|
||||
43 | File | `admin/upload.php` | High
|
||||
44 | File | `administers` | Medium
|
||||
45 | File | `Administrator_list.php` | High
|
||||
46 | File | `advancedsetup_websiteblocking.html` | High
|
||||
47 | File | `affich.php` | Medium
|
||||
48 | File | `ajax_mail_autoreply.php` | High
|
||||
49 | File | `ajax_save_name.php` | High
|
||||
50 | File | `album_portal.php` | High
|
||||
51 | File | `allocator.cc` | Medium
|
||||
52 | File | `announcements.php` | High
|
||||
53 | File | `ap1.com` | Low
|
||||
54 | File | `apache2/modsecurity.c` | High
|
||||
55 | File | `api_jsonrpc.php` | High
|
||||
56 | File | `app/admin/controller/Ajax.php` | High
|
||||
57 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
|
||||
58 | File | `application.php` | High
|
||||
59 | File | `apply.cgi` | Medium
|
||||
60 | File | `asp:.jpg` | Medium
|
||||
61 | File | `authfiles/login.asp` | High
|
||||
39 | File | `admin.remository.php` | High
|
||||
40 | File | `admin/admin_users.php` | High
|
||||
41 | File | `admin/login.php` | High
|
||||
42 | File | `admin/upload.php` | High
|
||||
43 | File | `administers` | Medium
|
||||
44 | File | `Administrator_list.php` | High
|
||||
45 | File | `advancedsetup_websiteblocking.html` | High
|
||||
46 | File | `affich.php` | Medium
|
||||
47 | File | `ajax_mail_autoreply.php` | High
|
||||
48 | File | `ajax_save_name.php` | High
|
||||
49 | File | `album_portal.php` | High
|
||||
50 | File | `allocator.cc` | Medium
|
||||
51 | File | `announcements.php` | High
|
||||
52 | File | `ap1.com` | Low
|
||||
53 | File | `apache2/modsecurity.c` | High
|
||||
54 | File | `api_jsonrpc.php` | High
|
||||
55 | File | `app/admin/controller/Ajax.php` | High
|
||||
56 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
|
||||
57 | File | `application.php` | High
|
||||
58 | File | `apply.cgi` | Medium
|
||||
59 | File | `asp:.jpg` | Medium
|
||||
60 | File | `authfiles/login.asp` | High
|
||||
61 | File | `bb_usage_stats.php` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 547 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 538 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [IR](https://vuldb.com/?country.ir)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -31,7 +31,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-36 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
|
@ -47,11 +47,11 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.authlie` | Medium
|
||||
2 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
3 | File | `/admin/ajax.php?action=delete_user` | High
|
||||
4 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
5 | File | `/admin/ajax.php?action=save_queue` | High
|
||||
6 | File | `/admin/article_category.php` | High
|
||||
2 | File | `.github/workflows/comment.yml` | High
|
||||
3 | File | `/?r=recruit/resume/edit&op=status` | High
|
||||
4 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
5 | File | `/admin/addproduct.php` | High
|
||||
6 | File | `/admin/ajax.php?action=save_queue` | High
|
||||
7 | File | `/admin/bookings/manage_booking.php` | High
|
||||
8 | File | `/admin/bookings/view_booking.php` | High
|
||||
9 | File | `/admin/budget/manage_budget.php` | High
|
||||
|
@ -60,42 +60,59 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
13 | File | `/admin/deduction_row.php` | High
|
||||
14 | File | `/admin/departments/view_department.php` | High
|
||||
15 | File | `/admin/edit_subject.php` | High
|
||||
16 | File | `/admin/employee_row.php` | High
|
||||
17 | File | `/admin/index.php` | High
|
||||
18 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
19 | File | `/admin/login.php` | High
|
||||
20 | File | `/admin/maintenance/manage_category.php` | High
|
||||
21 | File | `/admin/maintenance/view_designation.php` | High
|
||||
22 | File | `/admin/manage_user.php` | High
|
||||
23 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
24 | File | `/admin/offenses/view_details.php` | High
|
||||
25 | File | `/admin/orders/update_status.php` | High
|
||||
26 | File | `/admin/products/manage_product.php` | High
|
||||
27 | File | `/admin/products/view_product.php` | High
|
||||
28 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
29 | File | `/admin/report/index.php` | High
|
||||
30 | File | `/admin/service.php` | High
|
||||
31 | File | `/admin/services/manage_service.php` | High
|
||||
32 | File | `/admin/services/view_service.php` | High
|
||||
33 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
34 | File | `/admin/user/manage_user.php` | High
|
||||
35 | File | `/admin/userprofile.php` | High
|
||||
36 | File | `/api/stl/actions/search` | High
|
||||
37 | File | `/apply.cgi` | Medium
|
||||
38 | File | `/bsms_ci/index.php/book` | High
|
||||
39 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
40 | File | `/cgi-bin/ping.cgi` | High
|
||||
41 | File | `/classes/Login.php` | High
|
||||
42 | File | `/classes/Master.php` | High
|
||||
43 | File | `/classes/Master.php?f=delete_brand` | High
|
||||
44 | File | `/classes/Master.php?f=delete_category` | High
|
||||
45 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
46 | File | `/classes/Master.php?f=delete_item` | High
|
||||
47 | File | `/classes/Master.php?f=delete_service` | High
|
||||
48 | ... | ... | ...
|
||||
15 | File | `/admin/edit_product.php` | High
|
||||
16 | File | `/admin/edit_subject.php` | High
|
||||
17 | File | `/admin/employee_row.php` | High
|
||||
18 | File | `/admin/index.php` | High
|
||||
19 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
20 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
21 | File | `/admin/login.php` | High
|
||||
22 | File | `/admin/maintenance/manage_category.php` | High
|
||||
23 | File | `/admin/maintenance/view_designation.php` | High
|
||||
24 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||||
25 | File | `/admin/modal_add_product.php` | High
|
||||
26 | File | `/admin/offenses/view_details.php` | High
|
||||
27 | File | `/admin/orders/update_status.php` | High
|
||||
28 | File | `/admin/products/manage_product.php` | High
|
||||
29 | File | `/admin/products/view_product.php` | High
|
||||
30 | File | `/admin/project/update/2` | High
|
||||
31 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
32 | File | `/admin/reg.php` | High
|
||||
33 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
34 | File | `/admin/report/index.php` | High
|
||||
35 | File | `/admin/service.php` | High
|
||||
36 | File | `/admin/services/manage_service.php` | High
|
||||
37 | File | `/admin/services/view_service.php` | High
|
||||
38 | File | `/admin/service_requests/manage_inventory.php` | High
|
||||
39 | File | `/admin/sys_sql_query.php` | High
|
||||
40 | File | `/admin/test_status.php` | High
|
||||
41 | File | `/admin/upload.php` | High
|
||||
42 | File | `/admin/user/manage_user.php` | High
|
||||
43 | File | `/admin/userprofile.php` | High
|
||||
44 | File | `/admin/vote_edit.php` | High
|
||||
45 | File | `/api/stl/actions/search` | High
|
||||
46 | File | `/apply.cgi` | Medium
|
||||
47 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
48 | File | `/author_posts.php` | High
|
||||
49 | File | `/blog` | Low
|
||||
50 | File | `/blog-single.php` | High
|
||||
51 | File | `/booking/show_bookings/` | High
|
||||
52 | File | `/browse` | Low
|
||||
53 | File | `/bsms_ci/index.php/book` | High
|
||||
54 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
55 | File | `/cgi-bin/ping.cgi` | High
|
||||
56 | File | `/chaincity/user/ticket/create` | High
|
||||
57 | File | `/changeimage.php` | High
|
||||
58 | File | `/classes/Login.php` | High
|
||||
59 | File | `/classes/Master.php` | High
|
||||
60 | File | `/classes/Master.php?f=delete_category` | High
|
||||
61 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
62 | File | `/classes/Master.php?f=delete_item` | High
|
||||
63 | File | `/classes/Master.php?f=delete_service` | High
|
||||
64 | File | `/classes/Master.php?f=delete_sub_category` | High
|
||||
65 | ... | ... | ...
|
||||
|
||||
There are 414 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 573 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,6 +23,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [45.9.148.114](https://vuldb.com/?ip.45.9.148.114) | - | - | High
|
||||
2 | [185.93.6.31](https://vuldb.com/?ip.185.93.6.31) | free.example.com | - | High
|
||||
3 | [185.225.73.244](https://vuldb.com/?ip.185.225.73.244) | - | - | High
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -36,7 +37,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -44,23 +45,25 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/debug/pprof` | Medium
|
||||
2 | File | `/env` | Low
|
||||
3 | File | `/goform/SetNetControlList` | High
|
||||
4 | File | `/server-status` | High
|
||||
5 | File | `addentry.php` | Medium
|
||||
6 | File | `admin/categories_industry.php` | High
|
||||
7 | File | `admin/content/postcategory` | High
|
||||
8 | File | `Adminstrator/Users/Edit/` | High
|
||||
9 | ... | ... | ...
|
||||
1 | File | `/ajax.php?action=read_msg` | High
|
||||
2 | File | `/debug/pprof` | Medium
|
||||
3 | File | `/env` | Low
|
||||
4 | File | `/fos/admin/ajax.php` | High
|
||||
5 | File | `/goform/SetNetControlList` | High
|
||||
6 | File | `/server-status` | High
|
||||
7 | File | `/src/chatbotapp/chatWindow.java` | High
|
||||
8 | File | `addentry.php` | Medium
|
||||
9 | File | `admin/categories_industry.php` | High
|
||||
10 | ... | ... | ...
|
||||
|
||||
There are 64 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 72 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://1275.ru/ioc/196/blackbyte-ransomware-iocs/
|
||||
* https://www.microsoft.com/en-us/security/blog/2023/07/06/the-five-day-job-a-blackbyte-ransomware-intrusion-case-study/
|
||||
* https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-1-in-depth-analysis/
|
||||
|
||||
## Literature
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 11 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -62,39 +62,43 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/admin/edit_subject.php` | High
|
||||
11 | File | `/admin/fst_upload.inc.php` | High
|
||||
12 | File | `/admin/index.php` | High
|
||||
13 | File | `/admin/report/index.php` | High
|
||||
14 | File | `/admin/services/manage_service.php` | High
|
||||
15 | File | `/admin/user/manage_user.php` | High
|
||||
16 | File | `/admin/users/index.php` | High
|
||||
17 | File | `/asms/classes/Master.php?f=delete_service` | High
|
||||
18 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
19 | File | `/classes/Master.php?f=delete_category` | High
|
||||
20 | File | `/classes/Users.php?f=delete_client` | High
|
||||
21 | File | `/clients/listclients.php` | High
|
||||
22 | File | `/clients/profile` | High
|
||||
23 | File | `/cms/category/list` | High
|
||||
24 | File | `/contacts/listcontacts.php` | High
|
||||
25 | File | `/Default/Bd` | Medium
|
||||
26 | File | `/ext/phar/phar_object.c` | High
|
||||
27 | File | `/forum/away.php` | High
|
||||
28 | File | `/fos/admin/index.php?page=menu` | High
|
||||
29 | File | `/goform/AddSysLogRule` | High
|
||||
30 | File | `/goform/SafeEmailFilter` | High
|
||||
31 | File | `/goform/SetIpMacBind` | High
|
||||
32 | File | `/goform/setSnmpInfo` | High
|
||||
33 | File | `/goform/setUplinkInfo` | High
|
||||
34 | File | `/goform/SysToolReboot` | High
|
||||
35 | File | `/goform/WifiBasicSet` | High
|
||||
36 | File | `/graphql` | Medium
|
||||
37 | File | `/home/hjsz/jsonlint/src/lexer` | High
|
||||
38 | File | `/hrm/employeeview.php` | High
|
||||
39 | File | `/hss/?page=categories` | High
|
||||
40 | File | `/hss/admin/brands/manage_brand.php` | High
|
||||
41 | File | `/index.php?module=entities/entities` | High
|
||||
42 | File | `/index.php?module=global_lists/lists` | High
|
||||
43 | ... | ... | ...
|
||||
13 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
14 | File | `/admin/report/index.php` | High
|
||||
15 | File | `/admin/services/manage_service.php` | High
|
||||
16 | File | `/admin/user/manage_user.php` | High
|
||||
17 | File | `/admin/users/index.php` | High
|
||||
18 | File | `/asms/classes/Master.php?f=delete_service` | High
|
||||
19 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
20 | File | `/classes/Master.php?f=delete_category` | High
|
||||
21 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
22 | File | `/classes/Users.php?f=delete_client` | High
|
||||
23 | File | `/clients/listclients.php` | High
|
||||
24 | File | `/clients/profile` | High
|
||||
25 | File | `/cms/category/list` | High
|
||||
26 | File | `/company/store` | High
|
||||
27 | File | `/contacts/listcontacts.php` | High
|
||||
28 | File | `/Default/Bd` | Medium
|
||||
29 | File | `/ext/phar/phar_object.c` | High
|
||||
30 | File | `/forum/away.php` | High
|
||||
31 | File | `/fos/admin/index.php?page=menu` | High
|
||||
32 | File | `/friends` | Medium
|
||||
33 | File | `/goform/AddSysLogRule` | High
|
||||
34 | File | `/goform/SafeEmailFilter` | High
|
||||
35 | File | `/goform/SetIpMacBind` | High
|
||||
36 | File | `/goform/setSnmpInfo` | High
|
||||
37 | File | `/goform/setUplinkInfo` | High
|
||||
38 | File | `/goform/SysToolReboot` | High
|
||||
39 | File | `/goform/WifiBasicSet` | High
|
||||
40 | File | `/graphql` | Medium
|
||||
41 | File | `/home/hjsz/jsonlint/src/lexer` | High
|
||||
42 | File | `/hrm/employeeview.php` | High
|
||||
43 | File | `/hss/?page=categories` | High
|
||||
44 | File | `/hss/admin/brands/manage_brand.php` | High
|
||||
45 | File | `/index.php?module=entities/entities` | High
|
||||
46 | File | `/index.php?module=global_lists/lists` | High
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 376 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 405 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
|
@ -68,29 +68,29 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/attachments` | Medium
|
||||
15 | File | `/bin/ate` | Medium
|
||||
16 | File | `/boat/login.php` | High
|
||||
17 | File | `/bsms_ci/index.php/book` | High
|
||||
18 | File | `/cgi-bin` | Medium
|
||||
19 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
22 | File | `/dashboard/reports/logs/view` | High
|
||||
23 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
24 | File | `/debug/pprof` | Medium
|
||||
25 | File | `/DXR.axd` | Medium
|
||||
26 | File | `/env` | Low
|
||||
27 | File | `/etc/hosts` | Medium
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/goform/setmac` | High
|
||||
30 | File | `/goform/wizard_end` | High
|
||||
31 | File | `/manage-apartment.php` | High
|
||||
32 | File | `/medicines/profile.php` | High
|
||||
33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/owa/auth/logon.aspx` | High
|
||||
36 | File | `/pages/apply_vacancy.php` | High
|
||||
37 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
38 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
39 | File | `/proc/<PID>/mem` | High
|
||||
17 | File | `/booking/show_bookings/` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin` | Medium
|
||||
20 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
21 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
22 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
23 | File | `/dashboard/reports/logs/view` | High
|
||||
24 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
25 | File | `/debug/pprof` | Medium
|
||||
26 | File | `/DXR.axd` | Medium
|
||||
27 | File | `/env` | Low
|
||||
28 | File | `/etc/hosts` | Medium
|
||||
29 | File | `/forum/away.php` | High
|
||||
30 | File | `/goform/setmac` | High
|
||||
31 | File | `/goform/wizard_end` | High
|
||||
32 | File | `/manage-apartment.php` | High
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/owa/auth/logon.aspx` | High
|
||||
37 | File | `/pages/apply_vacancy.php` | High
|
||||
38 | File | `/pet_shop/admin/?page=maintenance/manage_category` | High
|
||||
39 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
|
@ -98,7 +98,7 @@ ID | Type | Indicator | Confidence
|
|||
44 | File | `/uncpath/` | Medium
|
||||
45 | ... | ... | ...
|
||||
|
||||
There are 392 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 393 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,6 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Blackgear Cyberespionage:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -16,12 +18,16 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [61.170.201.107](https://vuldb.com/?ip.61.170.201.107) | 107.201.170.61.broad.xw.sh.dynamic.163data.com.cn | - | High
|
||||
2 | [111.200.189.88](https://vuldb.com/?ip.111.200.189.88) | - | - | High
|
||||
3 | [113.196.70.151](https://vuldb.com/?ip.113.196.70.151) | 113.196.70.151.ll.static.sparqnet.net | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
1 | [11.22.33.44](https://vuldb.com/?ip.11.22.33.44) | - | - | High
|
||||
2 | [11.36.214.134](https://vuldb.com/?ip.11.36.214.134) | - | - | High
|
||||
3 | [11.36.214.181](https://vuldb.com/?ip.11.36.214.181) | - | - | High
|
||||
4 | [23.2.143.41](https://vuldb.com/?ip.23.2.143.41) | a23-2-143-41.deploy.static.akamaitechnologies.com | - | High
|
||||
5 | [23.53.197.99](https://vuldb.com/?ip.23.53.197.99) | a23-53-197-99.deploy.static.akamaitechnologies.com | - | High
|
||||
6 | [45.76.194.59](https://vuldb.com/?ip.45.76.194.59) | 45.76.194.59.vultrusercontent.com | - | High
|
||||
7 | [47.88.18.79](https://vuldb.com/?ip.47.88.18.79) | - | - | High
|
||||
8 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more IOC items available. Please use our online service to access the data.
|
||||
There are 27 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -29,8 +35,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1592 | CWE-200 | Configuration | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
3 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 3 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -38,8 +48,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `svr-auth.c` | Medium
|
||||
2 | Input Value | `%2E` | Low
|
||||
1 | File | `/admin/upload.php` | High
|
||||
2 | File | `admin.php?m=backup&c=backup&a=doback` | High
|
||||
3 | File | `cgi-bin/awstats.pl` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 12 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -51,15 +51,17 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/.flatpak-info` | High
|
||||
3 | File | `/admin/edit.php` | High
|
||||
4 | File | `/admin/googleads.php` | High
|
||||
5 | File | `/admin/renewaldue.php` | High
|
||||
6 | File | `/analysisProject/pagingQueryData` | High
|
||||
7 | File | `/dashboard/add-portfolio.php` | High
|
||||
8 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
9 | File | `/jurusanmatkul/data` | High
|
||||
10 | File | `/login.php` | Medium
|
||||
11 | ... | ... | ...
|
||||
5 | File | `/admin/reg.php` | High
|
||||
6 | File | `/admin/renewaldue.php` | High
|
||||
7 | File | `/analysisProject/pagingQueryData` | High
|
||||
8 | File | `/booking/show_bookings/` | High
|
||||
9 | File | `/cgi-bin/adm.cgi` | High
|
||||
10 | File | `/dashboard/add-portfolio.php` | High
|
||||
11 | File | `/dipam/save-delegates.php` | High
|
||||
12 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 80 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 103 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BlankSlate:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -32,13 +32,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-37 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,40 +47,43 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/?ajax-request=jnews` | High
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/blog/blogcategory/add/?_to_field=id&_popup=1` | High
|
||||
5 | File | `/admin/edit.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
8 | File | `/boat/login.php` | High
|
||||
9 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
10 | File | `/cas/logout` | Medium
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/goform/wizard_end` | High
|
||||
15 | File | `/ims/login.php` | High
|
||||
16 | File | `/mhds/clinic/view_details.php` | High
|
||||
17 | File | `/modules/profile/index.php` | High
|
||||
18 | File | `/out.php` | Medium
|
||||
19 | File | `/php-opos/index.php` | High
|
||||
20 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
21 | File | `/shell` | Low
|
||||
22 | File | `/spip.php` | Medium
|
||||
23 | File | `/tourism/rate_review.php` | High
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/usr/www/ja/mnt_cmd.cgi` | High
|
||||
26 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
27 | File | `/wp-admin/admin-ajax.php` | High
|
||||
28 | File | `action-visitor.php` | High
|
||||
29 | File | `action.php` | Medium
|
||||
30 | File | `adclick.php` | Medium
|
||||
31 | File | `AdHocQuery_Processor.aspx` | High
|
||||
32 | File | `admin.php?action=file&ctrl=download&path=../../1.txt` | High
|
||||
33 | ... | ... | ...
|
||||
2 | File | `/+CSCOE+/logon.html` | High
|
||||
3 | File | `/?ajax-request=jnews` | High
|
||||
4 | File | `/Admin/add-student.php` | High
|
||||
5 | File | `/admin/blog/blogcategory/add/?_to_field=id&_popup=1` | High
|
||||
6 | File | `/admin/categories/manage_category.php` | High
|
||||
7 | File | `/admin/edit.php` | High
|
||||
8 | File | `/admin/edit_product.php` | High
|
||||
9 | File | `/admin/maintenance/view_designation.php` | High
|
||||
10 | File | `/admin/sales/manage_sale.php` | High
|
||||
11 | File | `/api/baskets/{name}` | High
|
||||
12 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
13 | File | `/blog` | Low
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
16 | File | `/cas/logout` | Medium
|
||||
17 | File | `/cgi-bin/jumpto.php?class=user&page=config_save&isphp=1` | High
|
||||
18 | File | `/CPE` | Low
|
||||
19 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/ghost/preview` | High
|
||||
22 | File | `/goform/wizard_end` | High
|
||||
23 | File | `/home/search` | Medium
|
||||
24 | File | `/ims/login.php` | High
|
||||
25 | File | `/mhds/clinic/view_details.php` | High
|
||||
26 | File | `/modules/profile/index.php` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/php-opos/index.php` | High
|
||||
29 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
30 | File | `/shell` | Low
|
||||
31 | File | `/spip.php` | Medium
|
||||
32 | File | `/tourism/rate_review.php` | High
|
||||
33 | File | `/uncpath/` | Medium
|
||||
34 | File | `/vdesk` | Low
|
||||
35 | File | `action-visitor.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 283 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 309 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
There are 2 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bluekeep Exploit:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ID](https://vuldb.com/?country.id)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -40,7 +40,11 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `mongoose.c` | Medium
|
||||
2 | File | `admin/class-bulk-editor-list-table.php` | High
|
||||
3 | File | `mongoose.c` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -46,12 +46,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/x_program_center/jaxrs/invoke` | High
|
||||
2 | File | `awstats.pl` | Medium
|
||||
3 | File | `class.showtime2_image.php` | High
|
||||
1 | File | `/debug/pprof` | Medium
|
||||
2 | File | `/x_program_center/jaxrs/invoke` | High
|
||||
3 | File | `awstats.pl` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 11 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 25 more country items available. Please use our online service to access the data.
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -87,7 +87,7 @@ ID | Type | Indicator | Confidence
|
|||
37 | File | `auth-gss2.c` | Medium
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 327 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 328 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [BR](https://vuldb.com/?country.br)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1790,10 +1790,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-35, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -1801,58 +1802,64 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/APR/login.php` | High
|
||||
9 | File | `/APR/signup.php` | High
|
||||
10 | File | `/cgi-bin/ping.cgi` | High
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
14 | File | `/Electron/download` | High
|
||||
15 | File | `/feeds/post/publish` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
18 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
19 | File | `/licenses` | Medium
|
||||
20 | File | `/mics/j_spring_security_check` | High
|
||||
21 | File | `/mims/login.php` | High
|
||||
22 | File | `/Moosikay/order.php` | High
|
||||
23 | File | `/opac/Actions.php?a=login` | High
|
||||
24 | File | `/php-scrm/login.php` | High
|
||||
25 | File | `/proxy` | Low
|
||||
26 | File | `/public/launchNewWindow.jsp` | High
|
||||
27 | File | `/reservation/add_message.php` | High
|
||||
28 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
29 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
30 | File | `/textpattern/index.php` | High
|
||||
31 | File | `/tmp` | Low
|
||||
32 | File | `/user/updatePwd` | High
|
||||
33 | File | `/v2/customerdb/operator.svc/a` | High
|
||||
34 | File | `/wp-admin/admin-ajax.php` | High
|
||||
35 | File | `a-forms.php` | Medium
|
||||
36 | File | `abook_database.php` | High
|
||||
37 | File | `account/signup.php` | High
|
||||
38 | File | `activenews_view.asp` | High
|
||||
39 | File | `adclick.php` | Medium
|
||||
40 | File | `addentry.php` | Medium
|
||||
41 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
42 | File | `admin-ajax.php` | High
|
||||
43 | File | `admin.a6mambocredits.php` | High
|
||||
44 | File | `admin.cropcanvas.php` | High
|
||||
45 | File | `admin.jcomments.php` | High
|
||||
46 | File | `admin.php` | Medium
|
||||
47 | File | `admin/admin_editor.php` | High
|
||||
48 | File | `admin/asset/grid-proxy` | High
|
||||
49 | File | `admin/auditTrail.jsf` | High
|
||||
50 | ... | ... | ...
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `//WEB-INF` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin/` | Low
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
9 | File | `/admin/sys_sql_query.php` | High
|
||||
10 | File | `/admin/userprofile.php` | High
|
||||
11 | File | `/api/baskets/{name}` | High
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/APR/signup.php` | High
|
||||
14 | File | `/cgi-bin/ping.cgi` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/changeimage.php` | High
|
||||
18 | File | `/company/store` | High
|
||||
19 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
20 | File | `/data/app` | Medium
|
||||
21 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
22 | File | `/Electron/download` | High
|
||||
23 | File | `/feeds/post/publish` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/h/` | Low
|
||||
26 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
27 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
28 | File | `/index.php?page=category_list` | High
|
||||
29 | File | `/jobinfo/` | Medium
|
||||
30 | File | `/licenses` | Medium
|
||||
31 | File | `/mics/j_spring_security_check` | High
|
||||
32 | File | `/mims/login.php` | High
|
||||
33 | File | `/Moosikay/order.php` | High
|
||||
34 | File | `/opac/Actions.php?a=login` | High
|
||||
35 | File | `/preview.php` | Medium
|
||||
36 | File | `/PreviewHandler.ashx` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/recipe-result` | High
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
42 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
43 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
44 | File | `/src/capture.c` | High
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/text/pdf/PdfReader.java` | High
|
||||
47 | File | `/textpattern/index.php` | High
|
||||
48 | File | `/uploads/exam_question/` | High
|
||||
49 | File | `/user/ticket/create` | High
|
||||
50 | File | `/user/updatePwd` | High
|
||||
51 | File | `/v2/customerdb/operator.svc/a` | High
|
||||
52 | File | `/var/lib/docker/<remapping>` | High
|
||||
53 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
54 | File | `/wp-admin/admin-ajax.php` | High
|
||||
55 | File | `a-forms.php` | Medium
|
||||
56 | ... | ... | ...
|
||||
|
||||
There are 433 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 487 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `adm/config_form_update.php` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 16 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -57,23 +57,24 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/apiclient/ember/index.jsp` | High
|
||||
3 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
4 | File | `/etc/sysconfig/tomcat` | High
|
||||
5 | File | `/forum/away.php` | High
|
||||
6 | File | `/getcfg.php` | Medium
|
||||
7 | File | `/goform` | Low
|
||||
8 | File | `/login/index.php` | High
|
||||
9 | File | `/mgmt/tm/util/bash` | High
|
||||
10 | File | `/printers` | Medium
|
||||
11 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
12 | File | `/uncpath/` | Medium
|
||||
13 | File | `/viewer/krpano.html` | High
|
||||
14 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
15 | File | `/_vti_pvt/access.cnf` | High
|
||||
16 | File | `ActionServlet.java` | High
|
||||
17 | File | `adclick.php` | Medium
|
||||
18 | ... | ... | ...
|
||||
4 | File | `/bin/boa` | Medium
|
||||
5 | File | `/cimom` | Low
|
||||
6 | File | `/etc/sysconfig/tomcat` | High
|
||||
7 | File | `/forum/away.php` | High
|
||||
8 | File | `/getcfg.php` | Medium
|
||||
9 | File | `/goform` | Low
|
||||
10 | File | `/login/index.php` | High
|
||||
11 | File | `/mgmt/tm/util/bash` | High
|
||||
12 | File | `/printers` | Medium
|
||||
13 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
14 | File | `/uncpath/` | Medium
|
||||
15 | File | `/viewer/krpano.html` | High
|
||||
16 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
17 | File | `/_vti_pvt/access.cnf` | High
|
||||
18 | File | `ActionServlet.java` | High
|
||||
19 | ... | ... | ...
|
||||
|
||||
There are 145 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 154 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -72,50 +72,49 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/api/file_uploader.php` | High
|
||||
11 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
12 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
|
||||
13 | File | `/default.php?idx=17` | High
|
||||
14 | File | `/dev/shm` | Medium
|
||||
15 | File | `/download` | Medium
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/GponForm/device_Form?script/` | High
|
||||
18 | File | `/login/index.php` | High
|
||||
19 | File | `/mgmt/tm/util/bash` | High
|
||||
20 | File | `/net` | Low
|
||||
21 | File | `/opt/bin/cli` | Medium
|
||||
22 | File | `/p` | Low
|
||||
23 | File | `/patient/doctors.php` | High
|
||||
24 | File | `/phpinventory/editcategory.php` | High
|
||||
25 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
26 | File | `/service/upload` | High
|
||||
27 | File | `/setup/finish` | High
|
||||
28 | File | `/spip.php` | Medium
|
||||
29 | File | `/system-info/health` | High
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | File | `/updown/upload.cgi` | High
|
||||
32 | File | `/user/del.php` | High
|
||||
33 | File | `/viewer/krpano.html` | High
|
||||
34 | File | `/wp-admin/admin-ajax.php` | High
|
||||
35 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
36 | File | `/_next` | Low
|
||||
37 | File | `/_vti_pvt/access.cnf` | High
|
||||
38 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
39 | File | `123flashchat.php` | High
|
||||
40 | File | `act.php` | Low
|
||||
41 | File | `ActionServlet.java` | High
|
||||
42 | File | `adclick.php` | Medium
|
||||
43 | File | `admin.php` | Medium
|
||||
44 | File | `admin/bad.php` | High
|
||||
45 | File | `admin/index.php` | High
|
||||
46 | File | `admin/index.php/user/del/1` | High
|
||||
47 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
48 | File | `admin/loginform.php` | High
|
||||
49 | File | `admin/member/edit.html` | High
|
||||
50 | File | `administrator` | High
|
||||
51 | File | `administrator/index.php` | High
|
||||
52 | File | `administrator/mail/download.cfm` | High
|
||||
53 | File | `AdminUpdateController.class.php` | High
|
||||
54 | ... | ... | ...
|
||||
13 | File | `/bin/boa` | Medium
|
||||
14 | File | `/cimom` | Low
|
||||
15 | File | `/default.php?idx=17` | High
|
||||
16 | File | `/dev/shm` | Medium
|
||||
17 | File | `/download` | Medium
|
||||
18 | File | `/env` | Low
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/GponForm/device_Form?script/` | High
|
||||
21 | File | `/login/index.php` | High
|
||||
22 | File | `/mgmt/tm/util/bash` | High
|
||||
23 | File | `/net` | Low
|
||||
24 | File | `/opt/bin/cli` | Medium
|
||||
25 | File | `/p` | Low
|
||||
26 | File | `/patient/doctors.php` | High
|
||||
27 | File | `/phpinventory/editcategory.php` | High
|
||||
28 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
29 | File | `/service/upload` | High
|
||||
30 | File | `/setup/finish` | High
|
||||
31 | File | `/spip.php` | Medium
|
||||
32 | File | `/uncpath/` | Medium
|
||||
33 | File | `/updown/upload.cgi` | High
|
||||
34 | File | `/user/del.php` | High
|
||||
35 | File | `/viewer/krpano.html` | High
|
||||
36 | File | `/wp-admin/admin-ajax.php` | High
|
||||
37 | File | `/_next` | Low
|
||||
38 | File | `/_vti_pvt/access.cnf` | High
|
||||
39 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
40 | File | `123flashchat.php` | High
|
||||
41 | File | `act.php` | Low
|
||||
42 | File | `ActionServlet.java` | High
|
||||
43 | File | `adclick.php` | Medium
|
||||
44 | File | `admin.php` | Medium
|
||||
45 | File | `admin/bad.php` | High
|
||||
46 | File | `admin/index.php` | High
|
||||
47 | File | `admin/index.php/user/del/1` | High
|
||||
48 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
49 | File | `admin/loginform.php` | High
|
||||
50 | File | `admin/member/edit.html` | High
|
||||
51 | File | `administrator` | High
|
||||
52 | File | `administrator/index.php` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 474 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
There are 28 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -30,35 +30,39 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
7 | [3.221.126.84](https://vuldb.com/?ip.3.221.126.84) | ec2-3-221-126-84.compute-1.amazonaws.com | - | Medium
|
||||
8 | [8.222.133.105](https://vuldb.com/?ip.8.222.133.105) | - | - | High
|
||||
9 | [13.82.141.216](https://vuldb.com/?ip.13.82.141.216) | - | - | High
|
||||
10 | [13.114.48.174](https://vuldb.com/?ip.13.114.48.174) | ec2-13-114-48-174.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
11 | [13.114.78.162](https://vuldb.com/?ip.13.114.78.162) | ec2-13-114-78-162.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
12 | [13.230.243.50](https://vuldb.com/?ip.13.230.243.50) | ec2-13-230-243-50.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
13 | [15.164.245.79](https://vuldb.com/?ip.15.164.245.79) | ec2-15-164-245-79.ap-northeast-2.compute.amazonaws.com | - | Medium
|
||||
14 | [15.206.79.179](https://vuldb.com/?ip.15.206.79.179) | ec2-15-206-79-179.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
15 | [15.206.84.52](https://vuldb.com/?ip.15.206.84.52) | ec2-15-206-84-52.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
16 | [16.16.162.142](https://vuldb.com/?ip.16.16.162.142) | ec2-16-16-162-142.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
17 | [18.130.233.249](https://vuldb.com/?ip.18.130.233.249) | ec2-18-130-233-249.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
18 | [18.133.26.247](https://vuldb.com/?ip.18.133.26.247) | ec2-18-133-26-247.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
19 | [18.134.141.72](https://vuldb.com/?ip.18.134.141.72) | ec2-18-134-141-72.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
20 | [18.163.6.122](https://vuldb.com/?ip.18.163.6.122) | ec2-18-163-6-122.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
21 | [18.176.20.234](https://vuldb.com/?ip.18.176.20.234) | ec2-18-176-20-234.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
22 | [18.176.35.161](https://vuldb.com/?ip.18.176.35.161) | ec2-18-176-35-161.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
23 | [18.177.226.88](https://vuldb.com/?ip.18.177.226.88) | ec2-18-177-226-88.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
24 | [18.178.161.19](https://vuldb.com/?ip.18.178.161.19) | ec2-18-178-161-19.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
25 | [18.178.244.246](https://vuldb.com/?ip.18.178.244.246) | ec2-18-178-244-246.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
26 | [18.182.126.252](https://vuldb.com/?ip.18.182.126.252) | ec2-18-182-126-252.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
27 | [18.188.54.77](https://vuldb.com/?ip.18.188.54.77) | ec2-18-188-54-77.us-east-2.compute.amazonaws.com | - | Medium
|
||||
28 | [18.208.87.99](https://vuldb.com/?ip.18.208.87.99) | ec2-18-208-87-99.compute-1.amazonaws.com | - | Medium
|
||||
29 | [18.217.179.8](https://vuldb.com/?ip.18.217.179.8) | ec2-18-217-179-8.us-east-2.compute.amazonaws.com | - | Medium
|
||||
30 | [18.236.92.31](https://vuldb.com/?ip.18.236.92.31) | ec2-18-236-92-31.us-west-2.compute.amazonaws.com | - | Medium
|
||||
31 | [23.254.167.32](https://vuldb.com/?ip.23.254.167.32) | hwsrv-1075866.hostwindsdns.com | - | High
|
||||
32 | [24.199.89.40](https://vuldb.com/?ip.24.199.89.40) | - | - | High
|
||||
33 | [24.199.118.20](https://vuldb.com/?ip.24.199.118.20) | airy-fuse.autonode.net | - | High
|
||||
34 | [31.42.189.61](https://vuldb.com/?ip.31.42.189.61) | caponystmodo.live | - | High
|
||||
35 | [31.184.198.83](https://vuldb.com/?ip.31.184.198.83) | - | - | High
|
||||
36 | ... | ... | ... | ...
|
||||
10 | [13.112.226.27](https://vuldb.com/?ip.13.112.226.27) | ec2-13-112-226-27.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
11 | [13.114.48.174](https://vuldb.com/?ip.13.114.48.174) | ec2-13-114-48-174.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
12 | [13.114.78.162](https://vuldb.com/?ip.13.114.78.162) | ec2-13-114-78-162.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
13 | [13.230.243.50](https://vuldb.com/?ip.13.230.243.50) | ec2-13-230-243-50.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
14 | [15.164.245.79](https://vuldb.com/?ip.15.164.245.79) | ec2-15-164-245-79.ap-northeast-2.compute.amazonaws.com | - | Medium
|
||||
15 | [15.206.79.179](https://vuldb.com/?ip.15.206.79.179) | ec2-15-206-79-179.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
16 | [15.206.84.52](https://vuldb.com/?ip.15.206.84.52) | ec2-15-206-84-52.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
17 | [16.16.162.142](https://vuldb.com/?ip.16.16.162.142) | ec2-16-16-162-142.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
18 | [18.130.233.249](https://vuldb.com/?ip.18.130.233.249) | ec2-18-130-233-249.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
19 | [18.133.26.247](https://vuldb.com/?ip.18.133.26.247) | ec2-18-133-26-247.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
20 | [18.134.141.72](https://vuldb.com/?ip.18.134.141.72) | ec2-18-134-141-72.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
21 | [18.163.6.122](https://vuldb.com/?ip.18.163.6.122) | ec2-18-163-6-122.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
22 | [18.176.20.234](https://vuldb.com/?ip.18.176.20.234) | ec2-18-176-20-234.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
23 | [18.176.35.161](https://vuldb.com/?ip.18.176.35.161) | ec2-18-176-35-161.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
24 | [18.177.226.88](https://vuldb.com/?ip.18.177.226.88) | ec2-18-177-226-88.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
25 | [18.178.161.19](https://vuldb.com/?ip.18.178.161.19) | ec2-18-178-161-19.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
26 | [18.178.244.246](https://vuldb.com/?ip.18.178.244.246) | ec2-18-178-244-246.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
27 | [18.182.126.252](https://vuldb.com/?ip.18.182.126.252) | ec2-18-182-126-252.ap-northeast-1.compute.amazonaws.com | - | Medium
|
||||
28 | [18.188.54.77](https://vuldb.com/?ip.18.188.54.77) | ec2-18-188-54-77.us-east-2.compute.amazonaws.com | - | Medium
|
||||
29 | [18.193.106.166](https://vuldb.com/?ip.18.193.106.166) | ec2-18-193-106-166.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
30 | [18.208.87.99](https://vuldb.com/?ip.18.208.87.99) | ec2-18-208-87-99.compute-1.amazonaws.com | - | Medium
|
||||
31 | [18.217.179.8](https://vuldb.com/?ip.18.217.179.8) | ec2-18-217-179-8.us-east-2.compute.amazonaws.com | - | Medium
|
||||
32 | [18.236.92.31](https://vuldb.com/?ip.18.236.92.31) | ec2-18-236-92-31.us-west-2.compute.amazonaws.com | - | Medium
|
||||
33 | [23.92.22.235](https://vuldb.com/?ip.23.92.22.235) | 23-92-22-235.ip.linodeusercontent.com | - | High
|
||||
34 | [23.254.167.32](https://vuldb.com/?ip.23.254.167.32) | hwsrv-1075866.hostwindsdns.com | - | High
|
||||
35 | [24.199.89.40](https://vuldb.com/?ip.24.199.89.40) | - | - | High
|
||||
36 | [24.199.114.243](https://vuldb.com/?ip.24.199.114.243) | - | - | High
|
||||
37 | [24.199.118.20](https://vuldb.com/?ip.24.199.118.20) | airy-fuse.autonode.net | - | High
|
||||
38 | [31.42.189.61](https://vuldb.com/?ip.31.42.189.61) | caponystmodo.live | - | High
|
||||
39 | [31.184.198.83](https://vuldb.com/?ip.31.184.198.83) | - | - | High
|
||||
40 | ... | ... | ... | ...
|
||||
|
||||
There are 141 more IOC items available. Please use our online service to access the data.
|
||||
There are 154 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -88,62 +92,61 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/admin/api/admin/articles/` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/userprofile.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
11 | File | `/APR/login.php` | High
|
||||
12 | File | `/bin/httpd` | Medium
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/feeds/post/publish` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/home/masterConsole` | High
|
||||
22 | File | `/home/sendBroadcast` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
26 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
27 | File | `/index.php?page=category_list` | High
|
||||
28 | File | `/jobinfo/` | Medium
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/Moosikay/order.php` | High
|
||||
32 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
33 | File | `/opac/Actions.php?a=login` | High
|
||||
34 | File | `/out.php` | Medium
|
||||
35 | File | `/php-opos/index.php` | High
|
||||
36 | File | `/PreviewHandler.ashx` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/uncpath/` | Medium
|
||||
44 | File | `/uploads/exam_question/` | High
|
||||
45 | File | `/user/updatePwd` | High
|
||||
46 | File | `/var/lib/docker/<remapping>` | High
|
||||
47 | File | `/wireless/security.asp` | High
|
||||
48 | File | `/wp-admin/admin-ajax.php` | High
|
||||
49 | File | `01article.php` | High
|
||||
50 | File | `a-forms.php` | Medium
|
||||
51 | File | `AbstractScheduleJob.java` | High
|
||||
52 | File | `actionphp/download.File.php` | High
|
||||
53 | File | `activenews_view.asp` | High
|
||||
54 | File | `adclick.php` | Medium
|
||||
55 | File | `admin.a6mambocredits.php` | High
|
||||
56 | File | `admin.cropcanvas.php` | High
|
||||
57 | File | `admin.php` | Medium
|
||||
58 | File | `admin/abc.php` | High
|
||||
59 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
60 | File | `admin/admin/adminsave.html` | High
|
||||
61 | ... | ... | ...
|
||||
8 | File | `/admin/sys_sql_query.php` | High
|
||||
9 | File | `/admin/userprofile.php` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
11 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
15 | File | `/company/store` | High
|
||||
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/feeds/post/publish` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
23 | File | `/fos/admin/index.php?page=menu` | High
|
||||
24 | File | `/h/` | Low
|
||||
25 | File | `/home/masterConsole` | High
|
||||
26 | File | `/home/sendBroadcast` | High
|
||||
27 | File | `/hrm/employeeadd.php` | High
|
||||
28 | File | `/hrm/employeeview.php` | High
|
||||
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
30 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
31 | File | `/index.php?page=category_list` | High
|
||||
32 | File | `/jobinfo/` | Medium
|
||||
33 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/opac/Actions.php?a=login` | High
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/PreviewHandler.ashx` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/recipe-result` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/reservation/add_message.php` | High
|
||||
44 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/uploads/exam_question/` | High
|
||||
48 | File | `/user/ticket/create` | High
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/var/lib/docker/<remapping>` | High
|
||||
51 | File | `/wireless/security.asp` | High
|
||||
52 | File | `/wp-admin/admin-ajax.php` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `a-forms.php` | Medium
|
||||
55 | File | `AbstractScheduleJob.java` | High
|
||||
56 | File | `actionphp/download.File.php` | High
|
||||
57 | File | `activenews_view.asp` | High
|
||||
58 | File | `adclick.php` | Medium
|
||||
59 | File | `admin.a6mambocredits.php` | High
|
||||
60 | ... | ... | ...
|
||||
|
||||
There are 536 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 528 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -155,6 +158,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/3.221.126.84
|
||||
* https://search.censys.io/hosts/8.222.133.105
|
||||
* https://search.censys.io/hosts/13.82.141.216
|
||||
* https://search.censys.io/hosts/13.112.226.27
|
||||
* https://search.censys.io/hosts/13.114.48.174
|
||||
* https://search.censys.io/hosts/13.114.78.162
|
||||
* https://search.censys.io/hosts/13.230.243.50
|
||||
|
@ -170,8 +174,11 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/18.178.244.246
|
||||
* https://search.censys.io/hosts/18.182.126.252
|
||||
* https://search.censys.io/hosts/18.188.54.77
|
||||
* https://search.censys.io/hosts/18.193.106.166
|
||||
* https://search.censys.io/hosts/18.208.87.99
|
||||
* https://search.censys.io/hosts/23.92.22.235
|
||||
* https://search.censys.io/hosts/24.199.89.40
|
||||
* https://search.censys.io/hosts/24.199.114.243
|
||||
* https://search.censys.io/hosts/24.199.118.20
|
||||
* https://search.censys.io/hosts/31.42.189.61
|
||||
* https://search.censys.io/hosts/34.206.147.4
|
||||
|
@ -185,7 +192,9 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/35.79.109.52
|
||||
* https://search.censys.io/hosts/37.119.57.169
|
||||
* https://search.censys.io/hosts/37.119.57.195
|
||||
* https://search.censys.io/hosts/38.55.96.159
|
||||
* https://search.censys.io/hosts/43.207.8.102
|
||||
* https://search.censys.io/hosts/43.207.23.110
|
||||
* https://search.censys.io/hosts/47.115.215.203
|
||||
* https://search.censys.io/hosts/47.252.28.13
|
||||
* https://search.censys.io/hosts/50.16.83.73
|
||||
|
@ -194,6 +203,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/52.68.31.77
|
||||
* https://search.censys.io/hosts/52.192.109.110
|
||||
* https://search.censys.io/hosts/52.192.166.233
|
||||
* https://search.censys.io/hosts/52.193.2.2
|
||||
* https://search.censys.io/hosts/52.193.175.78
|
||||
* https://search.censys.io/hosts/52.193.185.144
|
||||
* https://search.censys.io/hosts/52.193.203.8
|
||||
|
@ -201,6 +211,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/52.194.178.19
|
||||
* https://search.censys.io/hosts/52.196.8.3
|
||||
* https://search.censys.io/hosts/52.196.36.24
|
||||
* https://search.censys.io/hosts/52.196.50.60
|
||||
* https://search.censys.io/hosts/52.197.43.5
|
||||
* https://search.censys.io/hosts/52.197.222.201
|
||||
* https://search.censys.io/hosts/52.198.154.115
|
||||
|
@ -209,14 +220,18 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/54.92.24.114
|
||||
* https://search.censys.io/hosts/54.95.222.110
|
||||
* https://search.censys.io/hosts/54.150.80.3
|
||||
* https://search.censys.io/hosts/54.168.95.3
|
||||
* https://search.censys.io/hosts/54.168.127.93
|
||||
* https://search.censys.io/hosts/54.178.188.94
|
||||
* https://search.censys.io/hosts/54.199.58.143
|
||||
* https://search.censys.io/hosts/54.211.243.10
|
||||
* https://search.censys.io/hosts/54.238.205.126
|
||||
* https://search.censys.io/hosts/54.238.220.105
|
||||
* https://search.censys.io/hosts/54.248.200.60
|
||||
* https://search.censys.io/hosts/54.249.26.2
|
||||
* https://search.censys.io/hosts/54.249.130.36
|
||||
* https://search.censys.io/hosts/54.249.158.59
|
||||
* https://search.censys.io/hosts/54.249.200.119
|
||||
* https://search.censys.io/hosts/54.249.216.44
|
||||
* https://search.censys.io/hosts/64.226.109.199
|
||||
* https://search.censys.io/hosts/74.234.98.215
|
||||
|
@ -236,12 +251,15 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/112.213.121.7
|
||||
* https://search.censys.io/hosts/112.213.121.11
|
||||
* https://search.censys.io/hosts/112.213.121.20
|
||||
* https://search.censys.io/hosts/116.62.139.1
|
||||
* https://search.censys.io/hosts/118.107.43.96
|
||||
* https://search.censys.io/hosts/118.107.43.98
|
||||
* https://search.censys.io/hosts/118.107.43.100
|
||||
* https://search.censys.io/hosts/138.68.135.52
|
||||
* https://search.censys.io/hosts/139.59.169.19
|
||||
* https://search.censys.io/hosts/139.162.242.79
|
||||
* https://search.censys.io/hosts/139.224.234.194
|
||||
* https://search.censys.io/hosts/142.93.7.24
|
||||
* https://search.censys.io/hosts/142.93.31.106
|
||||
* https://search.censys.io/hosts/143.92.58.179
|
||||
* https://search.censys.io/hosts/143.92.58.182
|
||||
|
@ -253,9 +271,11 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://search.censys.io/hosts/154.26.154.154
|
||||
* https://search.censys.io/hosts/154.202.59.96
|
||||
* https://search.censys.io/hosts/157.254.195.201
|
||||
* https://search.censys.io/hosts/165.227.224.30
|
||||
* https://search.censys.io/hosts/167.71.62.156
|
||||
* https://search.censys.io/hosts/167.99.137.218
|
||||
* https://search.censys.io/hosts/170.64.169.229
|
||||
* https://search.censys.io/hosts/172.86.123.8
|
||||
* https://search.censys.io/hosts/175.41.221.5
|
||||
* https://search.censys.io/hosts/185.239.173.42
|
||||
* https://search.censys.io/hosts/185.239.173.43
|
||||
|
|
|
@ -4,18 +4,51 @@ These _indicators_ were reported, collected, and generated during the [VulDB CTI
|
|||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.bublik](https://vuldb.com/?actor.bublik)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bublik:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [NE](https://vuldb.com/?country.ne)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Bublik.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [66.128.53.179](https://vuldb.com/?ip.66.128.53.179) | - | - | High
|
||||
2 | [104.21.57.186](https://vuldb.com/?ip.104.21.57.186) | - | - | High
|
||||
3 | [143.248.35.28](https://vuldb.com/?ip.143.248.35.28) | - | - | High
|
||||
1 | [66.23.234.229](https://vuldb.com/?ip.66.23.234.229) | host.double-six.net | - | High
|
||||
2 | [66.128.53.179](https://vuldb.com/?ip.66.128.53.179) | - | - | High
|
||||
3 | [69.10.32.149](https://vuldb.com/?ip.69.10.32.149) | hots.bali66.net | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more IOC items available. Please use our online service to access the data.
|
||||
There are 6 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Bublik_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
2 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Bublik. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/cvms-hub/privado/seccionesmib/secciones.xhtml` | High
|
||||
2 | File | `kbdint.c` | Medium
|
||||
3 | File | `ProxyServlet.java` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 3 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -25,6 +58,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/2020/08/threat-roundup-0821-0827.html
|
||||
* https://blog.talosintelligence.com/2020/09/threat-roundup-0828-0904.html
|
||||
* https://blog.talosintelligence.com/2021/05/threat-roundup-0507-0514.html
|
||||
* https://blog.talosintelligence.com/threat-roundup-0616-0623-2/
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Buer:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [AT](https://vuldb.com/?country.at)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -22,11 +22,11 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [142.93.102.244](https://vuldb.com/?ip.142.93.102.244) | dev.dotyeti.com | - | High
|
||||
2 | [178.128.162.45](https://vuldb.com/?ip.178.128.162.45) | - | - | High
|
||||
3 | [178.128.170.109](https://vuldb.com/?ip.178.128.170.109) | 961887.cloudwaysapps.com | - | High
|
||||
2 | [149.154.152.244](https://vuldb.com/?ip.149.154.152.244) | 244.152.154.149.in-addr.arpa | - | High
|
||||
3 | [178.128.162.45](https://vuldb.com/?ip.178.128.162.45) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more IOC items available. Please use our online service to access the data.
|
||||
There are 2 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -34,12 +34,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 7 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,12 +48,16 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/backups/` | Medium
|
||||
2 | File | `/cgi-bin/editBookmark` | High
|
||||
3 | File | `/goform/RgDdns` | High
|
||||
4 | File | `/goform/RgDhcp` | High
|
||||
5 | ... | ... | ...
|
||||
2 | File | `/cgi-bin/admin/testserver.cgi` | High
|
||||
3 | File | `/cgi-bin/editBookmark` | High
|
||||
4 | File | `/dev/kvm` | Medium
|
||||
5 | File | `/goform/RgDdns` | High
|
||||
6 | File | `/goform/RgDhcp` | High
|
||||
7 | File | `/goform/RGFirewallEL` | High
|
||||
8 | File | `/goform/RgTime` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 34 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 65 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,8 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BuerLoader:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [AR](https://vuldb.com/?country.ar)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
|
|
@ -9,8 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Buhtrap:
|
||||
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [GA](https://vuldb.com/?country.ga)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [AG](https://vuldb.com/?country.ag)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,7 +26,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
3 | [37.143.12.190](https://vuldb.com/?ip.37.143.12.190) | hosted-by.ihc.ru | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 6 more IOC items available. Please use our online service to access the data.
|
||||
There are 8 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -36,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 12 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,14 +55,16 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `adrotate.pm` | Medium
|
||||
7 | File | `article.php` | Medium
|
||||
8 | File | `asn1fix_retrieve.c` | High
|
||||
9 | ... | ... | ...
|
||||
9 | File | `bigsam_guestbook.php` | High
|
||||
10 | ... | ... | ...
|
||||
|
||||
There are 67 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 71 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://s.tencent.com/research/report/683.html
|
||||
* https://www.threatminer.org/report.php?q=gib-buhtrap-report-GroupIB.pdf&y=2016
|
||||
|
||||
## Literature
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 20 more country items available. Please use our online service to access the data.
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -591,14 +591,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-24, CWE-35, CWE-36, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -606,73 +606,58 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/about.php` | Medium
|
||||
4 | File | `/admin.php/update/getFile.html` | High
|
||||
5 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
|
||||
6 | File | `/admin/bookings/view_booking.php` | High
|
||||
7 | File | `/admin/bookings/view_details.php` | High
|
||||
8 | File | `/admin/budget/manage_budget.php` | High
|
||||
9 | File | `/admin/categories/view_category.php` | High
|
||||
10 | File | `/admin/configurations/userInfo` | High
|
||||
11 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
12 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
13 | File | `/admin/departments/view_department.php` | High
|
||||
14 | File | `/admin/edit_subject.php` | High
|
||||
15 | File | `/admin/index.php` | High
|
||||
16 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
17 | File | `/admin/maintenance/manage_category.php` | High
|
||||
18 | File | `/admin/maintenance/view_designation.php` | High
|
||||
19 | File | `/admin/misc/script-proxy` | High
|
||||
20 | File | `/admin/orders/update_status.php` | High
|
||||
21 | File | `/admin/reportupload.aspx` | High
|
||||
22 | File | `/admin/sales/view_details.php` | High
|
||||
23 | File | `/admin/save_teacher.php` | High
|
||||
24 | File | `/admin/service.php` | High
|
||||
25 | File | `/admin/services/manage_service.php` | High
|
||||
26 | File | `/admin/user/manage_user.php` | High
|
||||
27 | File | `/advanced-tools/nova/bin/netwatch` | High
|
||||
28 | File | `/api/stl/actions/search` | High
|
||||
29 | File | `/api/v2/cli/commands` | High
|
||||
30 | File | `/bin/ate` | Medium
|
||||
31 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
|
||||
32 | File | `/cas/logout` | Medium
|
||||
33 | File | `/cgi-bin` | Medium
|
||||
34 | File | `/cgi-bin/ping.cgi` | High
|
||||
35 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
36 | File | `/circuits/circuit-types/` | High
|
||||
37 | File | `/circuits/provider-accounts/` | High
|
||||
38 | File | `/classes/Master.php` | High
|
||||
39 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
40 | File | `/classes/Master.php?f=delete_item` | High
|
||||
41 | File | `/classes/Master.php?f=delete_service` | High
|
||||
42 | File | `/classes/Master.php?f=save_service` | High
|
||||
43 | File | `/classes/Users.php` | High
|
||||
44 | File | `/dcim/power-panels/` | High
|
||||
45 | File | `/dcim/rack-roles/` | High
|
||||
46 | File | `/dcim/rack/` | Medium
|
||||
47 | File | `/dialog/select_media.php` | High
|
||||
48 | File | `/dosen/data` | Medium
|
||||
49 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
50 | File | `/Electron/download` | High
|
||||
51 | File | `/feeds/post/publish` | High
|
||||
52 | File | `/forms/doLogin` | High
|
||||
53 | File | `/goForm/aspForm` | High
|
||||
54 | File | `/goform/sysTools` | High
|
||||
55 | File | `/hslist` | Low
|
||||
56 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
57 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
58 | File | `/index.php?page=category_list` | High
|
||||
59 | File | `/items/manage_item.php` | High
|
||||
60 | File | `/jurusan/data` | High
|
||||
61 | File | `/jurusanmatkul/data` | High
|
||||
62 | File | `/kelas/data` | Medium
|
||||
63 | File | `/kelasdosen/data` | High
|
||||
64 | File | `/knowagecockpitengine/api/1.0/pages/execute` | High
|
||||
65 | ... | ... | ...
|
||||
1 | File | `.github/workflows/comment.yml` | High
|
||||
2 | File | `/?r=recruit/resume/edit&op=status` | High
|
||||
3 | File | `/account/delivery` | High
|
||||
4 | File | `/admin/?page=user/list` | High
|
||||
5 | File | `/admin/addproduct.php` | High
|
||||
6 | File | `/admin/add_user_modal.php` | High
|
||||
7 | File | `/admin/del_category.php` | High
|
||||
8 | File | `/admin/del_service.php` | High
|
||||
9 | File | `/admin/edit_product.php` | High
|
||||
10 | File | `/admin/forgot-password.php` | High
|
||||
11 | File | `/admin/index.php` | High
|
||||
12 | File | `/admin/index/index.html#/admin/mall.goods/index.html` | High
|
||||
13 | File | `/admin/modal_add_product.php` | High
|
||||
14 | File | `/admin/read.php?mudi=announContent` | High
|
||||
15 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
16 | File | `/admin/reg.php` | High
|
||||
17 | File | `/admin/reportupload.aspx` | High
|
||||
18 | File | `/admin/search-appointment.php` | High
|
||||
19 | File | `/admin/sys_sql_query.php` | High
|
||||
20 | File | `/admin/test_status.php` | High
|
||||
21 | File | `/admin/update_s6.php` | High
|
||||
22 | File | `/ajax.php?action=read_msg` | High
|
||||
23 | File | `/ajax.php?action=save_company` | High
|
||||
24 | File | `/api/baskets/{name}` | High
|
||||
25 | File | `/api/ping` | Medium
|
||||
26 | File | `/api/set-password` | High
|
||||
27 | File | `/App_Resource/UEditor/server/upload.aspx` | High
|
||||
28 | File | `/author_posts.php` | High
|
||||
29 | File | `/bin/ate` | Medium
|
||||
30 | File | `/blog` | Low
|
||||
31 | File | `/booking/show_bookings/` | High
|
||||
32 | File | `/browse` | Low
|
||||
33 | File | `/cgi-bin/adm.cgi` | High
|
||||
34 | File | `/chaincity/user/ticket/create` | High
|
||||
35 | File | `/classes/Master.php?f=delete_inquiry` | High
|
||||
36 | File | `/classes/Master.php?f=save_inquiry` | High
|
||||
37 | File | `/classes/Master.php?f=save_item` | High
|
||||
38 | File | `/classes/Users.php?f=save` | High
|
||||
39 | File | `/company/store` | High
|
||||
40 | File | `/config` | Low
|
||||
41 | File | `/contact.php` | Medium
|
||||
42 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
43 | File | `/dipam/athlete-profile.php` | High
|
||||
44 | File | `/dipam/save-delegates.php` | High
|
||||
45 | File | `/Duty/AjaxHandle/UpLoadFloodPlanFile.ashx` | High
|
||||
46 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
47 | File | `/en/blog-comment-4` | High
|
||||
48 | File | `/env` | Low
|
||||
49 | File | `/etc/passwd` | Medium
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 568 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 431 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -57,321 +57,323 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
34 | [8.76.233.176](https://vuldb.com/?ip.8.76.233.176) | - | - | High
|
||||
35 | [8.126.95.33](https://vuldb.com/?ip.8.126.95.33) | - | - | High
|
||||
36 | [8.219.132.142](https://vuldb.com/?ip.8.219.132.142) | - | - | High
|
||||
37 | [8.222.227.103](https://vuldb.com/?ip.8.222.227.103) | - | - | High
|
||||
38 | [8.253.171.67](https://vuldb.com/?ip.8.253.171.67) | - | - | High
|
||||
39 | [9.63.15.101](https://vuldb.com/?ip.9.63.15.101) | - | - | High
|
||||
40 | [9.240.112.25](https://vuldb.com/?ip.9.240.112.25) | - | - | High
|
||||
41 | [10.28.17.62](https://vuldb.com/?ip.10.28.17.62) | - | - | High
|
||||
42 | [11.1.201.27](https://vuldb.com/?ip.11.1.201.27) | - | - | High
|
||||
43 | [12.75.186.131](https://vuldb.com/?ip.12.75.186.131) | 131.newark-21-23rs.nj.dial-access.att.net | - | High
|
||||
44 | [12.115.36.174](https://vuldb.com/?ip.12.115.36.174) | - | - | High
|
||||
45 | [12.153.80.238](https://vuldb.com/?ip.12.153.80.238) | - | - | High
|
||||
46 | [12.194.222.34](https://vuldb.com/?ip.12.194.222.34) | - | - | High
|
||||
47 | [12.202.229.195](https://vuldb.com/?ip.12.202.229.195) | - | - | High
|
||||
48 | [12.236.242.155](https://vuldb.com/?ip.12.236.242.155) | - | - | High
|
||||
49 | [13.2.200.200](https://vuldb.com/?ip.13.2.200.200) | - | - | High
|
||||
50 | [13.218.205.215](https://vuldb.com/?ip.13.218.205.215) | - | - | High
|
||||
51 | [13.234.171.104](https://vuldb.com/?ip.13.234.171.104) | ec2-13-234-171-104.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
52 | [14.7.69.141](https://vuldb.com/?ip.14.7.69.141) | - | - | High
|
||||
53 | [14.11.77.37](https://vuldb.com/?ip.14.11.77.37) | M014011077037.v4.enabler.ne.jp | - | High
|
||||
54 | [14.40.68.19](https://vuldb.com/?ip.14.40.68.19) | - | - | High
|
||||
55 | [14.63.191.213](https://vuldb.com/?ip.14.63.191.213) | - | - | High
|
||||
56 | [14.102.170.127](https://vuldb.com/?ip.14.102.170.127) | cache-ipnet01.nexlogic.ph | - | High
|
||||
57 | [14.128.51.19](https://vuldb.com/?ip.14.128.51.19) | - | - | High
|
||||
58 | [14.155.143.74](https://vuldb.com/?ip.14.155.143.74) | - | - | High
|
||||
59 | [14.163.179.250](https://vuldb.com/?ip.14.163.179.250) | static.vnpt.vn | - | High
|
||||
60 | [14.195.237.81](https://vuldb.com/?ip.14.195.237.81) | static-81.237.195.14-tataidc.co.in | - | High
|
||||
61 | [15.209.19.148](https://vuldb.com/?ip.15.209.19.148) | - | - | High
|
||||
62 | [15.248.60.137](https://vuldb.com/?ip.15.248.60.137) | - | - | High
|
||||
63 | [16.86.113.88](https://vuldb.com/?ip.16.86.113.88) | - | - | High
|
||||
64 | [16.249.204.133](https://vuldb.com/?ip.16.249.204.133) | - | - | High
|
||||
65 | [17.29.249.188](https://vuldb.com/?ip.17.29.249.188) | - | - | High
|
||||
66 | [17.147.212.14](https://vuldb.com/?ip.17.147.212.14) | - | - | High
|
||||
67 | [18.8.71.243](https://vuldb.com/?ip.18.8.71.243) | - | - | High
|
||||
68 | [18.127.96.221](https://vuldb.com/?ip.18.127.96.221) | - | - | High
|
||||
69 | [18.141.105.98](https://vuldb.com/?ip.18.141.105.98) | ec2-18-141-105-98.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
70 | [18.151.45.13](https://vuldb.com/?ip.18.151.45.13) | - | - | High
|
||||
71 | [18.210.196.217](https://vuldb.com/?ip.18.210.196.217) | ec2-18-210-196-217.compute-1.amazonaws.com | - | Medium
|
||||
72 | [19.32.56.182](https://vuldb.com/?ip.19.32.56.182) | - | - | High
|
||||
73 | [19.71.13.153](https://vuldb.com/?ip.19.71.13.153) | - | - | High
|
||||
74 | [19.128.78.21](https://vuldb.com/?ip.19.128.78.21) | - | - | High
|
||||
75 | [20.150.149.28](https://vuldb.com/?ip.20.150.149.28) | - | - | High
|
||||
76 | [21.21.141.32](https://vuldb.com/?ip.21.21.141.32) | - | - | High
|
||||
77 | [21.29.238.98](https://vuldb.com/?ip.21.29.238.98) | - | - | High
|
||||
78 | [21.175.22.99](https://vuldb.com/?ip.21.175.22.99) | - | - | High
|
||||
79 | [21.246.85.34](https://vuldb.com/?ip.21.246.85.34) | - | - | High
|
||||
80 | [22.39.164.0](https://vuldb.com/?ip.22.39.164.0) | - | - | High
|
||||
81 | [22.83.186.45](https://vuldb.com/?ip.22.83.186.45) | - | - | High
|
||||
82 | [22.175.0.90](https://vuldb.com/?ip.22.175.0.90) | - | - | High
|
||||
83 | [22.252.18.49](https://vuldb.com/?ip.22.252.18.49) | - | - | High
|
||||
84 | [23.19.58.176](https://vuldb.com/?ip.23.19.58.176) | i58.176.lofame.net | - | High
|
||||
85 | [23.19.58.212](https://vuldb.com/?ip.23.19.58.212) | - | - | High
|
||||
86 | [23.19.58.251](https://vuldb.com/?ip.23.19.58.251) | - | - | High
|
||||
87 | [23.29.115.164](https://vuldb.com/?ip.23.29.115.164) | 23-29-115-164.static.hvvc.us | - | High
|
||||
88 | [23.29.115.172](https://vuldb.com/?ip.23.29.115.172) | 23-29-115-172.static.hvvc.us | - | High
|
||||
89 | [23.81.246.17](https://vuldb.com/?ip.23.81.246.17) | - | - | High
|
||||
90 | [23.81.246.22](https://vuldb.com/?ip.23.81.246.22) | - | - | High
|
||||
91 | [23.81.246.171](https://vuldb.com/?ip.23.81.246.171) | - | - | High
|
||||
92 | [23.81.246.187](https://vuldb.com/?ip.23.81.246.187) | - | - | High
|
||||
93 | [23.81.246.205](https://vuldb.com/?ip.23.81.246.205) | - | - | High
|
||||
94 | [23.82.19.119](https://vuldb.com/?ip.23.82.19.119) | - | - | High
|
||||
95 | [23.82.19.208](https://vuldb.com/?ip.23.82.19.208) | - | - | High
|
||||
96 | [23.82.128.11](https://vuldb.com/?ip.23.82.128.11) | - | - | High
|
||||
97 | [23.82.128.116](https://vuldb.com/?ip.23.82.128.116) | - | - | High
|
||||
98 | [23.82.128.127](https://vuldb.com/?ip.23.82.128.127) | - | - | High
|
||||
99 | [23.82.128.149](https://vuldb.com/?ip.23.82.128.149) | - | - | High
|
||||
100 | [23.82.140.14](https://vuldb.com/?ip.23.82.140.14) | - | - | High
|
||||
101 | [23.82.140.100](https://vuldb.com/?ip.23.82.140.100) | - | - | High
|
||||
102 | [23.82.140.133](https://vuldb.com/?ip.23.82.140.133) | - | - | High
|
||||
103 | [23.82.140.155](https://vuldb.com/?ip.23.82.140.155) | - | - | High
|
||||
104 | [23.82.140.180](https://vuldb.com/?ip.23.82.140.180) | - | - | High
|
||||
105 | [23.82.141.11](https://vuldb.com/?ip.23.82.141.11) | - | - | High
|
||||
106 | [23.82.141.184](https://vuldb.com/?ip.23.82.141.184) | - | - | High
|
||||
107 | [23.82.141.185](https://vuldb.com/?ip.23.82.141.185) | - | - | High
|
||||
108 | [23.83.133.1](https://vuldb.com/?ip.23.83.133.1) | v327.er01.dal.ubiquity.io | - | High
|
||||
109 | [23.83.133.13](https://vuldb.com/?ip.23.83.133.13) | - | - | High
|
||||
110 | [23.83.133.182](https://vuldb.com/?ip.23.83.133.182) | - | - | High
|
||||
111 | [23.83.133.215](https://vuldb.com/?ip.23.83.133.215) | - | - | High
|
||||
112 | [23.83.133.216](https://vuldb.com/?ip.23.83.133.216) | - | - | High
|
||||
113 | [23.83.134.110](https://vuldb.com/?ip.23.83.134.110) | - | - | High
|
||||
114 | [23.83.134.133](https://vuldb.com/?ip.23.83.134.133) | - | - | High
|
||||
115 | [23.83.134.136](https://vuldb.com/?ip.23.83.134.136) | - | - | High
|
||||
116 | [23.88.117.246](https://vuldb.com/?ip.23.88.117.246) | static.246.117.88.23.clients.your-server.de | - | High
|
||||
117 | [23.106.124.23](https://vuldb.com/?ip.23.106.124.23) | - | - | High
|
||||
118 | [23.106.124.154](https://vuldb.com/?ip.23.106.124.154) | - | - | High
|
||||
119 | [23.106.160.33](https://vuldb.com/?ip.23.106.160.33) | - | - | High
|
||||
120 | [23.106.160.39](https://vuldb.com/?ip.23.106.160.39) | - | - | High
|
||||
121 | [23.106.160.40](https://vuldb.com/?ip.23.106.160.40) | - | - | High
|
||||
122 | [23.106.160.52](https://vuldb.com/?ip.23.106.160.52) | - | - | High
|
||||
123 | [23.106.160.82](https://vuldb.com/?ip.23.106.160.82) | - | - | High
|
||||
124 | [23.106.160.112](https://vuldb.com/?ip.23.106.160.112) | - | - | High
|
||||
125 | [23.106.160.117](https://vuldb.com/?ip.23.106.160.117) | - | - | High
|
||||
126 | [23.106.160.120](https://vuldb.com/?ip.23.106.160.120) | - | - | High
|
||||
127 | [23.106.160.137](https://vuldb.com/?ip.23.106.160.137) | - | - | High
|
||||
128 | [23.106.160.141](https://vuldb.com/?ip.23.106.160.141) | - | - | High
|
||||
129 | [23.106.215.45](https://vuldb.com/?ip.23.106.215.45) | - | - | High
|
||||
130 | [23.106.215.60](https://vuldb.com/?ip.23.106.215.60) | - | - | High
|
||||
131 | [23.106.215.82](https://vuldb.com/?ip.23.106.215.82) | - | - | High
|
||||
132 | [23.106.215.123](https://vuldb.com/?ip.23.106.215.123) | - | - | High
|
||||
133 | [23.106.215.133](https://vuldb.com/?ip.23.106.215.133) | - | - | High
|
||||
134 | [23.106.215.141](https://vuldb.com/?ip.23.106.215.141) | - | - | High
|
||||
135 | [23.106.215.165](https://vuldb.com/?ip.23.106.215.165) | zootech.click | - | High
|
||||
136 | [23.106.215.225](https://vuldb.com/?ip.23.106.215.225) | - | - | High
|
||||
137 | [23.106.215.230](https://vuldb.com/?ip.23.106.215.230) | - | - | High
|
||||
138 | [23.106.215.233](https://vuldb.com/?ip.23.106.215.233) | - | - | High
|
||||
139 | [23.106.223.1](https://vuldb.com/?ip.23.106.223.1) | - | - | High
|
||||
140 | [23.106.223.14](https://vuldb.com/?ip.23.106.223.14) | - | - | High
|
||||
141 | [23.106.223.130](https://vuldb.com/?ip.23.106.223.130) | - | - | High
|
||||
142 | [23.106.223.144](https://vuldb.com/?ip.23.106.223.144) | - | - | High
|
||||
143 | [23.106.223.182](https://vuldb.com/?ip.23.106.223.182) | - | - | High
|
||||
144 | [23.106.223.197](https://vuldb.com/?ip.23.106.223.197) | - | - | High
|
||||
145 | [23.106.223.209](https://vuldb.com/?ip.23.106.223.209) | - | - | High
|
||||
146 | [23.106.223.219](https://vuldb.com/?ip.23.106.223.219) | - | - | High
|
||||
147 | [23.106.223.222](https://vuldb.com/?ip.23.106.223.222) | - | - | High
|
||||
148 | [23.108.57.5](https://vuldb.com/?ip.23.108.57.5) | - | - | High
|
||||
149 | [23.108.57.13](https://vuldb.com/?ip.23.108.57.13) | - | - | High
|
||||
150 | [23.108.57.29](https://vuldb.com/?ip.23.108.57.29) | - | - | High
|
||||
151 | [23.108.57.57](https://vuldb.com/?ip.23.108.57.57) | tuks.net | - | High
|
||||
152 | [23.108.57.59](https://vuldb.com/?ip.23.108.57.59) | - | - | High
|
||||
153 | [23.108.57.65](https://vuldb.com/?ip.23.108.57.65) | - | - | High
|
||||
154 | [23.108.57.66](https://vuldb.com/?ip.23.108.57.66) | - | - | High
|
||||
155 | [23.108.57.79](https://vuldb.com/?ip.23.108.57.79) | - | - | High
|
||||
156 | [23.108.57.87](https://vuldb.com/?ip.23.108.57.87) | - | - | High
|
||||
157 | [23.108.57.161](https://vuldb.com/?ip.23.108.57.161) | - | - | High
|
||||
158 | [23.108.57.200](https://vuldb.com/?ip.23.108.57.200) | - | - | High
|
||||
159 | [23.108.57.201](https://vuldb.com/?ip.23.108.57.201) | - | - | High
|
||||
160 | [23.108.57.250](https://vuldb.com/?ip.23.108.57.250) | - | - | High
|
||||
161 | [23.136.208.76](https://vuldb.com/?ip.23.136.208.76) | - | - | High
|
||||
162 | [23.227.198.195](https://vuldb.com/?ip.23.227.198.195) | multiatom.com | - | High
|
||||
163 | [23.227.198.217](https://vuldb.com/?ip.23.227.198.217) | 23-227-198-217.static.hvvc.us | - | High
|
||||
164 | [23.227.198.241](https://vuldb.com/?ip.23.227.198.241) | 23-227-198-241.static.hvvc.us | - | High
|
||||
165 | [23.227.202.179](https://vuldb.com/?ip.23.227.202.179) | trackvous.com | - | High
|
||||
166 | [23.227.203.120](https://vuldb.com/?ip.23.227.203.120) | 23-227-203-120.static.hvvc.us | - | High
|
||||
167 | [23.229.117.229](https://vuldb.com/?ip.23.229.117.229) | - | - | High
|
||||
168 | [23.254.142.159](https://vuldb.com/?ip.23.254.142.159) | client-23-254-142-159.hostwindsdns.com | - | High
|
||||
169 | [23.254.161.46](https://vuldb.com/?ip.23.254.161.46) | hwsrv-1063022.hostwindsdns.com | - | High
|
||||
170 | [23.254.167.63](https://vuldb.com/?ip.23.254.167.63) | hwsrv-1063920.hostwindsdns.com | - | High
|
||||
171 | [23.254.167.143](https://vuldb.com/?ip.23.254.167.143) | client-23-254-167-143.hostwindsdns.com | - | High
|
||||
172 | [23.254.201.97](https://vuldb.com/?ip.23.254.201.97) | hwsrv-974106.hostwindsdns.com | - | High
|
||||
173 | [23.254.202.59](https://vuldb.com/?ip.23.254.202.59) | hwsrv-987701.hostwindsdns.com | - | High
|
||||
174 | [23.254.204.109](https://vuldb.com/?ip.23.254.204.109) | client-23-254-204-109.hostwindsdns.com | - | High
|
||||
175 | [23.254.204.210](https://vuldb.com/?ip.23.254.204.210) | hwsrv-1046249.hostwindsdns.com | - | High
|
||||
176 | [23.254.217.20](https://vuldb.com/?ip.23.254.217.20) | hwsrv-984041.hostwindsdns.com | - | High
|
||||
177 | [23.254.217.222](https://vuldb.com/?ip.23.254.217.222) | hwsrv-976272.hostwindsdns.com | - | High
|
||||
178 | [23.254.224.200](https://vuldb.com/?ip.23.254.224.200) | hwsrv-1001143.hostwindsdns.com | - | High
|
||||
179 | [23.254.225.130](https://vuldb.com/?ip.23.254.225.130) | hwsrv-1067630.hostwindsdns.com | - | High
|
||||
180 | [23.254.225.249](https://vuldb.com/?ip.23.254.225.249) | client-23-254-225-249.hostwindsdns.com | - | High
|
||||
181 | [23.254.227.53](https://vuldb.com/?ip.23.254.227.53) | hwsrv-1057942.hostwindsdns.com | - | High
|
||||
182 | [23.254.227.144](https://vuldb.com/?ip.23.254.227.144) | hwsrv-982332.hostwindsdns.com | - | High
|
||||
183 | [23.254.229.131](https://vuldb.com/?ip.23.254.229.131) | ruth.gobuddy.info | - | High
|
||||
184 | [23.254.229.210](https://vuldb.com/?ip.23.254.229.210) | tigern.throwbackdinos.com | - | High
|
||||
185 | [23.254.247.48](https://vuldb.com/?ip.23.254.247.48) | hwsrv-1063028.hostwindsdns.com | - | High
|
||||
186 | [24.4.68.32](https://vuldb.com/?ip.24.4.68.32) | c-24-4-68-32.hsd1.ca.comcast.net | - | High
|
||||
187 | [24.57.185.167](https://vuldb.com/?ip.24.57.185.167) | d24-57-185-167.home.cgocable.net | - | High
|
||||
188 | [24.121.25.160](https://vuldb.com/?ip.24.121.25.160) | 24-121-25-160.sdoncmtk01.com.dyn.suddenlink.net | - | High
|
||||
189 | [24.183.132.242](https://vuldb.com/?ip.24.183.132.242) | 024-183-132-242.res.spectrum.com | - | High
|
||||
190 | [25.5.198.104](https://vuldb.com/?ip.25.5.198.104) | - | - | High
|
||||
191 | [25.131.252.242](https://vuldb.com/?ip.25.131.252.242) | - | - | High
|
||||
192 | [25.169.42.242](https://vuldb.com/?ip.25.169.42.242) | - | - | High
|
||||
193 | [25.170.215.18](https://vuldb.com/?ip.25.170.215.18) | - | - | High
|
||||
194 | [25.181.64.39](https://vuldb.com/?ip.25.181.64.39) | - | - | High
|
||||
195 | [26.6.83.53](https://vuldb.com/?ip.26.6.83.53) | - | - | High
|
||||
196 | [27.31.180.123](https://vuldb.com/?ip.27.31.180.123) | - | - | High
|
||||
197 | [28.11.143.222](https://vuldb.com/?ip.28.11.143.222) | - | - | High
|
||||
198 | [28.23.200.103](https://vuldb.com/?ip.28.23.200.103) | - | - | High
|
||||
199 | [28.53.120.108](https://vuldb.com/?ip.28.53.120.108) | - | - | High
|
||||
200 | [28.107.38.196](https://vuldb.com/?ip.28.107.38.196) | - | - | High
|
||||
201 | [28.148.236.16](https://vuldb.com/?ip.28.148.236.16) | - | - | High
|
||||
202 | [28.183.174.200](https://vuldb.com/?ip.28.183.174.200) | - | - | High
|
||||
203 | [29.15.120.102](https://vuldb.com/?ip.29.15.120.102) | - | - | High
|
||||
204 | [29.64.0.111](https://vuldb.com/?ip.29.64.0.111) | - | - | High
|
||||
205 | [29.122.243.158](https://vuldb.com/?ip.29.122.243.158) | - | - | High
|
||||
206 | [29.203.98.166](https://vuldb.com/?ip.29.203.98.166) | - | - | High
|
||||
207 | [30.17.4.146](https://vuldb.com/?ip.30.17.4.146) | - | - | High
|
||||
208 | [30.65.48.152](https://vuldb.com/?ip.30.65.48.152) | - | - | High
|
||||
209 | [30.140.193.246](https://vuldb.com/?ip.30.140.193.246) | - | - | High
|
||||
210 | [30.205.76.70](https://vuldb.com/?ip.30.205.76.70) | - | - | High
|
||||
211 | [30.225.24.243](https://vuldb.com/?ip.30.225.24.243) | - | - | High
|
||||
212 | [31.135.71.34](https://vuldb.com/?ip.31.135.71.34) | - | - | High
|
||||
213 | [31.228.253.114](https://vuldb.com/?ip.31.228.253.114) | - | - | High
|
||||
214 | [31.232.16.192](https://vuldb.com/?ip.31.232.16.192) | - | - | High
|
||||
215 | [32.54.188.44](https://vuldb.com/?ip.32.54.188.44) | - | - | High
|
||||
216 | [32.181.245.23](https://vuldb.com/?ip.32.181.245.23) | - | - | High
|
||||
217 | [33.93.97.183](https://vuldb.com/?ip.33.93.97.183) | - | - | High
|
||||
218 | [33.145.184.132](https://vuldb.com/?ip.33.145.184.132) | - | - | High
|
||||
219 | [33.191.119.32](https://vuldb.com/?ip.33.191.119.32) | - | - | High
|
||||
220 | [34.1.180.202](https://vuldb.com/?ip.34.1.180.202) | - | - | High
|
||||
221 | [34.2.221.48](https://vuldb.com/?ip.34.2.221.48) | - | - | High
|
||||
222 | [34.34.152.166](https://vuldb.com/?ip.34.34.152.166) | 166.152.34.34.bc.googleusercontent.com | - | Medium
|
||||
223 | [34.119.95.6](https://vuldb.com/?ip.34.119.95.6) | 6.95.119.34.bc.googleusercontent.com | - | Medium
|
||||
224 | [34.229.154.31](https://vuldb.com/?ip.34.229.154.31) | ec2-34-229-154-31.compute-1.amazonaws.com | - | Medium
|
||||
225 | [35.120.155.220](https://vuldb.com/?ip.35.120.155.220) | - | - | High
|
||||
226 | [36.110.58.103](https://vuldb.com/?ip.36.110.58.103) | 103.58.110.36.static.bjtelecom.net | - | High
|
||||
227 | [36.150.76.13](https://vuldb.com/?ip.36.150.76.13) | - | - | High
|
||||
228 | [36.201.196.202](https://vuldb.com/?ip.36.201.196.202) | - | - | High
|
||||
229 | [37.1.214.72](https://vuldb.com/?ip.37.1.214.72) | - | - | High
|
||||
230 | [37.1.214.229](https://vuldb.com/?ip.37.1.214.229) | - | - | High
|
||||
231 | [37.28.155.36](https://vuldb.com/?ip.37.28.155.36) | d155036.artnet.gda.pl | - | High
|
||||
232 | [37.28.156.24](https://vuldb.com/?ip.37.28.156.24) | d156024.artnet.gda.pl | - | High
|
||||
233 | [37.28.157.29](https://vuldb.com/?ip.37.28.157.29) | d157029.artnet.gda.pl | - | High
|
||||
234 | [37.42.62.77](https://vuldb.com/?ip.37.42.62.77) | - | - | High
|
||||
235 | [37.64.220.2](https://vuldb.com/?ip.37.64.220.2) | 2.220.64.37.rev.sfr.net | - | High
|
||||
236 | [37.72.174.9](https://vuldb.com/?ip.37.72.174.9) | emailmail.org.uk | - | High
|
||||
237 | [37.72.174.23](https://vuldb.com/?ip.37.72.174.23) | 37-72-174-23.static.hvvc.us | - | High
|
||||
238 | [37.120.198.248](https://vuldb.com/?ip.37.120.198.248) | - | - | High
|
||||
239 | [37.189.74.5](https://vuldb.com/?ip.37.189.74.5) | bl28-74-5.dsl.telepac.pt | - | High
|
||||
240 | [37.221.67.104](https://vuldb.com/?ip.37.221.67.104) | host001 | - | High
|
||||
241 | [37.221.67.122](https://vuldb.com/?ip.37.221.67.122) | finese | - | High
|
||||
242 | [38.12.57.131](https://vuldb.com/?ip.38.12.57.131) | - | - | High
|
||||
243 | [38.48.147.152](https://vuldb.com/?ip.38.48.147.152) | - | - | High
|
||||
244 | [38.180.4.165](https://vuldb.com/?ip.38.180.4.165) | - | - | High
|
||||
245 | [38.180.25.71](https://vuldb.com/?ip.38.180.25.71) | - | - | High
|
||||
246 | [38.180.25.111](https://vuldb.com/?ip.38.180.25.111) | - | - | High
|
||||
247 | [39.57.152.217](https://vuldb.com/?ip.39.57.152.217) | - | - | High
|
||||
248 | [40.47.149.113](https://vuldb.com/?ip.40.47.149.113) | - | - | High
|
||||
249 | [40.72.17.141](https://vuldb.com/?ip.40.72.17.141) | - | - | High
|
||||
250 | [41.7.15.180](https://vuldb.com/?ip.41.7.15.180) | vc-cpt-41-7-15-180.umts.vodacom.co.za | - | High
|
||||
251 | [41.15.71.157](https://vuldb.com/?ip.41.15.71.157) | vc-gp-n-41-15-71-157.umts.vodacom.co.za | - | High
|
||||
252 | [41.28.188.77](https://vuldb.com/?ip.41.28.188.77) | vc-gp-s-41-28-188-77.umts.vodacom.co.za | - | High
|
||||
253 | [41.56.181.200](https://vuldb.com/?ip.41.56.181.200) | - | - | High
|
||||
254 | [41.70.42.112](https://vuldb.com/?ip.41.70.42.112) | - | - | High
|
||||
255 | [42.63.100.82](https://vuldb.com/?ip.42.63.100.82) | - | - | High
|
||||
256 | [42.104.196.184](https://vuldb.com/?ip.42.104.196.184) | - | - | High
|
||||
257 | [42.179.23.39](https://vuldb.com/?ip.42.179.23.39) | - | - | High
|
||||
258 | [43.184.255.110](https://vuldb.com/?ip.43.184.255.110) | - | - | High
|
||||
259 | [44.94.75.93](https://vuldb.com/?ip.44.94.75.93) | - | - | High
|
||||
260 | [44.224.48.159](https://vuldb.com/?ip.44.224.48.159) | ec2-44-224-48-159.us-west-2.compute.amazonaws.com | - | Medium
|
||||
261 | [45.3.236.177](https://vuldb.com/?ip.45.3.236.177) | 045-003-236-177.biz.spectrum.com | - | High
|
||||
262 | [45.11.19.70](https://vuldb.com/?ip.45.11.19.70) | - | - | High
|
||||
263 | [45.11.19.86](https://vuldb.com/?ip.45.11.19.86) | - | - | High
|
||||
264 | [45.11.19.208](https://vuldb.com/?ip.45.11.19.208) | - | - | High
|
||||
265 | [45.11.19.224](https://vuldb.com/?ip.45.11.19.224) | - | - | High
|
||||
266 | [45.11.19.252](https://vuldb.com/?ip.45.11.19.252) | - | - | High
|
||||
267 | [45.32.37.109](https://vuldb.com/?ip.45.32.37.109) | 45.32.37.109.vultrusercontent.com | - | High
|
||||
268 | [45.61.184.8](https://vuldb.com/?ip.45.61.184.8) | mail.oelke.tec.br | - | High
|
||||
269 | [45.61.184.24](https://vuldb.com/?ip.45.61.184.24) | - | - | High
|
||||
270 | [45.61.184.227](https://vuldb.com/?ip.45.61.184.227) | MiamiTorNew1.Quetzalcoatl-relays.org | - | High
|
||||
271 | [45.61.185.65](https://vuldb.com/?ip.45.61.185.65) | exitrelay40.medvideos-tor.org | - | High
|
||||
272 | [45.61.185.227](https://vuldb.com/?ip.45.61.185.227) | - | - | High
|
||||
273 | [45.61.186.18](https://vuldb.com/?ip.45.61.186.18) | - | - | High
|
||||
274 | [45.61.186.51](https://vuldb.com/?ip.45.61.186.51) | - | - | High
|
||||
275 | [45.61.187.10](https://vuldb.com/?ip.45.61.187.10) | 45-61-187-10.ger.priv.allsafevpn.com | - | High
|
||||
276 | [45.61.187.40](https://vuldb.com/?ip.45.61.187.40) | - | - | High
|
||||
277 | [45.61.187.123](https://vuldb.com/?ip.45.61.187.123) | smtp20.shbgura.xyz | - | High
|
||||
278 | [45.61.187.160](https://vuldb.com/?ip.45.61.187.160) | - | - | High
|
||||
279 | [45.61.187.170](https://vuldb.com/?ip.45.61.187.170) | - | - | High
|
||||
280 | [45.61.187.204](https://vuldb.com/?ip.45.61.187.204) | - | - | High
|
||||
281 | [45.61.187.225](https://vuldb.com/?ip.45.61.187.225) | - | - | High
|
||||
282 | [45.66.151.59](https://vuldb.com/?ip.45.66.151.59) | - | - | High
|
||||
283 | [45.66.151.142](https://vuldb.com/?ip.45.66.151.142) | - | - | High
|
||||
284 | [45.66.151.150](https://vuldb.com/?ip.45.66.151.150) | - | - | High
|
||||
285 | [45.66.151.151](https://vuldb.com/?ip.45.66.151.151) | - | - | High
|
||||
286 | [45.66.151.155](https://vuldb.com/?ip.45.66.151.155) | - | - | High
|
||||
287 | [45.66.151.193](https://vuldb.com/?ip.45.66.151.193) | - | - | High
|
||||
288 | [45.66.248.61](https://vuldb.com/?ip.45.66.248.61) | parts861.simplestartvideos.com | - | High
|
||||
289 | [45.66.248.64](https://vuldb.com/?ip.45.66.248.64) | 0n3reye0i0.alyanova.com | - | High
|
||||
290 | [45.66.248.156](https://vuldb.com/?ip.45.66.248.156) | - | - | High
|
||||
291 | [45.66.248.216](https://vuldb.com/?ip.45.66.248.216) | spam.lastmer.xyz | - | High
|
||||
292 | [45.67.231.123](https://vuldb.com/?ip.45.67.231.123) | mihome.ru | - | High
|
||||
293 | [45.67.231.151](https://vuldb.com/?ip.45.67.231.151) | vm1197030.stark-industries.solutions | - | High
|
||||
294 | [45.84.0.13](https://vuldb.com/?ip.45.84.0.13) | vm523902.stark-industries.solutions | - | High
|
||||
295 | [45.84.240.87](https://vuldb.com/?ip.45.84.240.87) | - | - | High
|
||||
296 | [45.132.180.49](https://vuldb.com/?ip.45.132.180.49) | - | - | High
|
||||
297 | [45.138.172.22](https://vuldb.com/?ip.45.138.172.22) | - | - | High
|
||||
298 | [45.138.172.246](https://vuldb.com/?ip.45.138.172.246) | - | - | High
|
||||
299 | [45.140.146.30](https://vuldb.com/?ip.45.140.146.30) | vm542320.stark-industries.solutions | - | High
|
||||
300 | [45.140.146.244](https://vuldb.com/?ip.45.140.146.244) | - | - | High
|
||||
301 | [45.141.58.37](https://vuldb.com/?ip.45.141.58.37) | - | - | High
|
||||
302 | [45.141.58.139](https://vuldb.com/?ip.45.141.58.139) | galorebase.com | - | High
|
||||
303 | [45.142.214.120](https://vuldb.com/?ip.45.142.214.120) | vm516885.stark-industries.solutions | - | High
|
||||
304 | [45.142.214.167](https://vuldb.com/?ip.45.142.214.167) | - | - | High
|
||||
305 | [45.147.229.23](https://vuldb.com/?ip.45.147.229.23) | - | - | High
|
||||
306 | [45.147.229.47](https://vuldb.com/?ip.45.147.229.47) | - | - | High
|
||||
307 | [45.147.229.50](https://vuldb.com/?ip.45.147.229.50) | - | - | High
|
||||
308 | [45.147.229.101](https://vuldb.com/?ip.45.147.229.101) | - | - | High
|
||||
309 | [45.147.229.177](https://vuldb.com/?ip.45.147.229.177) | - | - | High
|
||||
310 | [45.147.229.199](https://vuldb.com/?ip.45.147.229.199) | - | - | High
|
||||
311 | [45.147.229.223](https://vuldb.com/?ip.45.147.229.223) | - | - | High
|
||||
312 | [45.147.230.179](https://vuldb.com/?ip.45.147.230.179) | - | - | High
|
||||
313 | [45.147.230.233](https://vuldb.com/?ip.45.147.230.233) | - | - | High
|
||||
314 | [45.147.230.245](https://vuldb.com/?ip.45.147.230.245) | poppuworls.club | - | High
|
||||
315 | [45.147.231.107](https://vuldb.com/?ip.45.147.231.107) | - | - | High
|
||||
316 | [45.147.231.156](https://vuldb.com/?ip.45.147.231.156) | - | - | High
|
||||
317 | [45.147.231.202](https://vuldb.com/?ip.45.147.231.202) | - | - | High
|
||||
318 | [45.147.231.232](https://vuldb.com/?ip.45.147.231.232) | - | - | High
|
||||
319 | [45.150.67.154](https://vuldb.com/?ip.45.150.67.154) | vm1326648.stark-industries.solutions | - | High
|
||||
320 | [45.153.240.56](https://vuldb.com/?ip.45.153.240.56) | - | - | High
|
||||
321 | [45.153.240.94](https://vuldb.com/?ip.45.153.240.94) | - | - | High
|
||||
322 | [45.153.240.139](https://vuldb.com/?ip.45.153.240.139) | - | - | High
|
||||
323 | [45.153.240.155](https://vuldb.com/?ip.45.153.240.155) | - | - | High
|
||||
324 | [45.153.241.19](https://vuldb.com/?ip.45.153.241.19) | - | - | High
|
||||
325 | [45.153.241.64](https://vuldb.com/?ip.45.153.241.64) | - | - | High
|
||||
326 | [45.153.241.120](https://vuldb.com/?ip.45.153.241.120) | - | - | High
|
||||
327 | [45.153.241.187](https://vuldb.com/?ip.45.153.241.187) | - | - | High
|
||||
328 | [45.153.241.209](https://vuldb.com/?ip.45.153.241.209) | - | - | High
|
||||
329 | [45.153.241.234](https://vuldb.com/?ip.45.153.241.234) | - | - | High
|
||||
330 | [45.153.241.245](https://vuldb.com/?ip.45.153.241.245) | - | - | High
|
||||
331 | [45.153.242.61](https://vuldb.com/?ip.45.153.242.61) | - | - | High
|
||||
332 | [45.153.242.100](https://vuldb.com/?ip.45.153.242.100) | - | - | High
|
||||
333 | [45.153.242.105](https://vuldb.com/?ip.45.153.242.105) | - | - | High
|
||||
334 | [45.153.242.183](https://vuldb.com/?ip.45.153.242.183) | - | - | High
|
||||
335 | [45.153.242.184](https://vuldb.com/?ip.45.153.242.184) | - | - | High
|
||||
336 | [45.153.242.242](https://vuldb.com/?ip.45.153.242.242) | - | - | High
|
||||
337 | [45.153.243.82](https://vuldb.com/?ip.45.153.243.82) | - | - | High
|
||||
338 | [45.153.243.93](https://vuldb.com/?ip.45.153.243.93) | - | - | High
|
||||
339 | [45.153.243.111](https://vuldb.com/?ip.45.153.243.111) | - | - | High
|
||||
340 | [45.153.243.126](https://vuldb.com/?ip.45.153.243.126) | - | - | High
|
||||
341 | [45.153.243.130](https://vuldb.com/?ip.45.153.243.130) | - | - | High
|
||||
342 | [45.153.243.222](https://vuldb.com/?ip.45.153.243.222) | - | - | High
|
||||
343 | [46.21.153.145](https://vuldb.com/?ip.46.21.153.145) | 145.153.21.46.static.swiftway.net | - | High
|
||||
344 | [46.21.153.157](https://vuldb.com/?ip.46.21.153.157) | 157.153.21.46.static.swiftway.net | - | High
|
||||
345 | [46.21.153.246](https://vuldb.com/?ip.46.21.153.246) | 246.153.21.46.static.swiftway.net | - | High
|
||||
346 | [46.44.240.53](https://vuldb.com/?ip.46.44.240.53) | 46-44-240-53.ip.welcomeitalia.it | - | High
|
||||
347 | [46.142.186.28](https://vuldb.com/?ip.46.142.186.28) | 28-186-142-46.pool.kielnet.net | - | High
|
||||
348 | [46.142.187.27](https://vuldb.com/?ip.46.142.187.27) | 27-187-142-46.pool.kielnet.net | - | High
|
||||
349 | ... | ... | ... | ...
|
||||
37 | [8.222.182.83](https://vuldb.com/?ip.8.222.182.83) | - | - | High
|
||||
38 | [8.222.227.103](https://vuldb.com/?ip.8.222.227.103) | - | - | High
|
||||
39 | [8.253.171.67](https://vuldb.com/?ip.8.253.171.67) | - | - | High
|
||||
40 | [9.63.15.101](https://vuldb.com/?ip.9.63.15.101) | - | - | High
|
||||
41 | [9.240.112.25](https://vuldb.com/?ip.9.240.112.25) | - | - | High
|
||||
42 | [10.28.17.62](https://vuldb.com/?ip.10.28.17.62) | - | - | High
|
||||
43 | [11.1.201.27](https://vuldb.com/?ip.11.1.201.27) | - | - | High
|
||||
44 | [12.75.186.131](https://vuldb.com/?ip.12.75.186.131) | 131.newark-21-23rs.nj.dial-access.att.net | - | High
|
||||
45 | [12.115.36.174](https://vuldb.com/?ip.12.115.36.174) | - | - | High
|
||||
46 | [12.153.80.238](https://vuldb.com/?ip.12.153.80.238) | - | - | High
|
||||
47 | [12.194.222.34](https://vuldb.com/?ip.12.194.222.34) | - | - | High
|
||||
48 | [12.202.229.195](https://vuldb.com/?ip.12.202.229.195) | - | - | High
|
||||
49 | [12.236.242.155](https://vuldb.com/?ip.12.236.242.155) | - | - | High
|
||||
50 | [13.2.200.200](https://vuldb.com/?ip.13.2.200.200) | - | - | High
|
||||
51 | [13.218.205.215](https://vuldb.com/?ip.13.218.205.215) | - | - | High
|
||||
52 | [13.234.171.104](https://vuldb.com/?ip.13.234.171.104) | ec2-13-234-171-104.ap-south-1.compute.amazonaws.com | - | Medium
|
||||
53 | [14.7.69.141](https://vuldb.com/?ip.14.7.69.141) | - | - | High
|
||||
54 | [14.11.77.37](https://vuldb.com/?ip.14.11.77.37) | M014011077037.v4.enabler.ne.jp | - | High
|
||||
55 | [14.40.68.19](https://vuldb.com/?ip.14.40.68.19) | - | - | High
|
||||
56 | [14.63.191.213](https://vuldb.com/?ip.14.63.191.213) | - | - | High
|
||||
57 | [14.102.170.127](https://vuldb.com/?ip.14.102.170.127) | cache-ipnet01.nexlogic.ph | - | High
|
||||
58 | [14.128.51.19](https://vuldb.com/?ip.14.128.51.19) | - | - | High
|
||||
59 | [14.155.143.74](https://vuldb.com/?ip.14.155.143.74) | - | - | High
|
||||
60 | [14.163.179.250](https://vuldb.com/?ip.14.163.179.250) | static.vnpt.vn | - | High
|
||||
61 | [14.195.237.81](https://vuldb.com/?ip.14.195.237.81) | static-81.237.195.14-tataidc.co.in | - | High
|
||||
62 | [15.209.19.148](https://vuldb.com/?ip.15.209.19.148) | - | - | High
|
||||
63 | [15.248.60.137](https://vuldb.com/?ip.15.248.60.137) | - | - | High
|
||||
64 | [16.86.113.88](https://vuldb.com/?ip.16.86.113.88) | - | - | High
|
||||
65 | [16.249.204.133](https://vuldb.com/?ip.16.249.204.133) | - | - | High
|
||||
66 | [17.29.249.188](https://vuldb.com/?ip.17.29.249.188) | - | - | High
|
||||
67 | [17.147.212.14](https://vuldb.com/?ip.17.147.212.14) | - | - | High
|
||||
68 | [18.8.71.243](https://vuldb.com/?ip.18.8.71.243) | - | - | High
|
||||
69 | [18.127.96.221](https://vuldb.com/?ip.18.127.96.221) | - | - | High
|
||||
70 | [18.141.105.98](https://vuldb.com/?ip.18.141.105.98) | ec2-18-141-105-98.ap-southeast-1.compute.amazonaws.com | - | Medium
|
||||
71 | [18.151.45.13](https://vuldb.com/?ip.18.151.45.13) | - | - | High
|
||||
72 | [18.210.196.217](https://vuldb.com/?ip.18.210.196.217) | ec2-18-210-196-217.compute-1.amazonaws.com | - | Medium
|
||||
73 | [19.32.56.182](https://vuldb.com/?ip.19.32.56.182) | - | - | High
|
||||
74 | [19.71.13.153](https://vuldb.com/?ip.19.71.13.153) | - | - | High
|
||||
75 | [19.128.78.21](https://vuldb.com/?ip.19.128.78.21) | - | - | High
|
||||
76 | [20.150.149.28](https://vuldb.com/?ip.20.150.149.28) | - | - | High
|
||||
77 | [21.21.141.32](https://vuldb.com/?ip.21.21.141.32) | - | - | High
|
||||
78 | [21.29.238.98](https://vuldb.com/?ip.21.29.238.98) | - | - | High
|
||||
79 | [21.175.22.99](https://vuldb.com/?ip.21.175.22.99) | - | - | High
|
||||
80 | [21.246.85.34](https://vuldb.com/?ip.21.246.85.34) | - | - | High
|
||||
81 | [22.39.164.0](https://vuldb.com/?ip.22.39.164.0) | - | - | High
|
||||
82 | [22.83.186.45](https://vuldb.com/?ip.22.83.186.45) | - | - | High
|
||||
83 | [22.175.0.90](https://vuldb.com/?ip.22.175.0.90) | - | - | High
|
||||
84 | [22.252.18.49](https://vuldb.com/?ip.22.252.18.49) | - | - | High
|
||||
85 | [23.19.58.176](https://vuldb.com/?ip.23.19.58.176) | i58.176.lofame.net | - | High
|
||||
86 | [23.19.58.212](https://vuldb.com/?ip.23.19.58.212) | - | - | High
|
||||
87 | [23.19.58.251](https://vuldb.com/?ip.23.19.58.251) | - | - | High
|
||||
88 | [23.29.115.164](https://vuldb.com/?ip.23.29.115.164) | 23-29-115-164.static.hvvc.us | - | High
|
||||
89 | [23.29.115.172](https://vuldb.com/?ip.23.29.115.172) | 23-29-115-172.static.hvvc.us | - | High
|
||||
90 | [23.81.246.17](https://vuldb.com/?ip.23.81.246.17) | - | - | High
|
||||
91 | [23.81.246.22](https://vuldb.com/?ip.23.81.246.22) | - | - | High
|
||||
92 | [23.81.246.171](https://vuldb.com/?ip.23.81.246.171) | - | - | High
|
||||
93 | [23.81.246.187](https://vuldb.com/?ip.23.81.246.187) | - | - | High
|
||||
94 | [23.81.246.205](https://vuldb.com/?ip.23.81.246.205) | - | - | High
|
||||
95 | [23.82.19.119](https://vuldb.com/?ip.23.82.19.119) | - | - | High
|
||||
96 | [23.82.19.208](https://vuldb.com/?ip.23.82.19.208) | - | - | High
|
||||
97 | [23.82.128.11](https://vuldb.com/?ip.23.82.128.11) | - | - | High
|
||||
98 | [23.82.128.116](https://vuldb.com/?ip.23.82.128.116) | - | - | High
|
||||
99 | [23.82.128.127](https://vuldb.com/?ip.23.82.128.127) | - | - | High
|
||||
100 | [23.82.128.149](https://vuldb.com/?ip.23.82.128.149) | - | - | High
|
||||
101 | [23.82.140.14](https://vuldb.com/?ip.23.82.140.14) | - | - | High
|
||||
102 | [23.82.140.100](https://vuldb.com/?ip.23.82.140.100) | - | - | High
|
||||
103 | [23.82.140.133](https://vuldb.com/?ip.23.82.140.133) | - | - | High
|
||||
104 | [23.82.140.155](https://vuldb.com/?ip.23.82.140.155) | - | - | High
|
||||
105 | [23.82.140.180](https://vuldb.com/?ip.23.82.140.180) | - | - | High
|
||||
106 | [23.82.141.11](https://vuldb.com/?ip.23.82.141.11) | - | - | High
|
||||
107 | [23.82.141.184](https://vuldb.com/?ip.23.82.141.184) | - | - | High
|
||||
108 | [23.82.141.185](https://vuldb.com/?ip.23.82.141.185) | - | - | High
|
||||
109 | [23.83.133.1](https://vuldb.com/?ip.23.83.133.1) | v327.er01.dal.ubiquity.io | - | High
|
||||
110 | [23.83.133.13](https://vuldb.com/?ip.23.83.133.13) | - | - | High
|
||||
111 | [23.83.133.182](https://vuldb.com/?ip.23.83.133.182) | - | - | High
|
||||
112 | [23.83.133.215](https://vuldb.com/?ip.23.83.133.215) | - | - | High
|
||||
113 | [23.83.133.216](https://vuldb.com/?ip.23.83.133.216) | - | - | High
|
||||
114 | [23.83.134.110](https://vuldb.com/?ip.23.83.134.110) | - | - | High
|
||||
115 | [23.83.134.133](https://vuldb.com/?ip.23.83.134.133) | - | - | High
|
||||
116 | [23.83.134.136](https://vuldb.com/?ip.23.83.134.136) | - | - | High
|
||||
117 | [23.88.117.246](https://vuldb.com/?ip.23.88.117.246) | static.246.117.88.23.clients.your-server.de | - | High
|
||||
118 | [23.106.124.23](https://vuldb.com/?ip.23.106.124.23) | - | - | High
|
||||
119 | [23.106.124.154](https://vuldb.com/?ip.23.106.124.154) | - | - | High
|
||||
120 | [23.106.160.33](https://vuldb.com/?ip.23.106.160.33) | - | - | High
|
||||
121 | [23.106.160.39](https://vuldb.com/?ip.23.106.160.39) | - | - | High
|
||||
122 | [23.106.160.40](https://vuldb.com/?ip.23.106.160.40) | - | - | High
|
||||
123 | [23.106.160.52](https://vuldb.com/?ip.23.106.160.52) | - | - | High
|
||||
124 | [23.106.160.82](https://vuldb.com/?ip.23.106.160.82) | - | - | High
|
||||
125 | [23.106.160.112](https://vuldb.com/?ip.23.106.160.112) | - | - | High
|
||||
126 | [23.106.160.117](https://vuldb.com/?ip.23.106.160.117) | - | - | High
|
||||
127 | [23.106.160.120](https://vuldb.com/?ip.23.106.160.120) | - | - | High
|
||||
128 | [23.106.160.137](https://vuldb.com/?ip.23.106.160.137) | - | - | High
|
||||
129 | [23.106.160.141](https://vuldb.com/?ip.23.106.160.141) | - | - | High
|
||||
130 | [23.106.215.45](https://vuldb.com/?ip.23.106.215.45) | - | - | High
|
||||
131 | [23.106.215.60](https://vuldb.com/?ip.23.106.215.60) | - | - | High
|
||||
132 | [23.106.215.82](https://vuldb.com/?ip.23.106.215.82) | - | - | High
|
||||
133 | [23.106.215.123](https://vuldb.com/?ip.23.106.215.123) | - | - | High
|
||||
134 | [23.106.215.133](https://vuldb.com/?ip.23.106.215.133) | - | - | High
|
||||
135 | [23.106.215.141](https://vuldb.com/?ip.23.106.215.141) | - | - | High
|
||||
136 | [23.106.215.165](https://vuldb.com/?ip.23.106.215.165) | zootech.click | - | High
|
||||
137 | [23.106.215.225](https://vuldb.com/?ip.23.106.215.225) | - | - | High
|
||||
138 | [23.106.215.230](https://vuldb.com/?ip.23.106.215.230) | - | - | High
|
||||
139 | [23.106.215.233](https://vuldb.com/?ip.23.106.215.233) | - | - | High
|
||||
140 | [23.106.223.1](https://vuldb.com/?ip.23.106.223.1) | - | - | High
|
||||
141 | [23.106.223.14](https://vuldb.com/?ip.23.106.223.14) | - | - | High
|
||||
142 | [23.106.223.130](https://vuldb.com/?ip.23.106.223.130) | - | - | High
|
||||
143 | [23.106.223.144](https://vuldb.com/?ip.23.106.223.144) | - | - | High
|
||||
144 | [23.106.223.182](https://vuldb.com/?ip.23.106.223.182) | - | - | High
|
||||
145 | [23.106.223.197](https://vuldb.com/?ip.23.106.223.197) | - | - | High
|
||||
146 | [23.106.223.209](https://vuldb.com/?ip.23.106.223.209) | - | - | High
|
||||
147 | [23.106.223.219](https://vuldb.com/?ip.23.106.223.219) | - | - | High
|
||||
148 | [23.106.223.222](https://vuldb.com/?ip.23.106.223.222) | - | - | High
|
||||
149 | [23.108.57.5](https://vuldb.com/?ip.23.108.57.5) | - | - | High
|
||||
150 | [23.108.57.13](https://vuldb.com/?ip.23.108.57.13) | - | - | High
|
||||
151 | [23.108.57.29](https://vuldb.com/?ip.23.108.57.29) | - | - | High
|
||||
152 | [23.108.57.57](https://vuldb.com/?ip.23.108.57.57) | tuks.net | - | High
|
||||
153 | [23.108.57.59](https://vuldb.com/?ip.23.108.57.59) | - | - | High
|
||||
154 | [23.108.57.65](https://vuldb.com/?ip.23.108.57.65) | - | - | High
|
||||
155 | [23.108.57.66](https://vuldb.com/?ip.23.108.57.66) | - | - | High
|
||||
156 | [23.108.57.79](https://vuldb.com/?ip.23.108.57.79) | - | - | High
|
||||
157 | [23.108.57.87](https://vuldb.com/?ip.23.108.57.87) | - | - | High
|
||||
158 | [23.108.57.161](https://vuldb.com/?ip.23.108.57.161) | - | - | High
|
||||
159 | [23.108.57.200](https://vuldb.com/?ip.23.108.57.200) | - | - | High
|
||||
160 | [23.108.57.201](https://vuldb.com/?ip.23.108.57.201) | - | - | High
|
||||
161 | [23.108.57.250](https://vuldb.com/?ip.23.108.57.250) | - | - | High
|
||||
162 | [23.136.208.76](https://vuldb.com/?ip.23.136.208.76) | - | - | High
|
||||
163 | [23.227.198.195](https://vuldb.com/?ip.23.227.198.195) | multiatom.com | - | High
|
||||
164 | [23.227.198.217](https://vuldb.com/?ip.23.227.198.217) | 23-227-198-217.static.hvvc.us | - | High
|
||||
165 | [23.227.198.241](https://vuldb.com/?ip.23.227.198.241) | 23-227-198-241.static.hvvc.us | - | High
|
||||
166 | [23.227.202.179](https://vuldb.com/?ip.23.227.202.179) | trackvous.com | - | High
|
||||
167 | [23.227.203.120](https://vuldb.com/?ip.23.227.203.120) | 23-227-203-120.static.hvvc.us | - | High
|
||||
168 | [23.229.117.229](https://vuldb.com/?ip.23.229.117.229) | - | - | High
|
||||
169 | [23.254.142.159](https://vuldb.com/?ip.23.254.142.159) | client-23-254-142-159.hostwindsdns.com | - | High
|
||||
170 | [23.254.161.46](https://vuldb.com/?ip.23.254.161.46) | hwsrv-1063022.hostwindsdns.com | - | High
|
||||
171 | [23.254.167.63](https://vuldb.com/?ip.23.254.167.63) | hwsrv-1063920.hostwindsdns.com | - | High
|
||||
172 | [23.254.167.143](https://vuldb.com/?ip.23.254.167.143) | client-23-254-167-143.hostwindsdns.com | - | High
|
||||
173 | [23.254.201.97](https://vuldb.com/?ip.23.254.201.97) | hwsrv-974106.hostwindsdns.com | - | High
|
||||
174 | [23.254.202.59](https://vuldb.com/?ip.23.254.202.59) | hwsrv-987701.hostwindsdns.com | - | High
|
||||
175 | [23.254.204.109](https://vuldb.com/?ip.23.254.204.109) | client-23-254-204-109.hostwindsdns.com | - | High
|
||||
176 | [23.254.204.210](https://vuldb.com/?ip.23.254.204.210) | hwsrv-1046249.hostwindsdns.com | - | High
|
||||
177 | [23.254.217.20](https://vuldb.com/?ip.23.254.217.20) | hwsrv-984041.hostwindsdns.com | - | High
|
||||
178 | [23.254.217.222](https://vuldb.com/?ip.23.254.217.222) | hwsrv-976272.hostwindsdns.com | - | High
|
||||
179 | [23.254.224.200](https://vuldb.com/?ip.23.254.224.200) | hwsrv-1001143.hostwindsdns.com | - | High
|
||||
180 | [23.254.225.130](https://vuldb.com/?ip.23.254.225.130) | hwsrv-1067630.hostwindsdns.com | - | High
|
||||
181 | [23.254.225.249](https://vuldb.com/?ip.23.254.225.249) | client-23-254-225-249.hostwindsdns.com | - | High
|
||||
182 | [23.254.227.53](https://vuldb.com/?ip.23.254.227.53) | hwsrv-1057942.hostwindsdns.com | - | High
|
||||
183 | [23.254.227.144](https://vuldb.com/?ip.23.254.227.144) | hwsrv-982332.hostwindsdns.com | - | High
|
||||
184 | [23.254.229.131](https://vuldb.com/?ip.23.254.229.131) | ruth.gobuddy.info | - | High
|
||||
185 | [23.254.229.210](https://vuldb.com/?ip.23.254.229.210) | tigern.throwbackdinos.com | - | High
|
||||
186 | [23.254.247.48](https://vuldb.com/?ip.23.254.247.48) | hwsrv-1063028.hostwindsdns.com | - | High
|
||||
187 | [24.4.68.32](https://vuldb.com/?ip.24.4.68.32) | c-24-4-68-32.hsd1.ca.comcast.net | - | High
|
||||
188 | [24.57.185.167](https://vuldb.com/?ip.24.57.185.167) | d24-57-185-167.home.cgocable.net | - | High
|
||||
189 | [24.121.25.160](https://vuldb.com/?ip.24.121.25.160) | 24-121-25-160.sdoncmtk01.com.dyn.suddenlink.net | - | High
|
||||
190 | [24.183.132.242](https://vuldb.com/?ip.24.183.132.242) | 024-183-132-242.res.spectrum.com | - | High
|
||||
191 | [25.5.198.104](https://vuldb.com/?ip.25.5.198.104) | - | - | High
|
||||
192 | [25.131.252.242](https://vuldb.com/?ip.25.131.252.242) | - | - | High
|
||||
193 | [25.169.42.242](https://vuldb.com/?ip.25.169.42.242) | - | - | High
|
||||
194 | [25.170.215.18](https://vuldb.com/?ip.25.170.215.18) | - | - | High
|
||||
195 | [25.181.64.39](https://vuldb.com/?ip.25.181.64.39) | - | - | High
|
||||
196 | [26.6.83.53](https://vuldb.com/?ip.26.6.83.53) | - | - | High
|
||||
197 | [27.31.180.123](https://vuldb.com/?ip.27.31.180.123) | - | - | High
|
||||
198 | [28.11.143.222](https://vuldb.com/?ip.28.11.143.222) | - | - | High
|
||||
199 | [28.23.200.103](https://vuldb.com/?ip.28.23.200.103) | - | - | High
|
||||
200 | [28.53.120.108](https://vuldb.com/?ip.28.53.120.108) | - | - | High
|
||||
201 | [28.107.38.196](https://vuldb.com/?ip.28.107.38.196) | - | - | High
|
||||
202 | [28.148.236.16](https://vuldb.com/?ip.28.148.236.16) | - | - | High
|
||||
203 | [28.183.174.200](https://vuldb.com/?ip.28.183.174.200) | - | - | High
|
||||
204 | [29.15.120.102](https://vuldb.com/?ip.29.15.120.102) | - | - | High
|
||||
205 | [29.64.0.111](https://vuldb.com/?ip.29.64.0.111) | - | - | High
|
||||
206 | [29.122.243.158](https://vuldb.com/?ip.29.122.243.158) | - | - | High
|
||||
207 | [29.203.98.166](https://vuldb.com/?ip.29.203.98.166) | - | - | High
|
||||
208 | [30.17.4.146](https://vuldb.com/?ip.30.17.4.146) | - | - | High
|
||||
209 | [30.65.48.152](https://vuldb.com/?ip.30.65.48.152) | - | - | High
|
||||
210 | [30.140.193.246](https://vuldb.com/?ip.30.140.193.246) | - | - | High
|
||||
211 | [30.205.76.70](https://vuldb.com/?ip.30.205.76.70) | - | - | High
|
||||
212 | [30.225.24.243](https://vuldb.com/?ip.30.225.24.243) | - | - | High
|
||||
213 | [31.135.71.34](https://vuldb.com/?ip.31.135.71.34) | - | - | High
|
||||
214 | [31.228.253.114](https://vuldb.com/?ip.31.228.253.114) | - | - | High
|
||||
215 | [31.232.16.192](https://vuldb.com/?ip.31.232.16.192) | - | - | High
|
||||
216 | [32.54.188.44](https://vuldb.com/?ip.32.54.188.44) | - | - | High
|
||||
217 | [32.181.245.23](https://vuldb.com/?ip.32.181.245.23) | - | - | High
|
||||
218 | [33.93.97.183](https://vuldb.com/?ip.33.93.97.183) | - | - | High
|
||||
219 | [33.145.184.132](https://vuldb.com/?ip.33.145.184.132) | - | - | High
|
||||
220 | [33.191.119.32](https://vuldb.com/?ip.33.191.119.32) | - | - | High
|
||||
221 | [34.1.180.202](https://vuldb.com/?ip.34.1.180.202) | - | - | High
|
||||
222 | [34.2.221.48](https://vuldb.com/?ip.34.2.221.48) | - | - | High
|
||||
223 | [34.34.152.166](https://vuldb.com/?ip.34.34.152.166) | 166.152.34.34.bc.googleusercontent.com | - | Medium
|
||||
224 | [34.119.95.6](https://vuldb.com/?ip.34.119.95.6) | 6.95.119.34.bc.googleusercontent.com | - | Medium
|
||||
225 | [34.229.154.31](https://vuldb.com/?ip.34.229.154.31) | ec2-34-229-154-31.compute-1.amazonaws.com | - | Medium
|
||||
226 | [35.120.155.220](https://vuldb.com/?ip.35.120.155.220) | - | - | High
|
||||
227 | [36.110.58.103](https://vuldb.com/?ip.36.110.58.103) | 103.58.110.36.static.bjtelecom.net | - | High
|
||||
228 | [36.150.76.13](https://vuldb.com/?ip.36.150.76.13) | - | - | High
|
||||
229 | [36.201.196.202](https://vuldb.com/?ip.36.201.196.202) | - | - | High
|
||||
230 | [37.1.214.72](https://vuldb.com/?ip.37.1.214.72) | - | - | High
|
||||
231 | [37.1.214.229](https://vuldb.com/?ip.37.1.214.229) | - | - | High
|
||||
232 | [37.28.155.36](https://vuldb.com/?ip.37.28.155.36) | d155036.artnet.gda.pl | - | High
|
||||
233 | [37.28.156.24](https://vuldb.com/?ip.37.28.156.24) | d156024.artnet.gda.pl | - | High
|
||||
234 | [37.28.157.29](https://vuldb.com/?ip.37.28.157.29) | d157029.artnet.gda.pl | - | High
|
||||
235 | [37.42.62.77](https://vuldb.com/?ip.37.42.62.77) | - | - | High
|
||||
236 | [37.64.220.2](https://vuldb.com/?ip.37.64.220.2) | 2.220.64.37.rev.sfr.net | - | High
|
||||
237 | [37.72.174.9](https://vuldb.com/?ip.37.72.174.9) | emailmail.org.uk | - | High
|
||||
238 | [37.72.174.23](https://vuldb.com/?ip.37.72.174.23) | 37-72-174-23.static.hvvc.us | - | High
|
||||
239 | [37.120.198.248](https://vuldb.com/?ip.37.120.198.248) | - | - | High
|
||||
240 | [37.189.74.5](https://vuldb.com/?ip.37.189.74.5) | bl28-74-5.dsl.telepac.pt | - | High
|
||||
241 | [37.221.67.104](https://vuldb.com/?ip.37.221.67.104) | host001 | - | High
|
||||
242 | [37.221.67.122](https://vuldb.com/?ip.37.221.67.122) | finese | - | High
|
||||
243 | [38.12.57.131](https://vuldb.com/?ip.38.12.57.131) | - | - | High
|
||||
244 | [38.48.147.152](https://vuldb.com/?ip.38.48.147.152) | - | - | High
|
||||
245 | [38.180.4.165](https://vuldb.com/?ip.38.180.4.165) | - | - | High
|
||||
246 | [38.180.25.71](https://vuldb.com/?ip.38.180.25.71) | - | - | High
|
||||
247 | [38.180.25.111](https://vuldb.com/?ip.38.180.25.111) | - | - | High
|
||||
248 | [39.57.152.217](https://vuldb.com/?ip.39.57.152.217) | - | - | High
|
||||
249 | [40.47.149.113](https://vuldb.com/?ip.40.47.149.113) | - | - | High
|
||||
250 | [40.72.17.141](https://vuldb.com/?ip.40.72.17.141) | - | - | High
|
||||
251 | [41.7.15.180](https://vuldb.com/?ip.41.7.15.180) | vc-cpt-41-7-15-180.umts.vodacom.co.za | - | High
|
||||
252 | [41.15.71.157](https://vuldb.com/?ip.41.15.71.157) | vc-gp-n-41-15-71-157.umts.vodacom.co.za | - | High
|
||||
253 | [41.28.188.77](https://vuldb.com/?ip.41.28.188.77) | vc-gp-s-41-28-188-77.umts.vodacom.co.za | - | High
|
||||
254 | [41.56.181.200](https://vuldb.com/?ip.41.56.181.200) | - | - | High
|
||||
255 | [41.70.42.112](https://vuldb.com/?ip.41.70.42.112) | - | - | High
|
||||
256 | [42.63.100.82](https://vuldb.com/?ip.42.63.100.82) | - | - | High
|
||||
257 | [42.104.196.184](https://vuldb.com/?ip.42.104.196.184) | - | - | High
|
||||
258 | [42.179.23.39](https://vuldb.com/?ip.42.179.23.39) | - | - | High
|
||||
259 | [43.184.255.110](https://vuldb.com/?ip.43.184.255.110) | - | - | High
|
||||
260 | [44.94.75.93](https://vuldb.com/?ip.44.94.75.93) | - | - | High
|
||||
261 | [44.224.48.159](https://vuldb.com/?ip.44.224.48.159) | ec2-44-224-48-159.us-west-2.compute.amazonaws.com | - | Medium
|
||||
262 | [45.3.236.177](https://vuldb.com/?ip.45.3.236.177) | 045-003-236-177.biz.spectrum.com | - | High
|
||||
263 | [45.11.19.70](https://vuldb.com/?ip.45.11.19.70) | - | - | High
|
||||
264 | [45.11.19.86](https://vuldb.com/?ip.45.11.19.86) | - | - | High
|
||||
265 | [45.11.19.208](https://vuldb.com/?ip.45.11.19.208) | - | - | High
|
||||
266 | [45.11.19.224](https://vuldb.com/?ip.45.11.19.224) | - | - | High
|
||||
267 | [45.11.19.252](https://vuldb.com/?ip.45.11.19.252) | - | - | High
|
||||
268 | [45.32.37.109](https://vuldb.com/?ip.45.32.37.109) | 45.32.37.109.vultrusercontent.com | - | High
|
||||
269 | [45.61.184.8](https://vuldb.com/?ip.45.61.184.8) | mail.oelke.tec.br | - | High
|
||||
270 | [45.61.184.24](https://vuldb.com/?ip.45.61.184.24) | - | - | High
|
||||
271 | [45.61.184.227](https://vuldb.com/?ip.45.61.184.227) | MiamiTorNew1.Quetzalcoatl-relays.org | - | High
|
||||
272 | [45.61.185.65](https://vuldb.com/?ip.45.61.185.65) | exitrelay40.medvideos-tor.org | - | High
|
||||
273 | [45.61.185.227](https://vuldb.com/?ip.45.61.185.227) | - | - | High
|
||||
274 | [45.61.186.18](https://vuldb.com/?ip.45.61.186.18) | - | - | High
|
||||
275 | [45.61.186.51](https://vuldb.com/?ip.45.61.186.51) | - | - | High
|
||||
276 | [45.61.187.10](https://vuldb.com/?ip.45.61.187.10) | 45-61-187-10.ger.priv.allsafevpn.com | - | High
|
||||
277 | [45.61.187.40](https://vuldb.com/?ip.45.61.187.40) | - | - | High
|
||||
278 | [45.61.187.123](https://vuldb.com/?ip.45.61.187.123) | smtp20.shbgura.xyz | - | High
|
||||
279 | [45.61.187.160](https://vuldb.com/?ip.45.61.187.160) | - | - | High
|
||||
280 | [45.61.187.170](https://vuldb.com/?ip.45.61.187.170) | - | - | High
|
||||
281 | [45.61.187.204](https://vuldb.com/?ip.45.61.187.204) | - | - | High
|
||||
282 | [45.61.187.225](https://vuldb.com/?ip.45.61.187.225) | - | - | High
|
||||
283 | [45.66.151.59](https://vuldb.com/?ip.45.66.151.59) | - | - | High
|
||||
284 | [45.66.151.142](https://vuldb.com/?ip.45.66.151.142) | - | - | High
|
||||
285 | [45.66.151.150](https://vuldb.com/?ip.45.66.151.150) | - | - | High
|
||||
286 | [45.66.151.151](https://vuldb.com/?ip.45.66.151.151) | - | - | High
|
||||
287 | [45.66.151.155](https://vuldb.com/?ip.45.66.151.155) | - | - | High
|
||||
288 | [45.66.151.193](https://vuldb.com/?ip.45.66.151.193) | - | - | High
|
||||
289 | [45.66.248.61](https://vuldb.com/?ip.45.66.248.61) | parts861.simplestartvideos.com | - | High
|
||||
290 | [45.66.248.64](https://vuldb.com/?ip.45.66.248.64) | 0n3reye0i0.alyanova.com | - | High
|
||||
291 | [45.66.248.156](https://vuldb.com/?ip.45.66.248.156) | - | - | High
|
||||
292 | [45.66.248.216](https://vuldb.com/?ip.45.66.248.216) | spam.lastmer.xyz | - | High
|
||||
293 | [45.67.231.123](https://vuldb.com/?ip.45.67.231.123) | mihome.ru | - | High
|
||||
294 | [45.67.231.151](https://vuldb.com/?ip.45.67.231.151) | vm1197030.stark-industries.solutions | - | High
|
||||
295 | [45.84.0.13](https://vuldb.com/?ip.45.84.0.13) | vm523902.stark-industries.solutions | - | High
|
||||
296 | [45.84.240.87](https://vuldb.com/?ip.45.84.240.87) | - | - | High
|
||||
297 | [45.132.180.49](https://vuldb.com/?ip.45.132.180.49) | - | - | High
|
||||
298 | [45.138.172.22](https://vuldb.com/?ip.45.138.172.22) | - | - | High
|
||||
299 | [45.138.172.246](https://vuldb.com/?ip.45.138.172.246) | - | - | High
|
||||
300 | [45.140.146.30](https://vuldb.com/?ip.45.140.146.30) | vm542320.stark-industries.solutions | - | High
|
||||
301 | [45.140.146.244](https://vuldb.com/?ip.45.140.146.244) | - | - | High
|
||||
302 | [45.141.58.37](https://vuldb.com/?ip.45.141.58.37) | - | - | High
|
||||
303 | [45.141.58.139](https://vuldb.com/?ip.45.141.58.139) | galorebase.com | - | High
|
||||
304 | [45.142.214.120](https://vuldb.com/?ip.45.142.214.120) | vm516885.stark-industries.solutions | - | High
|
||||
305 | [45.142.214.167](https://vuldb.com/?ip.45.142.214.167) | - | - | High
|
||||
306 | [45.147.229.23](https://vuldb.com/?ip.45.147.229.23) | - | - | High
|
||||
307 | [45.147.229.47](https://vuldb.com/?ip.45.147.229.47) | - | - | High
|
||||
308 | [45.147.229.50](https://vuldb.com/?ip.45.147.229.50) | - | - | High
|
||||
309 | [45.147.229.101](https://vuldb.com/?ip.45.147.229.101) | - | - | High
|
||||
310 | [45.147.229.177](https://vuldb.com/?ip.45.147.229.177) | - | - | High
|
||||
311 | [45.147.229.199](https://vuldb.com/?ip.45.147.229.199) | - | - | High
|
||||
312 | [45.147.229.223](https://vuldb.com/?ip.45.147.229.223) | - | - | High
|
||||
313 | [45.147.230.179](https://vuldb.com/?ip.45.147.230.179) | - | - | High
|
||||
314 | [45.147.230.233](https://vuldb.com/?ip.45.147.230.233) | - | - | High
|
||||
315 | [45.147.230.245](https://vuldb.com/?ip.45.147.230.245) | poppuworls.club | - | High
|
||||
316 | [45.147.231.107](https://vuldb.com/?ip.45.147.231.107) | - | - | High
|
||||
317 | [45.147.231.156](https://vuldb.com/?ip.45.147.231.156) | - | - | High
|
||||
318 | [45.147.231.202](https://vuldb.com/?ip.45.147.231.202) | - | - | High
|
||||
319 | [45.147.231.232](https://vuldb.com/?ip.45.147.231.232) | - | - | High
|
||||
320 | [45.150.67.154](https://vuldb.com/?ip.45.150.67.154) | vm1326648.stark-industries.solutions | - | High
|
||||
321 | [45.153.240.56](https://vuldb.com/?ip.45.153.240.56) | - | - | High
|
||||
322 | [45.153.240.94](https://vuldb.com/?ip.45.153.240.94) | - | - | High
|
||||
323 | [45.153.240.139](https://vuldb.com/?ip.45.153.240.139) | - | - | High
|
||||
324 | [45.153.240.155](https://vuldb.com/?ip.45.153.240.155) | - | - | High
|
||||
325 | [45.153.241.19](https://vuldb.com/?ip.45.153.241.19) | - | - | High
|
||||
326 | [45.153.241.64](https://vuldb.com/?ip.45.153.241.64) | - | - | High
|
||||
327 | [45.153.241.120](https://vuldb.com/?ip.45.153.241.120) | - | - | High
|
||||
328 | [45.153.241.187](https://vuldb.com/?ip.45.153.241.187) | - | - | High
|
||||
329 | [45.153.241.209](https://vuldb.com/?ip.45.153.241.209) | - | - | High
|
||||
330 | [45.153.241.234](https://vuldb.com/?ip.45.153.241.234) | - | - | High
|
||||
331 | [45.153.241.245](https://vuldb.com/?ip.45.153.241.245) | - | - | High
|
||||
332 | [45.153.242.61](https://vuldb.com/?ip.45.153.242.61) | - | - | High
|
||||
333 | [45.153.242.100](https://vuldb.com/?ip.45.153.242.100) | - | - | High
|
||||
334 | [45.153.242.105](https://vuldb.com/?ip.45.153.242.105) | - | - | High
|
||||
335 | [45.153.242.183](https://vuldb.com/?ip.45.153.242.183) | - | - | High
|
||||
336 | [45.153.242.184](https://vuldb.com/?ip.45.153.242.184) | - | - | High
|
||||
337 | [45.153.242.242](https://vuldb.com/?ip.45.153.242.242) | - | - | High
|
||||
338 | [45.153.243.82](https://vuldb.com/?ip.45.153.243.82) | - | - | High
|
||||
339 | [45.153.243.93](https://vuldb.com/?ip.45.153.243.93) | - | - | High
|
||||
340 | [45.153.243.111](https://vuldb.com/?ip.45.153.243.111) | - | - | High
|
||||
341 | [45.153.243.126](https://vuldb.com/?ip.45.153.243.126) | - | - | High
|
||||
342 | [45.153.243.130](https://vuldb.com/?ip.45.153.243.130) | - | - | High
|
||||
343 | [45.153.243.222](https://vuldb.com/?ip.45.153.243.222) | - | - | High
|
||||
344 | [46.21.153.145](https://vuldb.com/?ip.46.21.153.145) | 145.153.21.46.static.swiftway.net | - | High
|
||||
345 | [46.21.153.157](https://vuldb.com/?ip.46.21.153.157) | 157.153.21.46.static.swiftway.net | - | High
|
||||
346 | [46.21.153.246](https://vuldb.com/?ip.46.21.153.246) | 246.153.21.46.static.swiftway.net | - | High
|
||||
347 | [46.44.240.53](https://vuldb.com/?ip.46.44.240.53) | 46-44-240-53.ip.welcomeitalia.it | - | High
|
||||
348 | [46.142.186.28](https://vuldb.com/?ip.46.142.186.28) | 28-186-142-46.pool.kielnet.net | - | High
|
||||
349 | [46.142.187.27](https://vuldb.com/?ip.46.142.187.27) | 27-187-142-46.pool.kielnet.net | - | High
|
||||
350 | [46.142.187.96](https://vuldb.com/?ip.46.142.187.96) | 96-187-142-46.pool.kielnet.net | - | High
|
||||
351 | ... | ... | ... | ...
|
||||
|
||||
There are 1393 more IOC items available. Please use our online service to access the data.
|
||||
There are 1399 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -379,13 +381,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -393,34 +396,49 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/?page=user/list` | High
|
||||
2 | File | `/admin/addproduct.php` | High
|
||||
3 | File | `/admin/ajax.php?action=save_area` | High
|
||||
4 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
5 | File | `/admin/edit_subject.php` | High
|
||||
6 | File | `/admin/modal_add_product.php` | High
|
||||
7 | File | `/admin/reportupload.aspx` | High
|
||||
8 | File | `/admin/update_s6.php` | High
|
||||
9 | File | `/ajax.php?action=read_msg` | High
|
||||
10 | File | `/ajax.php?action=save_company` | High
|
||||
11 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
12 | File | `/bin/ate` | Medium
|
||||
13 | File | `/bin/login` | Medium
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/changeimage.php` | High
|
||||
16 | File | `/classes/Master.php?f=delete_category` | High
|
||||
17 | File | `/classes/Users.php?f=save` | High
|
||||
18 | File | `/debug/pprof` | Medium
|
||||
19 | File | `/DXR.axd` | Medium
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/HNAP1` | Low
|
||||
22 | File | `/news/*.html` | Medium
|
||||
23 | File | `/note/index/delete` | High
|
||||
24 | File | `/owa/auth/logon.aspx` | High
|
||||
25 | File | `/tmp/boa-temp` | High
|
||||
26 | ... | ... | ...
|
||||
1 | File | `/admin/addproduct.php` | High
|
||||
2 | File | `/admin/modal_add_product.php` | High
|
||||
3 | File | `/admin/reg.php` | High
|
||||
4 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
5 | File | `/authenticationendpoint/login.do` | High
|
||||
6 | File | `/bin/ate` | Medium
|
||||
7 | File | `/bin/login` | Medium
|
||||
8 | File | `/booking/show_bookings/` | High
|
||||
9 | File | `/cgi-bin/luci` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/changeimage.php` | High
|
||||
12 | File | `/classes/Users.php?f=save` | High
|
||||
13 | File | `/contact/store` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/dipam/athlete-profile.php` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/ecommerce/support_ticket` | High
|
||||
18 | File | `/env` | Low
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/goform/AdvSetLanip` | High
|
||||
21 | File | `/goform/fromSetWirelessRepeat` | High
|
||||
22 | File | `/goform/setmac` | High
|
||||
23 | File | `/goform/setMacFilterCfg` | High
|
||||
24 | File | `/goform/SetSysTimeCfg` | High
|
||||
25 | File | `/goform/WifiGuestSet` | High
|
||||
26 | File | `/HNAP1` | Low
|
||||
27 | File | `/kelasdosen/data` | High
|
||||
28 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
29 | File | `/mc` | Low
|
||||
30 | File | `/news/*.html` | Medium
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/owa/auth/logon.aspx` | High
|
||||
33 | File | `/paysystem/datatable.php` | High
|
||||
34 | File | `/php-inventory-management-system/product.php` | High
|
||||
35 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
36 | File | `/plain` | Low
|
||||
37 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
38 | File | `/send_order.cgi?parameter=restart` | High
|
||||
39 | File | `/spip.php` | Medium
|
||||
40 | File | `/src/chatbotapp/chatWindow.java` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 219 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 352 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
# BundleBot - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [BundleBot](https://vuldb.com/?actor.bundlebot). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.bundlebot](https://vuldb.com/?actor.bundlebot)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BundleBot:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of BundleBot.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [51.79.180.158](https://vuldb.com/?ip.51.79.180.158) | ip158.ip-51-79-180.net | - | High
|
||||
2 | [85.239.242.27](https://vuldb.com/?ip.85.239.242.27) | ip-27-242-239-85.static.contabo.net | - | High
|
||||
3 | [139.99.38.193](https://vuldb.com/?ip.139.99.38.193) | ip193.ip-139-99-38.net | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _BundleBot_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 7 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by BundleBot. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `tbl_export.php` | High
|
||||
2 | File | `ViewLog.asp` | Medium
|
||||
3 | Library | `/_vti_bin/shtml.dll` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 10 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://research.checkpoint.com/2023/byos-bundle-your-own-stealer/
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -48,11 +48,11 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `comments/feed` | High
|
||||
2 | File | `drivers/hwmon/xgene-hwmon.c` | High
|
||||
3 | File | `mainfunction.cgi` | High
|
||||
2 | File | `default.asp` | Medium
|
||||
3 | File | `drivers/hwmon/xgene-hwmon.c` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 7 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 9 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -58,15 +58,15 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/admin/user/manage/add` | High
|
||||
3 | File | `/export` | Low
|
||||
4 | File | `/iisadmin` | Medium
|
||||
5 | File | `/inc/parser/xhtml.php` | High
|
||||
6 | File | `/includes/lib/detail.php` | High
|
||||
7 | File | `/MIME/INBOX-MM-1/` | High
|
||||
8 | File | `/ptms/classes/Users.php` | High
|
||||
9 | File | `/public/plugins/` | High
|
||||
10 | File | `/scripts/iisadmin/bdir.htr` | High
|
||||
5 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
6 | File | `/inc/parser/xhtml.php` | High
|
||||
7 | File | `/includes/lib/detail.php` | High
|
||||
8 | File | `/MIME/INBOX-MM-1/` | High
|
||||
9 | File | `/ptms/classes/Users.php` | High
|
||||
10 | File | `/public/plugins/` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 85 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -61,40 +61,40 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `%PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10` | High
|
||||
2 | File | `/.dbus-keyrings` | High
|
||||
3 | File | `/acms/classes/Master.php?f=delete_cargo` | High
|
||||
4 | File | `/addnews.html` | High
|
||||
5 | File | `/addsrv` | Low
|
||||
6 | File | `/admin.php/news/admin/topic/save` | High
|
||||
7 | File | `/admin/addemployee.php` | High
|
||||
8 | File | `/admin/comn/service/update.json` | High
|
||||
9 | File | `/Admin/Views/FileEditor/` | High
|
||||
10 | File | `/api/user/{ID}` | High
|
||||
11 | File | `/article/add` | Medium
|
||||
12 | File | `/asms/classes/Master.php?f=delete_transaction` | High
|
||||
13 | File | `/auth/register` | High
|
||||
14 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
15 | File | `/controller/pay.class.php` | High
|
||||
16 | File | `/ctpms/admin/?page=applications/view_application` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/dev/snd/seq` | Medium
|
||||
19 | File | `/device/device=140/tab=wifi/view` | High
|
||||
20 | File | `/dl/dl_print.php` | High
|
||||
21 | File | `/etc/passwd` | Medium
|
||||
22 | File | `/getcfg.php` | Medium
|
||||
23 | File | `/goform/aspForm` | High
|
||||
24 | File | `/goform/SetClientState` | High
|
||||
25 | File | `/goform/SysToolChangePwd` | High
|
||||
26 | File | `/irj/servlet/prt/portal/prtroot/com.sap.portal.usermanagement.admin.UserMapping` | High
|
||||
27 | File | `/jerry-core/ecma/base/ecma-gc.c` | High
|
||||
28 | File | `/jerry-core/ecma/base/ecma-helpers-conversion.c` | High
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/librarian/lab.php` | High
|
||||
31 | File | `/login` | Low
|
||||
32 | File | `/mngset/authset` | High
|
||||
33 | File | `/nova/bin/sniffer` | High
|
||||
3 | File | `/?r=recruit/resume/edit&op=status` | High
|
||||
4 | File | `/acms/classes/Master.php?f=delete_cargo` | High
|
||||
5 | File | `/addnews.html` | High
|
||||
6 | File | `/addsrv` | Low
|
||||
7 | File | `/admin.php/news/admin/topic/save` | High
|
||||
8 | File | `/admin/addemployee.php` | High
|
||||
9 | File | `/admin/comn/service/update.json` | High
|
||||
10 | File | `/Admin/Views/FileEditor/` | High
|
||||
11 | File | `/api/user/{ID}` | High
|
||||
12 | File | `/article/add` | Medium
|
||||
13 | File | `/asms/classes/Master.php?f=delete_transaction` | High
|
||||
14 | File | `/auth/register` | High
|
||||
15 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
16 | File | `/controller/pay.class.php` | High
|
||||
17 | File | `/ctpms/admin/?page=applications/view_application` | High
|
||||
18 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
19 | File | `/dev/snd/seq` | Medium
|
||||
20 | File | `/device/device=140/tab=wifi/view` | High
|
||||
21 | File | `/dl/dl_print.php` | High
|
||||
22 | File | `/etc/passwd` | Medium
|
||||
23 | File | `/getcfg.php` | Medium
|
||||
24 | File | `/goform/aspForm` | High
|
||||
25 | File | `/goform/SetClientState` | High
|
||||
26 | File | `/goform/SysToolChangePwd` | High
|
||||
27 | File | `/irj/servlet/prt/portal/prtroot/com.sap.portal.usermanagement.admin.UserMapping` | High
|
||||
28 | File | `/jerry-core/ecma/base/ecma-gc.c` | High
|
||||
29 | File | `/jerry-core/ecma/base/ecma-helpers-conversion.c` | High
|
||||
30 | File | `/librarian/bookdetails.php` | High
|
||||
31 | File | `/librarian/lab.php` | High
|
||||
32 | File | `/login` | Low
|
||||
33 | File | `/mngset/authset` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 287 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 291 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `actionHandler/ajax_managed_services.php` | High
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 33 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 34 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [SE](https://vuldb.com/?country.se)
|
||||
* ...
|
||||
|
||||
There are 32 more country items available. Please use our online service to access the data.
|
||||
There are 33 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -107,30 +107,31 @@ ID | Type | Indicator | Confidence
|
|||
17 | File | `/owa/auth/logon.aspx` | High
|
||||
18 | File | `/php-sms/classes/SystemSettings.php` | High
|
||||
19 | File | `/phppath/php` | Medium
|
||||
20 | File | `/proc/self/exe` | High
|
||||
21 | File | `/public/login.htm` | High
|
||||
22 | File | `/server-info` | Medium
|
||||
23 | File | `/server-status` | High
|
||||
24 | File | `/shell` | Low
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/user/jobmanage.php` | High
|
||||
27 | File | `/user/zs_elite.php` | High
|
||||
28 | File | `/usr/bin/enq` | Medium
|
||||
29 | File | `/web/jquery/uploader/multi_uploadify.php` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
31 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
32 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
33 | File | `/zhndnsdisplay.cmd` | High
|
||||
34 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
35 | File | `about.php` | Medium
|
||||
36 | File | `acl.c` | Low
|
||||
37 | File | `adclick.php` | Medium
|
||||
38 | File | `add_comment.php` | High
|
||||
39 | File | `add_vhost.php` | High
|
||||
40 | File | `admin.php` | Medium
|
||||
41 | ... | ... | ...
|
||||
20 | File | `/preview.php` | Medium
|
||||
21 | File | `/proc/self/exe` | High
|
||||
22 | File | `/public/login.htm` | High
|
||||
23 | File | `/server-info` | Medium
|
||||
24 | File | `/server-status` | High
|
||||
25 | File | `/shell` | Low
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/user/jobmanage.php` | High
|
||||
28 | File | `/user/zs_elite.php` | High
|
||||
29 | File | `/usr/bin/enq` | Medium
|
||||
30 | File | `/web/jquery/uploader/multi_uploadify.php` | High
|
||||
31 | File | `/wp-admin/admin-ajax.php` | High
|
||||
32 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
33 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
34 | File | `/zhndnsdisplay.cmd` | High
|
||||
35 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
36 | File | `about.php` | Medium
|
||||
37 | File | `acl.c` | Low
|
||||
38 | File | `adclick.php` | Medium
|
||||
39 | File | `add_comment.php` | High
|
||||
40 | File | `add_vhost.php` | High
|
||||
41 | File | `admin.php` | Medium
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Cerber:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -34,78 +34,186 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
11 | [20.189.173.21](https://vuldb.com/?ip.20.189.173.21) | - | - | High
|
||||
12 | [20.189.173.22](https://vuldb.com/?ip.20.189.173.22) | - | - | High
|
||||
13 | [23.94.5.133](https://vuldb.com/?ip.23.94.5.133) | 23-94-5-133-host.colocrossing.com | - | High
|
||||
14 | [23.152.0.36](https://vuldb.com/?ip.23.152.0.36) | tcts-000036.techtrapes.com | - | High
|
||||
15 | [31.3.135.232](https://vuldb.com/?ip.31.3.135.232) | mirror.tillo.ch | - | High
|
||||
16 | [31.184.234.0](https://vuldb.com/?ip.31.184.234.0) | - | - | High
|
||||
17 | [31.184.234.90](https://vuldb.com/?ip.31.184.234.90) | - | - | High
|
||||
18 | [31.184.234.91](https://vuldb.com/?ip.31.184.234.91) | - | - | High
|
||||
19 | [31.184.234.92](https://vuldb.com/?ip.31.184.234.92) | - | - | High
|
||||
20 | [31.184.234.93](https://vuldb.com/?ip.31.184.234.93) | - | - | High
|
||||
21 | [31.184.234.94](https://vuldb.com/?ip.31.184.234.94) | - | - | High
|
||||
22 | [31.184.234.95](https://vuldb.com/?ip.31.184.234.95) | - | - | High
|
||||
23 | [31.184.234.96](https://vuldb.com/?ip.31.184.234.96) | - | - | High
|
||||
24 | [31.184.234.97](https://vuldb.com/?ip.31.184.234.97) | - | - | High
|
||||
25 | [31.184.234.98](https://vuldb.com/?ip.31.184.234.98) | - | - | High
|
||||
26 | [31.184.234.99](https://vuldb.com/?ip.31.184.234.99) | - | - | High
|
||||
27 | [31.184.234.128](https://vuldb.com/?ip.31.184.234.128) | - | - | High
|
||||
28 | [31.184.234.192](https://vuldb.com/?ip.31.184.234.192) | - | - | High
|
||||
29 | [31.184.234.224](https://vuldb.com/?ip.31.184.234.224) | - | - | High
|
||||
30 | [31.184.234.240](https://vuldb.com/?ip.31.184.234.240) | - | - | High
|
||||
31 | [31.184.234.248](https://vuldb.com/?ip.31.184.234.248) | - | - | High
|
||||
32 | [31.184.234.252](https://vuldb.com/?ip.31.184.234.252) | - | - | High
|
||||
33 | [31.184.234.254](https://vuldb.com/?ip.31.184.234.254) | - | - | High
|
||||
34 | [31.184.235.0](https://vuldb.com/?ip.31.184.235.0) | - | - | High
|
||||
35 | [31.184.235.90](https://vuldb.com/?ip.31.184.235.90) | - | - | High
|
||||
36 | [31.184.235.91](https://vuldb.com/?ip.31.184.235.91) | - | - | High
|
||||
37 | [31.184.235.92](https://vuldb.com/?ip.31.184.235.92) | - | - | High
|
||||
38 | [31.184.235.93](https://vuldb.com/?ip.31.184.235.93) | - | - | High
|
||||
39 | [31.184.235.94](https://vuldb.com/?ip.31.184.235.94) | - | - | High
|
||||
40 | [31.184.235.95](https://vuldb.com/?ip.31.184.235.95) | - | - | High
|
||||
41 | [31.184.235.96](https://vuldb.com/?ip.31.184.235.96) | - | - | High
|
||||
42 | [31.184.235.97](https://vuldb.com/?ip.31.184.235.97) | - | - | High
|
||||
43 | [31.184.235.98](https://vuldb.com/?ip.31.184.235.98) | - | - | High
|
||||
44 | [31.184.235.99](https://vuldb.com/?ip.31.184.235.99) | - | - | High
|
||||
45 | [31.184.235.128](https://vuldb.com/?ip.31.184.235.128) | - | - | High
|
||||
46 | [31.184.235.192](https://vuldb.com/?ip.31.184.235.192) | - | - | High
|
||||
47 | [31.184.235.212](https://vuldb.com/?ip.31.184.235.212) | - | - | High
|
||||
48 | [31.184.235.213](https://vuldb.com/?ip.31.184.235.213) | - | - | High
|
||||
49 | [31.184.235.214](https://vuldb.com/?ip.31.184.235.214) | - | - | High
|
||||
50 | [31.184.235.215](https://vuldb.com/?ip.31.184.235.215) | - | - | High
|
||||
51 | [31.184.235.218](https://vuldb.com/?ip.31.184.235.218) | - | - | High
|
||||
52 | [31.184.235.224](https://vuldb.com/?ip.31.184.235.224) | - | - | High
|
||||
53 | [31.184.235.240](https://vuldb.com/?ip.31.184.235.240) | - | - | High
|
||||
54 | [31.184.235.248](https://vuldb.com/?ip.31.184.235.248) | - | - | High
|
||||
55 | [31.184.235.252](https://vuldb.com/?ip.31.184.235.252) | - | - | High
|
||||
56 | [31.184.235.254](https://vuldb.com/?ip.31.184.235.254) | - | - | High
|
||||
57 | [34.193.185.171](https://vuldb.com/?ip.34.193.185.171) | ec2-34-193-185-171.compute-1.amazonaws.com | - | Medium
|
||||
58 | [34.199.22.139](https://vuldb.com/?ip.34.199.22.139) | ec2-34-199-22-139.compute-1.amazonaws.com | - | Medium
|
||||
59 | [34.206.50.228](https://vuldb.com/?ip.34.206.50.228) | ec2-34-206-50-228.compute-1.amazonaws.com | - | Medium
|
||||
60 | [37.49.224.80](https://vuldb.com/?ip.37.49.224.80) | - | - | High
|
||||
61 | [37.143.193.119](https://vuldb.com/?ip.37.143.193.119) | - | - | High
|
||||
62 | [37.228.151.133](https://vuldb.com/?ip.37.228.151.133) | - | - | High
|
||||
63 | [45.32.28.232](https://vuldb.com/?ip.45.32.28.232) | - | - | High
|
||||
64 | [45.56.79.23](https://vuldb.com/?ip.45.56.79.23) | li929-23.members.linode.com | - | High
|
||||
65 | [45.56.117.118](https://vuldb.com/?ip.45.56.117.118) | li935-118.members.linode.com | - | High
|
||||
66 | [45.63.25.55](https://vuldb.com/?ip.45.63.25.55) | 45.63.25.55.vultr.com | - | Medium
|
||||
67 | [45.63.99.180](https://vuldb.com/?ip.45.63.99.180) | 45.63.99.180.vultr.com | - | Medium
|
||||
68 | [45.90.34.87](https://vuldb.com/?ip.45.90.34.87) | - | - | High
|
||||
69 | [46.165.221.154](https://vuldb.com/?ip.46.165.221.154) | - | - | High
|
||||
70 | [49.128.155.97](https://vuldb.com/?ip.49.128.155.97) | i49-128-155-097.us.mics.ne.jp | - | High
|
||||
71 | [50.74.193.180](https://vuldb.com/?ip.50.74.193.180) | rrcs-50-74-193-180.nyc.biz.rr.com | - | High
|
||||
72 | [50.80.204.45](https://vuldb.com/?ip.50.80.204.45) | 50-80-204-45.client.mchsi.com | - | High
|
||||
73 | [52.2.101.52](https://vuldb.com/?ip.52.2.101.52) | ec2-52-2-101-52.compute-1.amazonaws.com | - | Medium
|
||||
74 | [52.21.132.24](https://vuldb.com/?ip.52.21.132.24) | ec2-52-21-132-24.compute-1.amazonaws.com | - | Medium
|
||||
75 | [52.86.198.63](https://vuldb.com/?ip.52.86.198.63) | ec2-52-86-198-63.compute-1.amazonaws.com | - | Medium
|
||||
76 | [54.84.252.139](https://vuldb.com/?ip.54.84.252.139) | ec2-54-84-252-139.compute-1.amazonaws.com | - | Medium
|
||||
77 | [54.87.5.88](https://vuldb.com/?ip.54.87.5.88) | ec2-54-87-5-88.compute-1.amazonaws.com | - | Medium
|
||||
78 | [54.88.175.149](https://vuldb.com/?ip.54.88.175.149) | ec2-54-88-175-149.compute-1.amazonaws.com | - | Medium
|
||||
79 | [54.152.181.87](https://vuldb.com/?ip.54.152.181.87) | ec2-54-152-181-87.compute-1.amazonaws.com | - | Medium
|
||||
80 | [54.164.0.55](https://vuldb.com/?ip.54.164.0.55) | ec2-54-164-0-55.compute-1.amazonaws.com | - | Medium
|
||||
81 | [54.209.0.191](https://vuldb.com/?ip.54.209.0.191) | ec2-54-209-0-191.compute-1.amazonaws.com | - | Medium
|
||||
82 | [60.62.134.208](https://vuldb.com/?ip.60.62.134.208) | 60-62-134-208.rev.home.ne.jp | - | High
|
||||
83 | ... | ... | ... | ...
|
||||
14 | [23.94.223.93](https://vuldb.com/?ip.23.94.223.93) | 23-94-223-93-host.colocrossing.com | - | High
|
||||
15 | [23.152.0.36](https://vuldb.com/?ip.23.152.0.36) | tcts-000036.techtrapes.com | - | High
|
||||
16 | [23.152.0.137](https://vuldb.com/?ip.23.152.0.137) | mljb-000137.melajobs.com | - | High
|
||||
17 | [31.3.135.232](https://vuldb.com/?ip.31.3.135.232) | mirror.tillo.ch | - | High
|
||||
18 | [31.184.234.0](https://vuldb.com/?ip.31.184.234.0) | - | - | High
|
||||
19 | [31.184.234.1](https://vuldb.com/?ip.31.184.234.1) | - | - | High
|
||||
20 | [31.184.234.2](https://vuldb.com/?ip.31.184.234.2) | - | - | High
|
||||
21 | [31.184.234.3](https://vuldb.com/?ip.31.184.234.3) | - | - | High
|
||||
22 | [31.184.234.4](https://vuldb.com/?ip.31.184.234.4) | - | - | High
|
||||
23 | [31.184.234.5](https://vuldb.com/?ip.31.184.234.5) | - | - | High
|
||||
24 | [31.184.234.6](https://vuldb.com/?ip.31.184.234.6) | - | - | High
|
||||
25 | [31.184.234.7](https://vuldb.com/?ip.31.184.234.7) | - | - | High
|
||||
26 | [31.184.234.8](https://vuldb.com/?ip.31.184.234.8) | - | - | High
|
||||
27 | [31.184.234.9](https://vuldb.com/?ip.31.184.234.9) | - | - | High
|
||||
28 | [31.184.234.10](https://vuldb.com/?ip.31.184.234.10) | - | - | High
|
||||
29 | [31.184.234.11](https://vuldb.com/?ip.31.184.234.11) | - | - | High
|
||||
30 | [31.184.234.12](https://vuldb.com/?ip.31.184.234.12) | - | - | High
|
||||
31 | [31.184.234.13](https://vuldb.com/?ip.31.184.234.13) | - | - | High
|
||||
32 | [31.184.234.14](https://vuldb.com/?ip.31.184.234.14) | - | - | High
|
||||
33 | [31.184.234.15](https://vuldb.com/?ip.31.184.234.15) | - | - | High
|
||||
34 | [31.184.234.16](https://vuldb.com/?ip.31.184.234.16) | - | - | High
|
||||
35 | [31.184.234.17](https://vuldb.com/?ip.31.184.234.17) | - | - | High
|
||||
36 | [31.184.234.18](https://vuldb.com/?ip.31.184.234.18) | - | - | High
|
||||
37 | [31.184.234.19](https://vuldb.com/?ip.31.184.234.19) | - | - | High
|
||||
38 | [31.184.234.20](https://vuldb.com/?ip.31.184.234.20) | - | - | High
|
||||
39 | [31.184.234.21](https://vuldb.com/?ip.31.184.234.21) | - | - | High
|
||||
40 | [31.184.234.22](https://vuldb.com/?ip.31.184.234.22) | - | - | High
|
||||
41 | [31.184.234.23](https://vuldb.com/?ip.31.184.234.23) | - | - | High
|
||||
42 | [31.184.234.24](https://vuldb.com/?ip.31.184.234.24) | - | - | High
|
||||
43 | [31.184.234.25](https://vuldb.com/?ip.31.184.234.25) | - | - | High
|
||||
44 | [31.184.234.26](https://vuldb.com/?ip.31.184.234.26) | - | - | High
|
||||
45 | [31.184.234.27](https://vuldb.com/?ip.31.184.234.27) | - | - | High
|
||||
46 | [31.184.234.28](https://vuldb.com/?ip.31.184.234.28) | - | - | High
|
||||
47 | [31.184.234.29](https://vuldb.com/?ip.31.184.234.29) | - | - | High
|
||||
48 | [31.184.234.30](https://vuldb.com/?ip.31.184.234.30) | - | - | High
|
||||
49 | [31.184.234.31](https://vuldb.com/?ip.31.184.234.31) | - | - | High
|
||||
50 | [31.184.234.32](https://vuldb.com/?ip.31.184.234.32) | - | - | High
|
||||
51 | [31.184.234.33](https://vuldb.com/?ip.31.184.234.33) | - | - | High
|
||||
52 | [31.184.234.34](https://vuldb.com/?ip.31.184.234.34) | - | - | High
|
||||
53 | [31.184.234.35](https://vuldb.com/?ip.31.184.234.35) | - | - | High
|
||||
54 | [31.184.234.36](https://vuldb.com/?ip.31.184.234.36) | - | - | High
|
||||
55 | [31.184.234.37](https://vuldb.com/?ip.31.184.234.37) | - | - | High
|
||||
56 | [31.184.234.38](https://vuldb.com/?ip.31.184.234.38) | - | - | High
|
||||
57 | [31.184.234.39](https://vuldb.com/?ip.31.184.234.39) | - | - | High
|
||||
58 | [31.184.234.40](https://vuldb.com/?ip.31.184.234.40) | - | - | High
|
||||
59 | [31.184.234.41](https://vuldb.com/?ip.31.184.234.41) | - | - | High
|
||||
60 | [31.184.234.42](https://vuldb.com/?ip.31.184.234.42) | - | - | High
|
||||
61 | [31.184.234.43](https://vuldb.com/?ip.31.184.234.43) | - | - | High
|
||||
62 | [31.184.234.44](https://vuldb.com/?ip.31.184.234.44) | - | - | High
|
||||
63 | [31.184.234.45](https://vuldb.com/?ip.31.184.234.45) | - | - | High
|
||||
64 | [31.184.234.46](https://vuldb.com/?ip.31.184.234.46) | - | - | High
|
||||
65 | [31.184.234.47](https://vuldb.com/?ip.31.184.234.47) | - | - | High
|
||||
66 | [31.184.234.48](https://vuldb.com/?ip.31.184.234.48) | - | - | High
|
||||
67 | [31.184.234.49](https://vuldb.com/?ip.31.184.234.49) | - | - | High
|
||||
68 | [31.184.234.50](https://vuldb.com/?ip.31.184.234.50) | - | - | High
|
||||
69 | [31.184.234.51](https://vuldb.com/?ip.31.184.234.51) | - | - | High
|
||||
70 | [31.184.234.52](https://vuldb.com/?ip.31.184.234.52) | - | - | High
|
||||
71 | [31.184.234.53](https://vuldb.com/?ip.31.184.234.53) | - | - | High
|
||||
72 | [31.184.234.54](https://vuldb.com/?ip.31.184.234.54) | - | - | High
|
||||
73 | [31.184.234.55](https://vuldb.com/?ip.31.184.234.55) | - | - | High
|
||||
74 | [31.184.234.56](https://vuldb.com/?ip.31.184.234.56) | - | - | High
|
||||
75 | [31.184.234.57](https://vuldb.com/?ip.31.184.234.57) | - | - | High
|
||||
76 | [31.184.234.58](https://vuldb.com/?ip.31.184.234.58) | - | - | High
|
||||
77 | [31.184.234.59](https://vuldb.com/?ip.31.184.234.59) | - | - | High
|
||||
78 | [31.184.234.60](https://vuldb.com/?ip.31.184.234.60) | - | - | High
|
||||
79 | [31.184.234.61](https://vuldb.com/?ip.31.184.234.61) | - | - | High
|
||||
80 | [31.184.234.62](https://vuldb.com/?ip.31.184.234.62) | - | - | High
|
||||
81 | [31.184.234.63](https://vuldb.com/?ip.31.184.234.63) | - | - | High
|
||||
82 | [31.184.234.64](https://vuldb.com/?ip.31.184.234.64) | - | - | High
|
||||
83 | [31.184.234.65](https://vuldb.com/?ip.31.184.234.65) | - | - | High
|
||||
84 | [31.184.234.66](https://vuldb.com/?ip.31.184.234.66) | - | - | High
|
||||
85 | [31.184.234.67](https://vuldb.com/?ip.31.184.234.67) | - | - | High
|
||||
86 | [31.184.234.68](https://vuldb.com/?ip.31.184.234.68) | - | - | High
|
||||
87 | [31.184.234.69](https://vuldb.com/?ip.31.184.234.69) | - | - | High
|
||||
88 | [31.184.234.70](https://vuldb.com/?ip.31.184.234.70) | - | - | High
|
||||
89 | [31.184.234.71](https://vuldb.com/?ip.31.184.234.71) | - | - | High
|
||||
90 | [31.184.234.72](https://vuldb.com/?ip.31.184.234.72) | - | - | High
|
||||
91 | [31.184.234.73](https://vuldb.com/?ip.31.184.234.73) | - | - | High
|
||||
92 | [31.184.234.74](https://vuldb.com/?ip.31.184.234.74) | - | - | High
|
||||
93 | [31.184.234.75](https://vuldb.com/?ip.31.184.234.75) | - | - | High
|
||||
94 | [31.184.234.76](https://vuldb.com/?ip.31.184.234.76) | - | - | High
|
||||
95 | [31.184.234.77](https://vuldb.com/?ip.31.184.234.77) | - | - | High
|
||||
96 | [31.184.234.78](https://vuldb.com/?ip.31.184.234.78) | - | - | High
|
||||
97 | [31.184.234.79](https://vuldb.com/?ip.31.184.234.79) | - | - | High
|
||||
98 | [31.184.234.80](https://vuldb.com/?ip.31.184.234.80) | - | - | High
|
||||
99 | [31.184.234.81](https://vuldb.com/?ip.31.184.234.81) | - | - | High
|
||||
100 | [31.184.234.82](https://vuldb.com/?ip.31.184.234.82) | - | - | High
|
||||
101 | [31.184.234.83](https://vuldb.com/?ip.31.184.234.83) | - | - | High
|
||||
102 | [31.184.234.84](https://vuldb.com/?ip.31.184.234.84) | - | - | High
|
||||
103 | [31.184.234.85](https://vuldb.com/?ip.31.184.234.85) | - | - | High
|
||||
104 | [31.184.234.86](https://vuldb.com/?ip.31.184.234.86) | - | - | High
|
||||
105 | [31.184.234.87](https://vuldb.com/?ip.31.184.234.87) | - | - | High
|
||||
106 | [31.184.234.88](https://vuldb.com/?ip.31.184.234.88) | - | - | High
|
||||
107 | [31.184.234.89](https://vuldb.com/?ip.31.184.234.89) | - | - | High
|
||||
108 | [31.184.234.90](https://vuldb.com/?ip.31.184.234.90) | - | - | High
|
||||
109 | [31.184.234.91](https://vuldb.com/?ip.31.184.234.91) | - | - | High
|
||||
110 | [31.184.234.92](https://vuldb.com/?ip.31.184.234.92) | - | - | High
|
||||
111 | [31.184.234.93](https://vuldb.com/?ip.31.184.234.93) | - | - | High
|
||||
112 | [31.184.234.94](https://vuldb.com/?ip.31.184.234.94) | - | - | High
|
||||
113 | [31.184.234.95](https://vuldb.com/?ip.31.184.234.95) | - | - | High
|
||||
114 | [31.184.234.96](https://vuldb.com/?ip.31.184.234.96) | - | - | High
|
||||
115 | [31.184.234.97](https://vuldb.com/?ip.31.184.234.97) | - | - | High
|
||||
116 | [31.184.234.98](https://vuldb.com/?ip.31.184.234.98) | - | - | High
|
||||
117 | [31.184.234.99](https://vuldb.com/?ip.31.184.234.99) | - | - | High
|
||||
118 | [31.184.234.100](https://vuldb.com/?ip.31.184.234.100) | - | - | High
|
||||
119 | [31.184.234.101](https://vuldb.com/?ip.31.184.234.101) | - | - | High
|
||||
120 | [31.184.234.102](https://vuldb.com/?ip.31.184.234.102) | - | - | High
|
||||
121 | [31.184.234.103](https://vuldb.com/?ip.31.184.234.103) | - | - | High
|
||||
122 | [31.184.234.104](https://vuldb.com/?ip.31.184.234.104) | - | - | High
|
||||
123 | [31.184.234.105](https://vuldb.com/?ip.31.184.234.105) | - | - | High
|
||||
124 | [31.184.234.106](https://vuldb.com/?ip.31.184.234.106) | - | - | High
|
||||
125 | [31.184.234.107](https://vuldb.com/?ip.31.184.234.107) | - | - | High
|
||||
126 | [31.184.234.108](https://vuldb.com/?ip.31.184.234.108) | - | - | High
|
||||
127 | [31.184.234.109](https://vuldb.com/?ip.31.184.234.109) | - | - | High
|
||||
128 | [31.184.234.110](https://vuldb.com/?ip.31.184.234.110) | - | - | High
|
||||
129 | [31.184.234.111](https://vuldb.com/?ip.31.184.234.111) | - | - | High
|
||||
130 | [31.184.234.112](https://vuldb.com/?ip.31.184.234.112) | - | - | High
|
||||
131 | [31.184.234.113](https://vuldb.com/?ip.31.184.234.113) | - | - | High
|
||||
132 | [31.184.234.114](https://vuldb.com/?ip.31.184.234.114) | - | - | High
|
||||
133 | [31.184.234.115](https://vuldb.com/?ip.31.184.234.115) | - | - | High
|
||||
134 | [31.184.234.116](https://vuldb.com/?ip.31.184.234.116) | - | - | High
|
||||
135 | [31.184.234.117](https://vuldb.com/?ip.31.184.234.117) | - | - | High
|
||||
136 | [31.184.234.118](https://vuldb.com/?ip.31.184.234.118) | - | - | High
|
||||
137 | [31.184.234.119](https://vuldb.com/?ip.31.184.234.119) | - | - | High
|
||||
138 | [31.184.234.120](https://vuldb.com/?ip.31.184.234.120) | - | - | High
|
||||
139 | [31.184.234.121](https://vuldb.com/?ip.31.184.234.121) | - | - | High
|
||||
140 | [31.184.234.122](https://vuldb.com/?ip.31.184.234.122) | - | - | High
|
||||
141 | [31.184.234.123](https://vuldb.com/?ip.31.184.234.123) | - | - | High
|
||||
142 | [31.184.234.124](https://vuldb.com/?ip.31.184.234.124) | - | - | High
|
||||
143 | [31.184.234.125](https://vuldb.com/?ip.31.184.234.125) | - | - | High
|
||||
144 | [31.184.234.126](https://vuldb.com/?ip.31.184.234.126) | - | - | High
|
||||
145 | [31.184.234.127](https://vuldb.com/?ip.31.184.234.127) | - | - | High
|
||||
146 | [31.184.234.128](https://vuldb.com/?ip.31.184.234.128) | - | - | High
|
||||
147 | [31.184.234.129](https://vuldb.com/?ip.31.184.234.129) | - | - | High
|
||||
148 | [31.184.234.130](https://vuldb.com/?ip.31.184.234.130) | - | - | High
|
||||
149 | [31.184.234.131](https://vuldb.com/?ip.31.184.234.131) | - | - | High
|
||||
150 | [31.184.234.132](https://vuldb.com/?ip.31.184.234.132) | - | - | High
|
||||
151 | [31.184.234.133](https://vuldb.com/?ip.31.184.234.133) | - | - | High
|
||||
152 | [31.184.234.134](https://vuldb.com/?ip.31.184.234.134) | - | - | High
|
||||
153 | [31.184.234.135](https://vuldb.com/?ip.31.184.234.135) | - | - | High
|
||||
154 | [31.184.234.136](https://vuldb.com/?ip.31.184.234.136) | - | - | High
|
||||
155 | [31.184.234.137](https://vuldb.com/?ip.31.184.234.137) | - | - | High
|
||||
156 | [31.184.234.138](https://vuldb.com/?ip.31.184.234.138) | - | - | High
|
||||
157 | [31.184.234.139](https://vuldb.com/?ip.31.184.234.139) | - | - | High
|
||||
158 | [31.184.234.140](https://vuldb.com/?ip.31.184.234.140) | - | - | High
|
||||
159 | [31.184.234.141](https://vuldb.com/?ip.31.184.234.141) | - | - | High
|
||||
160 | [31.184.234.142](https://vuldb.com/?ip.31.184.234.142) | - | - | High
|
||||
161 | [31.184.234.143](https://vuldb.com/?ip.31.184.234.143) | - | - | High
|
||||
162 | [31.184.234.144](https://vuldb.com/?ip.31.184.234.144) | - | - | High
|
||||
163 | [31.184.234.145](https://vuldb.com/?ip.31.184.234.145) | - | - | High
|
||||
164 | [31.184.234.146](https://vuldb.com/?ip.31.184.234.146) | - | - | High
|
||||
165 | [31.184.234.147](https://vuldb.com/?ip.31.184.234.147) | - | - | High
|
||||
166 | [31.184.234.148](https://vuldb.com/?ip.31.184.234.148) | - | - | High
|
||||
167 | [31.184.234.149](https://vuldb.com/?ip.31.184.234.149) | - | - | High
|
||||
168 | [31.184.234.150](https://vuldb.com/?ip.31.184.234.150) | - | - | High
|
||||
169 | [31.184.234.151](https://vuldb.com/?ip.31.184.234.151) | - | - | High
|
||||
170 | [31.184.234.152](https://vuldb.com/?ip.31.184.234.152) | - | - | High
|
||||
171 | [31.184.234.153](https://vuldb.com/?ip.31.184.234.153) | - | - | High
|
||||
172 | [31.184.234.154](https://vuldb.com/?ip.31.184.234.154) | - | - | High
|
||||
173 | [31.184.234.155](https://vuldb.com/?ip.31.184.234.155) | - | - | High
|
||||
174 | [31.184.234.156](https://vuldb.com/?ip.31.184.234.156) | - | - | High
|
||||
175 | [31.184.234.157](https://vuldb.com/?ip.31.184.234.157) | - | - | High
|
||||
176 | [31.184.234.158](https://vuldb.com/?ip.31.184.234.158) | - | - | High
|
||||
177 | [31.184.234.159](https://vuldb.com/?ip.31.184.234.159) | - | - | High
|
||||
178 | [31.184.234.160](https://vuldb.com/?ip.31.184.234.160) | - | - | High
|
||||
179 | [31.184.234.161](https://vuldb.com/?ip.31.184.234.161) | - | - | High
|
||||
180 | [31.184.234.162](https://vuldb.com/?ip.31.184.234.162) | - | - | High
|
||||
181 | [31.184.234.163](https://vuldb.com/?ip.31.184.234.163) | - | - | High
|
||||
182 | [31.184.234.164](https://vuldb.com/?ip.31.184.234.164) | - | - | High
|
||||
183 | [31.184.234.165](https://vuldb.com/?ip.31.184.234.165) | - | - | High
|
||||
184 | [31.184.234.166](https://vuldb.com/?ip.31.184.234.166) | - | - | High
|
||||
185 | [31.184.234.167](https://vuldb.com/?ip.31.184.234.167) | - | - | High
|
||||
186 | [31.184.234.168](https://vuldb.com/?ip.31.184.234.168) | - | - | High
|
||||
187 | [31.184.234.169](https://vuldb.com/?ip.31.184.234.169) | - | - | High
|
||||
188 | [31.184.234.170](https://vuldb.com/?ip.31.184.234.170) | - | - | High
|
||||
189 | [31.184.234.171](https://vuldb.com/?ip.31.184.234.171) | - | - | High
|
||||
190 | [31.184.234.172](https://vuldb.com/?ip.31.184.234.172) | - | - | High
|
||||
191 | ... | ... | ... | ...
|
||||
|
||||
There are 327 more IOC items available. Please use our online service to access the data.
|
||||
There are 761 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -114,13 +222,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-29 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -128,53 +236,61 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/upload/upload` | High
|
||||
3 | File | `/api/gen/clients/{language}` | High
|
||||
4 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
5 | File | `/config/getuser` | High
|
||||
6 | File | `/config/myfield/test.php` | High
|
||||
7 | File | `/debug/pprof` | Medium
|
||||
8 | File | `/ecshop/admin/template.php` | High
|
||||
9 | File | `/example/editor` | High
|
||||
10 | File | `/file/upload/1` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/forum/PostPrivateMessage` | High
|
||||
13 | File | `/HNAP1` | Low
|
||||
14 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
15 | File | `/index` | Low
|
||||
16 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
17 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
18 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
19 | File | `/net-banking/customer_transactions.php` | High
|
||||
20 | File | `/obs/book.php` | High
|
||||
21 | File | `/ossn/administrator/com_installer` | High
|
||||
22 | File | `/pms/update_user.php?user_id=1` | High
|
||||
23 | File | `/requests.php` | High
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/sre/params.php` | High
|
||||
26 | File | `/tmp` | Low
|
||||
27 | File | `/uncpath/` | Medium
|
||||
28 | File | `/user/upload/upload` | High
|
||||
29 | File | `/Users` | Low
|
||||
30 | File | `/var/spool/hylafax` | High
|
||||
31 | File | `/vendor` | Low
|
||||
32 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
33 | File | `action/addproject.php` | High
|
||||
34 | File | `adclick.php` | Medium
|
||||
35 | File | `add_contestant.php` | High
|
||||
36 | File | `admin.php` | Medium
|
||||
37 | File | `admin/ajax.attachment.php` | High
|
||||
38 | File | `admin/index.php` | High
|
||||
39 | File | `admin/make_payments.php` | High
|
||||
40 | File | `Advanced_ASUSDDNS_Content.asp` | High
|
||||
41 | File | `af_netlink.c` | Medium
|
||||
42 | File | `album_portal.php` | High
|
||||
43 | File | `api_jsonrpc.php` | High
|
||||
44 | File | `artreplydelete.asp` | High
|
||||
45 | ... | ... | ...
|
||||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/maintenance/view_designation.php` | High
|
||||
6 | File | `/admin/sys_sql_query.php` | High
|
||||
7 | File | `/admin/userprofile.php` | High
|
||||
8 | File | `/api/baskets/{name}` | High
|
||||
9 | File | `/api/gen/clients/{language}` | High
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/company/store` | High
|
||||
14 | File | `/config/myfield/test.php` | High
|
||||
15 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
16 | File | `/ecshop/admin/template.php` | High
|
||||
17 | File | `/feeds/post/publish` | High
|
||||
18 | File | `/file/upload/1` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forum/PostPrivateMessage` | High
|
||||
21 | File | `/goform/set_LimitClient_cfg` | High
|
||||
22 | File | `/h/` | Low
|
||||
23 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
24 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
25 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
26 | File | `/index.php?page=category_list` | High
|
||||
27 | File | `/jobinfo/` | Medium
|
||||
28 | File | `/Moosikay/order.php` | High
|
||||
29 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
30 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
31 | File | `/net-banking/customer_transactions.php` | High
|
||||
32 | File | `/opac/Actions.php?a=login` | High
|
||||
33 | File | `/owa/auth/logon.aspx` | High
|
||||
34 | File | `/php-opos/index.php` | High
|
||||
35 | File | `/preview.php` | Medium
|
||||
36 | File | `/PreviewHandler.ashx` | High
|
||||
37 | File | `/public/launchNewWindow.jsp` | High
|
||||
38 | File | `/requests.php` | High
|
||||
39 | File | `/reservation/add_message.php` | High
|
||||
40 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | File | `/sqlite3_aflpp/shell.c` | High
|
||||
43 | File | `/student/bookdetails.php` | High
|
||||
44 | File | `/SVFE2/pages/feegroups/service_group.jsf` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/uploads/exam_question/` | High
|
||||
47 | File | `/user/ticket/create` | High
|
||||
48 | File | `/user/updatePwd` | High
|
||||
49 | File | `/var/lib/docker/<remapping>` | High
|
||||
50 | File | `/vendor` | Low
|
||||
51 | File | `/wp-admin/admin-ajax.php` | High
|
||||
52 | File | `a-forms.php` | Medium
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 388 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -222,6 +338,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://blog.talosintelligence.com/threat-roundup-0120-0127/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0317-0324/
|
||||
* https://blog.talosintelligence.com/threat-roundup-0421-0428-2/
|
||||
* https://www.cyber45.com
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -83,10 +83,9 @@ ID | Type | Indicator | Confidence
|
|||
29 | File | `admin.cropcanvas.php` | High
|
||||
30 | File | `Admin.PHP` | Medium
|
||||
31 | File | `admin.php` | Medium
|
||||
32 | File | `admin/article_category.php?rec=update` | High
|
||||
33 | ... | ... | ...
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 278 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 271 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -65,34 +65,34 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/admin/show.php` | High
|
||||
9 | File | `/default.php?idx=17` | High
|
||||
10 | File | `/download` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/index.php` | Medium
|
||||
13 | File | `/nova/bin/graphing` | High
|
||||
14 | File | `/opt/bin/cli` | Medium
|
||||
15 | File | `/p` | Low
|
||||
16 | File | `/patient/doctors.php` | High
|
||||
17 | File | `/phpinventory/editcategory.php` | High
|
||||
18 | File | `/product-list.php` | High
|
||||
19 | File | `/spip.php` | Medium
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | File | `/updown/upload.cgi` | High
|
||||
22 | File | `/user/del.php` | High
|
||||
23 | File | `/_next` | Low
|
||||
24 | File | `123flashchat.php` | High
|
||||
25 | File | `act.php` | Low
|
||||
26 | File | `admin.php` | Medium
|
||||
27 | File | `admin/bad.php` | High
|
||||
28 | File | `admin/index.php` | High
|
||||
29 | File | `admin/index.php/user/del/1` | High
|
||||
30 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
31 | File | `administrator/index.php` | High
|
||||
32 | File | `agenda.php` | Medium
|
||||
33 | File | `ajax/render/widget_php` | High
|
||||
34 | File | `album_portal.php` | High
|
||||
35 | File | `api.php` | Low
|
||||
11 | File | `/env` | Low
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/nova/bin/graphing` | High
|
||||
15 | File | `/opt/bin/cli` | Medium
|
||||
16 | File | `/p` | Low
|
||||
17 | File | `/patient/doctors.php` | High
|
||||
18 | File | `/phpinventory/editcategory.php` | High
|
||||
19 | File | `/product-list.php` | High
|
||||
20 | File | `/spip.php` | Medium
|
||||
21 | File | `/uncpath/` | Medium
|
||||
22 | File | `/updown/upload.cgi` | High
|
||||
23 | File | `/user/del.php` | High
|
||||
24 | File | `/_next` | Low
|
||||
25 | File | `123flashchat.php` | High
|
||||
26 | File | `act.php` | Low
|
||||
27 | File | `admin.php` | Medium
|
||||
28 | File | `admin/bad.php` | High
|
||||
29 | File | `admin/index.php` | High
|
||||
30 | File | `admin/index.php/user/del/1` | High
|
||||
31 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
32 | File | `administrator/index.php` | High
|
||||
33 | File | `agenda.php` | Medium
|
||||
34 | File | `ajax/render/widget_php` | High
|
||||
35 | File | `album_portal.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 311 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 312 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -69,7 +69,7 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/uncpath/` | Medium
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 121 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 122 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LU](https://vuldb.com/?country.lu)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -38,7 +38,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-36 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
|
@ -53,47 +53,46 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin.php/singer/admin/lists/zhuan` | High
|
||||
2 | File | `/admin.php/User/level_sort` | High
|
||||
1 | File | `/add_post_sql.php` | High
|
||||
2 | File | `/admin/article.php` | High
|
||||
3 | File | `/admin/getallarticleinfo` | High
|
||||
4 | File | `/admin/services/view_service.php` | High
|
||||
5 | File | `/auparse/auparse.c` | High
|
||||
6 | File | `/authUserAction!edit.action` | High
|
||||
7 | File | `/baseOpLog.do` | High
|
||||
8 | File | `/blog/edit` | Medium
|
||||
9 | File | `/bmis/pages/resident/resident.php` | High
|
||||
10 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
11 | File | `/cgi-bin/luci/api/auth` | High
|
||||
12 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
13 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/ci_hms/search` | High
|
||||
4 | File | `/admin/reminders/manage_reminder.php` | High
|
||||
5 | File | `/admin/services/view_service.php` | High
|
||||
6 | File | `/api/baskets/{name}` | High
|
||||
7 | File | `/auparse/auparse.c` | High
|
||||
8 | File | `/authUserAction!edit.action` | High
|
||||
9 | File | `/baseOpLog.do` | High
|
||||
10 | File | `/blog/edit` | Medium
|
||||
11 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
14 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/claire_blake` | High
|
||||
17 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
|
||||
18 | File | `/dashboard/contact` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/env` | Low
|
||||
21 | File | `/export` | Low
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/addRouting` | High
|
||||
24 | File | `/goform/aspForm` | High
|
||||
18 | File | `/csms/admin/inquiries/view_details.php` | High
|
||||
19 | File | `/dashboard/contact` | High
|
||||
20 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
21 | File | `/env` | Low
|
||||
22 | File | `/export` | Low
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/goform/addRouting` | High
|
||||
25 | File | `/goform/setDiagnoseInfo` | High
|
||||
26 | File | `/goform/WifiBasicSet` | High
|
||||
27 | File | `/hrm/employeeview.php` | High
|
||||
28 | File | `/htdocs/cgibin` | High
|
||||
29 | File | `/isms/classes/Users.php` | High
|
||||
29 | File | `/include/chart_generator.php` | High
|
||||
30 | File | `/librarian/bookdetails.php` | High
|
||||
31 | File | `/matkul/data` | Medium
|
||||
32 | File | `/mc` | Low
|
||||
33 | File | `/message/form/` | High
|
||||
34 | File | `/messageboard/view.php` | High
|
||||
35 | File | `/mkshop/Men/profile.php` | High
|
||||
36 | File | `/ofrs/admin/?page=teams/view_team` | High
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/pages/faculty_sched.php` | High
|
||||
39 | ... | ... | ...
|
||||
32 | File | `/message/form/` | High
|
||||
33 | File | `/messageboard/view.php` | High
|
||||
34 | File | `/mkshop/Men/profile.php` | High
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/src/Illuminate/Laravel.php` | High
|
||||
37 | File | `/SVFE2/pages/feegroups/country_group.jsf` | High
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 333 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 331 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
There are 12 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -64,11 +64,11 @@ ID | Technique | Weakness | Description | Confidence
|
|||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -84,41 +84,42 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/submit-articles` | High
|
||||
8 | File | `/admin/subnets/ripe-query.php` | High
|
||||
9 | File | `/ad_js.php` | Medium
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/api/` | Low
|
||||
12 | File | `/api/admin/store/product/list` | High
|
||||
13 | File | `/api/stl/actions/search` | High
|
||||
14 | File | `/api/v2/cli/commands` | High
|
||||
15 | File | `/attachments` | Medium
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
10 | File | `/api/` | Low
|
||||
11 | File | `/api/admin/store/product/list` | High
|
||||
12 | File | `/api/stl/actions/search` | High
|
||||
13 | File | `/api/v2/cli/commands` | High
|
||||
14 | File | `/attachments` | Medium
|
||||
15 | File | `/bin/ate` | Medium
|
||||
16 | File | `/boat/login.php` | High
|
||||
17 | File | `/bsms_ci/index.php/book` | High
|
||||
18 | File | `/cgi-bin` | Medium
|
||||
19 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
20 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
21 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
22 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
23 | File | `/debug/pprof` | Medium
|
||||
24 | File | `/etc/hosts` | Medium
|
||||
25 | File | `/export` | Low
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/goform/setmac` | High
|
||||
28 | File | `/goform/wizard_end` | High
|
||||
29 | File | `/hardware` | Medium
|
||||
30 | File | `/librarian/bookdetails.php` | High
|
||||
31 | File | `/manage-apartment.php` | High
|
||||
32 | File | `/medicines/profile.php` | High
|
||||
33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
34 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
35 | File | `/pages/apply_vacancy.php` | High
|
||||
36 | File | `/proxy` | Low
|
||||
37 | File | `/reservation/add_message.php` | High
|
||||
38 | File | `/spip.php` | Medium
|
||||
39 | File | `/tmp` | Low
|
||||
40 | File | `/uncpath/` | Medium
|
||||
41 | ... | ... | ...
|
||||
17 | File | `/booking/show_bookings/` | High
|
||||
18 | File | `/bsms_ci/index.php/book` | High
|
||||
19 | File | `/cgi-bin` | Medium
|
||||
20 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
21 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
22 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
23 | File | `/cwms/classes/Master.php?f=save_contact` | High
|
||||
24 | File | `/debug/pprof` | Medium
|
||||
25 | File | `/env` | Low
|
||||
26 | File | `/etc/hosts` | Medium
|
||||
27 | File | `/export` | Low
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/goform/setmac` | High
|
||||
30 | File | `/goform/wizard_end` | High
|
||||
31 | File | `/hardware` | Medium
|
||||
32 | File | `/librarian/bookdetails.php` | High
|
||||
33 | File | `/manage-apartment.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
37 | File | `/pages/apply_vacancy.php` | High
|
||||
38 | File | `/php-sms/admin/?page=user/manage_user` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/reservation/add_message.php` | High
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 350 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -390,13 +390,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-35, CWE-36 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -407,67 +407,63 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `//WEB-INF` | Medium
|
||||
2 | File | `/about.php` | Medium
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/cashadvance_row.php` | High
|
||||
6 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/offenses/view_details.php` | High
|
||||
9 | File | `/admin/report/index.php` | High
|
||||
4 | File | `/admin/cashadvance_row.php` | High
|
||||
5 | File | `/admin/inquiries/view_inquiry.php` | High
|
||||
6 | File | `/admin/maintenance/view_designation.php` | High
|
||||
7 | File | `/admin/offenses/view_details.php` | High
|
||||
8 | File | `/admin/report/index.php` | High
|
||||
9 | File | `/admin/router.php` | High
|
||||
10 | File | `/admin/sales/view_details.php` | High
|
||||
11 | File | `/admin/userprofile.php` | High
|
||||
12 | File | `/APR/login.php` | High
|
||||
13 | File | `/APR/signup.php` | High
|
||||
14 | File | `/cgi-bin/wapopen` | High
|
||||
11 | File | `/admin/sys_sql_query.php` | High
|
||||
12 | File | `/admin/userprofile.php` | High
|
||||
13 | File | `/api/baskets/{name}` | High
|
||||
14 | File | `/cgi-bin/DownloadFlash` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/classes/Master.php?f=delete_category` | High
|
||||
17 | File | `/classes/Master.php?f=delete_service` | High
|
||||
18 | File | `/classes/Master.php?f=save_course` | High
|
||||
19 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
20 | File | `/Electron/download` | High
|
||||
21 | File | `/feeds/post/publish` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
24 | File | `/inc/topBarNav.php` | High
|
||||
25 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
26 | File | `/index.php?page=category_list` | High
|
||||
27 | File | `/KeepAlive.jsp` | High
|
||||
28 | File | `/mims/login.php` | High
|
||||
29 | File | `/modules/projects/vw_files.php` | High
|
||||
30 | File | `/Moosikay/order.php` | High
|
||||
31 | File | `/opac/Actions.php?a=login` | High
|
||||
32 | File | `/pms/admin/visits/view_visit.php` | High
|
||||
33 | File | `/PreviewHandler.ashx` | High
|
||||
34 | File | `/proxy` | Low
|
||||
35 | File | `/public/launchNewWindow.jsp` | High
|
||||
36 | File | `/Repositories` | High
|
||||
37 | File | `/reservation/add_message.php` | High
|
||||
38 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
39 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
40 | File | `/spip.php` | Medium
|
||||
41 | File | `/text/pdf/PdfReader.java` | High
|
||||
42 | File | `/user/updatePwd` | High
|
||||
43 | File | `/wp-admin/admin-ajax.php` | High
|
||||
44 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
45 | File | `a-forms.php` | Medium
|
||||
46 | File | `account.asp` | Medium
|
||||
47 | File | `account/signup.php` | High
|
||||
48 | File | `activenews_view.asp` | High
|
||||
49 | File | `adclick.php` | Medium
|
||||
50 | File | `addentry.php` | Medium
|
||||
51 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
52 | File | `admin.a6mambocredits.php` | High
|
||||
53 | File | `admin.cropcanvas.php` | High
|
||||
54 | File | `admin.jcomments.php` | High
|
||||
55 | File | `admin.php` | Medium
|
||||
56 | File | `admin/?page=students/view_student` | High
|
||||
57 | File | `admin/admin_editor.php` | High
|
||||
58 | File | `admin/asset/grid-proxy` | High
|
||||
59 | File | `admin/auditTrail.jsf` | High
|
||||
60 | File | `admin/conf_users_edit.php` | High
|
||||
61 | File | `admin/data.php` | High
|
||||
62 | ... | ... | ...
|
||||
19 | File | `/company/store` | High
|
||||
20 | File | `/Controller/Ajaxfileupload.ashx` | High
|
||||
21 | File | `/Duty/AjaxHandle/UploadHandler.ashx` | High
|
||||
22 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
23 | File | `/Electron/download` | High
|
||||
24 | File | `/feeds/post/publish` | High
|
||||
25 | File | `/forum/away.php` | High
|
||||
26 | File | `/h/` | Low
|
||||
27 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
||||
28 | File | `/inc/topBarNav.php` | High
|
||||
29 | File | `/index.php?app=main&func=passport&action=login` | High
|
||||
30 | File | `/index.php?page=category_list` | High
|
||||
31 | File | `/jobinfo/` | Medium
|
||||
32 | File | `/KeepAlive.jsp` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/Moosikay/order.php` | High
|
||||
35 | File | `/opac/Actions.php?a=login` | High
|
||||
36 | File | `/pms/admin/visits/view_visit.php` | High
|
||||
37 | File | `/PreviewHandler.ashx` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/recipe-result` | High
|
||||
40 | File | `/Repositories` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
|
||||
43 | File | `/send_order.cgi?parameter=access_detect` | High
|
||||
44 | File | `/Service/ImageStationDataService.asmx` | High
|
||||
45 | File | `/student/bookdetails.php` | High
|
||||
46 | File | `/text/pdf/PdfReader.java` | High
|
||||
47 | File | `/uploads/exam_question/` | High
|
||||
48 | File | `/user/ticket/create` | High
|
||||
49 | File | `/user/updatePwd` | High
|
||||
50 | File | `/userRpm/WanDynamicIpV6CfgRpm` | High
|
||||
51 | File | `/var/lib/docker/<remapping>` | High
|
||||
52 | File | `/wp-admin/admin-ajax.php` | High
|
||||
53 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
54 | File | `a-forms.php` | Medium
|
||||
55 | File | `account.asp` | Medium
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `admin.a6mambocredits.php` | High
|
||||
58 | ... | ... | ...
|
||||
|
||||
There are 547 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 503 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -10,7 +10,6 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -39,7 +38,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -48,47 +47,44 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `//proc/kcore` | Medium
|
||||
2 | File | `/?p=products` | Medium
|
||||
3 | File | `/action/wirelessConnect` | High
|
||||
4 | File | `/admin-ajax.php?action=eps_redirect_save` | High
|
||||
5 | File | `/admin/assign/assign.php` | High
|
||||
6 | File | `/admin/cashadvance_row.php` | High
|
||||
7 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
8 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
9 | File | `/admin/departments/view_department.php` | High
|
||||
10 | File | `/admin/login.php` | High
|
||||
11 | File | `/admin/maintenance/view_designation.php` | High
|
||||
12 | File | `/admin/suppliers/view_details.php` | High
|
||||
13 | File | `/admin/user/manage_user.php` | High
|
||||
14 | File | `/admin/user/uploadImg` | High
|
||||
15 | File | `/api/admin/store/product/list` | High
|
||||
16 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
17 | File | `/authenticationendpoint/login.do` | High
|
||||
18 | File | `/bin/login` | Medium
|
||||
19 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
20 | File | `/cgi-bin/kerbynet` | High
|
||||
21 | File | `/cgi-bin/luci` | High
|
||||
22 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
23 | File | `/classes/Master.php` | High
|
||||
24 | File | `/classes/Master.php?f=delete_item` | High
|
||||
25 | File | `/config/getuser` | High
|
||||
26 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
27 | File | `/forms/doLogin` | High
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/HNAP1` | Low
|
||||
30 | File | `/lan.asp` | Medium
|
||||
31 | File | `/licenses` | Medium
|
||||
32 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
33 | File | `/login/index.php` | High
|
||||
34 | File | `/mc` | Low
|
||||
35 | File | `/menu.html` | Medium
|
||||
36 | File | `/mims/login.php` | High
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-inventory-management-system/product.php` | High
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | ... | ... | ...
|
||||
2 | File | `/action/wirelessConnect` | High
|
||||
3 | File | `/admin/assign/assign.php` | High
|
||||
4 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
5 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
6 | File | `/admin/departments/view_department.php` | High
|
||||
7 | File | `/admin/maintenance/view_designation.php` | High
|
||||
8 | File | `/admin/suppliers/view_details.php` | High
|
||||
9 | File | `/admin/user/manage_user.php` | High
|
||||
10 | File | `/admin/user/uploadImg` | High
|
||||
11 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
||||
12 | File | `/authenticationendpoint/login.do` | High
|
||||
13 | File | `/bin/login` | Medium
|
||||
14 | File | `/cgi-bin/cstecgi.cgi` | High
|
||||
15 | File | `/cgi-bin/kerbynet` | High
|
||||
16 | File | `/cgi-bin/luci` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/classes/Master.php` | High
|
||||
19 | File | `/classes/Master.php?f=delete_item` | High
|
||||
20 | File | `/config/getuser` | High
|
||||
21 | File | `/contact/store` | High
|
||||
22 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
23 | File | `/forms/doLogin` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/HNAP1` | Low
|
||||
26 | File | `/lan.asp` | Medium
|
||||
27 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
||||
28 | File | `/login/index.php` | High
|
||||
29 | File | `/mc` | Low
|
||||
30 | File | `/menu.html` | Medium
|
||||
31 | File | `/mims/login.php` | High
|
||||
32 | File | `/out.php` | Medium
|
||||
33 | File | `/php-inventory-management-system/product.php` | High
|
||||
34 | File | `/plain` | Low
|
||||
35 | File | `/qsr_server/device/reboot` | High
|
||||
36 | File | `/spip.php` | Medium
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 315 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -61,12 +61,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -77,31 +77,31 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.travis.yml` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/admin.php` | Medium
|
||||
4 | File | `/admin/subnets/ripe-query.php` | High
|
||||
5 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
6 | File | `/debug/pprof` | Medium
|
||||
7 | File | `/export` | Low
|
||||
8 | File | `/file?action=download&file` | High
|
||||
9 | File | `/hardware` | Medium
|
||||
10 | File | `/medical/inventories.php` | High
|
||||
11 | File | `/monitoring` | Medium
|
||||
12 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
13 | File | `/plugin/LiveChat/getChat.json.php` | High
|
||||
14 | File | `/plugins/servlet/audit/resource` | High
|
||||
15 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
|
||||
16 | File | `/replication` | Medium
|
||||
17 | File | `/RestAPI` | Medium
|
||||
18 | File | `/tmp/speedtest_urls.xml` | High
|
||||
19 | File | `/tmp/zarafa-vacation-*` | High
|
||||
20 | File | `/uncpath/` | Medium
|
||||
21 | File | `/upload` | Low
|
||||
22 | File | `/user/loader.php?api=1` | High
|
||||
23 | File | `/var/log/nginx` | High
|
||||
24 | File | `/var/run/watchman.pid` | High
|
||||
25 | File | `/viewer/krpano.html` | High
|
||||
4 | File | `/admin/read.php?mudi=getSignal` | High
|
||||
5 | File | `/admin/subnets/ripe-query.php` | High
|
||||
6 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
7 | File | `/debug/pprof` | Medium
|
||||
8 | File | `/export` | Low
|
||||
9 | File | `/file?action=download&file` | High
|
||||
10 | File | `/hardware` | Medium
|
||||
11 | File | `/librarian/bookdetails.php` | High
|
||||
12 | File | `/medical/inventories.php` | High
|
||||
13 | File | `/monitoring` | Medium
|
||||
14 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
15 | File | `/plugin/LiveChat/getChat.json.php` | High
|
||||
16 | File | `/plugins/servlet/audit/resource` | High
|
||||
17 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
|
||||
18 | File | `/replication` | Medium
|
||||
19 | File | `/RestAPI` | Medium
|
||||
20 | File | `/tmp/speedtest_urls.xml` | High
|
||||
21 | File | `/tmp/zarafa-vacation-*` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/upload` | Low
|
||||
24 | File | `/user/loader.php?api=1` | High
|
||||
25 | File | `/var/log/nginx` | High
|
||||
26 | ... | ... | ...
|
||||
|
||||
There are 216 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 221 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -69,34 +69,37 @@ ID | Type | Indicator | Confidence
|
|||
12 | File | `/api/v2/cli/commands` | High
|
||||
13 | File | `/api/v2/open/rowsInfo` | High
|
||||
14 | File | `/api/v3/flows/instances/default-user-settings-flow/execute/` | High
|
||||
15 | File | `/asms/admin/?page=user/manage_user` | High
|
||||
16 | File | `/blog/comment` | High
|
||||
17 | File | `/classes/Login.php` | High
|
||||
18 | File | `/dosen/data` | Medium
|
||||
19 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
20 | File | `/env` | Low
|
||||
21 | File | `/etc/master.passwd` | High
|
||||
22 | File | `/etc/os-release` | High
|
||||
23 | File | `/file_manager/admin/save_user.php` | High
|
||||
24 | File | `/front/search.php` | High
|
||||
25 | File | `/garage/php_action/createBrand.php` | High
|
||||
26 | File | `/goform/addressNat` | High
|
||||
27 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
28 | File | `/goform/editFileName` | High
|
||||
29 | File | `/goform/form2WizardStep54` | High
|
||||
30 | File | `/goform/setSysAdm` | High
|
||||
31 | File | `/goform/webExcptypemanFilter` | High
|
||||
32 | File | `/goform/WifiBasicSet` | High
|
||||
33 | File | `/goform/WifiMacFilterGet` | High
|
||||
34 | File | `/hss/admin/categories/view_category.php` | High
|
||||
35 | File | `/isomedia/meta.c` | High
|
||||
36 | File | `/jurusanmatkul/data` | High
|
||||
37 | File | `/mods/_core/courses/users/create_course.php` | High
|
||||
38 | File | `/module/report_event/index.php` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | ... | ... | ...
|
||||
15 | File | `/api/wechat/app_auth` | High
|
||||
16 | File | `/asms/admin/?page=user/manage_user` | High
|
||||
17 | File | `/blog/comment` | High
|
||||
18 | File | `/classes/Login.php` | High
|
||||
19 | File | `/dosen/data` | Medium
|
||||
20 | File | `/E-mobile/App/System/File/downfile.php` | High
|
||||
21 | File | `/emap/devicePoint_addImgIco?hasSubsystem=true` | High
|
||||
22 | File | `/env` | Low
|
||||
23 | File | `/etc/master.passwd` | High
|
||||
24 | File | `/etc/os-release` | High
|
||||
25 | File | `/file_manager/admin/save_user.php` | High
|
||||
26 | File | `/front/search.php` | High
|
||||
27 | File | `/garage/php_action/createBrand.php` | High
|
||||
28 | File | `/goform/addressNat` | High
|
||||
29 | File | `/goform/AdvSetWrlsafeset` | High
|
||||
30 | File | `/goform/editFileName` | High
|
||||
31 | File | `/goform/form2WizardStep54` | High
|
||||
32 | File | `/goform/setSysAdm` | High
|
||||
33 | File | `/goform/webExcptypemanFilter` | High
|
||||
34 | File | `/goform/WifiBasicSet` | High
|
||||
35 | File | `/goform/WifiMacFilterGet` | High
|
||||
36 | File | `/hss/admin/categories/view_category.php` | High
|
||||
37 | File | `/index.php` | Medium
|
||||
38 | File | `/isomedia/meta.c` | High
|
||||
39 | File | `/jurusanmatkul/data` | High
|
||||
40 | File | `/load.php` | Medium
|
||||
41 | File | `/mods/_core/courses/users/create_course.php` | High
|
||||
42 | File | `/module/report_event/index.php` | High
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 347 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 368 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
# CloudEyE - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [CloudEyE](https://vuldb.com/?actor.cloudeye). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.cloudeye](https://vuldb.com/?actor.cloudeye)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of CloudEyE.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [194.55.224.183](https://vuldb.com/?ip.194.55.224.183) | - | - | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://threatfox.abuse.ch
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [PL](https://vuldb.com/?country.pl)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [PT](https://vuldb.com/?country.pt)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -35,14 +35,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -57,46 +57,48 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/admin/contacts/organizations/edit/2` | High
|
||||
6 | File | `/admin/curriculum/view_curriculum.php` | High
|
||||
7 | File | `/Admin/dashboard.php` | High
|
||||
8 | File | `/admin/edit_subject.php` | High
|
||||
9 | File | `/admin/sales/view_details.php` | High
|
||||
10 | File | `/admin/service.php` | High
|
||||
11 | File | `/admin/sign/out` | High
|
||||
12 | File | `/api/common/ping` | High
|
||||
13 | File | `/api/v2/open/tablesInfo` | High
|
||||
14 | File | `/api/wechat/app_auth` | High
|
||||
15 | File | `/asms/classes/Master.php?f=delete_img` | High
|
||||
16 | File | `/catcompany.php` | High
|
||||
17 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
18 | File | `/classes/Users.php` | High
|
||||
19 | File | `/cms/notify` | Medium
|
||||
20 | File | `/depotHead/list` | High
|
||||
21 | File | `/device/signin` | High
|
||||
22 | File | `/fusiondirectory/index.php` | High
|
||||
23 | File | `/goform/addressNat` | High
|
||||
24 | File | `/goform/fast_setting_wifi_set` | High
|
||||
25 | File | `/goform/RGFirewallEL` | High
|
||||
26 | File | `/goform/WifiBasicSet` | High
|
||||
27 | File | `/HNAP1` | Low
|
||||
28 | File | `/hslist` | Low
|
||||
29 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
30 | File | `/lists/admin/` | High
|
||||
31 | File | `/login/index.php` | High
|
||||
32 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
33 | File | `/myAccount` | Medium
|
||||
34 | File | `/note/index/delete` | High
|
||||
35 | File | `/operations/travellers.php` | High
|
||||
36 | File | `/php-sms/admin/orders/update_status.php` | High
|
||||
37 | File | `/php-sms/classes/Master.php?f=delete_service` | High
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
40 | File | `/release-x64/otfccdump+0x6e7e3d` | High
|
||||
41 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
42 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
|
||||
43 | File | `/sys/duplicate/check` | High
|
||||
44 | File | `/timeline2.php` | High
|
||||
45 | ... | ... | ...
|
||||
8 | File | `/admin/edit-accepted-appointment.php` | High
|
||||
9 | File | `/admin/edit_category.php` | High
|
||||
10 | File | `/admin/edit_subject.php` | High
|
||||
11 | File | `/admin/modal_add_product.php` | High
|
||||
12 | File | `/admin/sales/view_details.php` | High
|
||||
13 | File | `/admin/service.php` | High
|
||||
14 | File | `/admin/sign/out` | High
|
||||
15 | File | `/admin/test_status.php` | High
|
||||
16 | File | `/api/common/ping` | High
|
||||
17 | File | `/api/v2/open/tablesInfo` | High
|
||||
18 | File | `/api/wechat/app_auth` | High
|
||||
19 | File | `/asms/classes/Master.php?f=delete_img` | High
|
||||
20 | File | `/catcompany.php` | High
|
||||
21 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
22 | File | `/classes/Master.php?f=save_item` | High
|
||||
23 | File | `/classes/Users.php` | High
|
||||
24 | File | `/cms/notify` | Medium
|
||||
25 | File | `/depotHead/list` | High
|
||||
26 | File | `/device/signin` | High
|
||||
27 | File | `/fusiondirectory/index.php` | High
|
||||
28 | File | `/goform/addressNat` | High
|
||||
29 | File | `/goform/RGFirewallEL` | High
|
||||
30 | File | `/goform/WifiBasicSet` | High
|
||||
31 | File | `/h/` | Low
|
||||
32 | File | `/HNAP1` | Low
|
||||
33 | File | `/hslist` | Low
|
||||
34 | File | `/js/player/dmplayer/dmku/index.php` | High
|
||||
35 | File | `/lists/admin/` | High
|
||||
36 | File | `/login/index.php` | High
|
||||
37 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||||
38 | File | `/myAccount` | Medium
|
||||
39 | File | `/note/index/delete` | High
|
||||
40 | File | `/operations/travellers.php` | High
|
||||
41 | File | `/paysystem/datatable.php` | High
|
||||
42 | File | `/php-sms/admin/orders/update_status.php` | High
|
||||
43 | File | `/php-sms/classes/Master.php?f=delete_service` | High
|
||||
44 | File | `/preview.php` | Medium
|
||||
45 | File | `/public/launchNewWindow.jsp` | High
|
||||
46 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
47 | ... | ... | ...
|
||||
|
||||
There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 408 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
某些文件未显示,因为此 diff 中更改的文件太多 显示更多
正在加载...
在新工单中引用