BlankSlate 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (128)

タイムライン

言語

en102
it6
fr6
de6
ru4

国・地域

gb68
us22
it6
fr6
ru4

アクター

BlankSlate4
Cerber2
Ave Maria1

アクティビティ

関心

タイムライン

タイプ

Not Defined68
WordPress Plugin8
Content Management System6
Banking Software4
Server Management Software2

ベンダー

Not Defined32
SourceCodester14
Wondershare6
CodeAstro4
Campcodes4

製品

Kashipara Food Management System4
All in One SEO Pack Plugin4
Wondershare Dr.Fone4
pacman-canvas2
Juanpao JPShop2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1DZCP deV!L`z Clanportal config.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.49CVE-2010-0966
2JetBrains PhpStorm idea.log 情報の漏洩3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2022-48435
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k計算中HighWorkaround0.020160.00CVE-2007-1192
4All in One SEO Pack Plugin クロスサイトスクリプティング5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000760.04CVE-2023-0586
5PHPGurukul Online Notes Sharing System profile.php 未知の脆弱性4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.08CVE-2023-7052
6Views for WPForms Plugin create_view 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000520.04CVE-2024-0374
7All in One SEO Pack Plugin クロスサイトスクリプティング3.93.9$0-$5k$0-$5kNot DefinedNot Defined0.001010.00CVE-2023-0585
8SourceCodester Responsive Ordering System Product_model.php 特権昇格6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.005860.00CVE-2021-25206
9WPForms Pro Plugin 特権昇格7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002520.08CVE-2022-3574
10Wondershare Dr.Fone 特権昇格7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.000820.00CVE-2023-29835
11WPForms Pro Form Submission クロスサイトスクリプティング5.95.8$0-$5k$0-$5kNot DefinedNot Defined0.000520.04CVE-2023-7063
12Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php SQLインジェクション5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000610.04CVE-2023-5681
13Campcodes Simple Student Information System manage_academic.php SQLインジェクション6.26.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.08CVE-2023-5929
14Campcodes Simple Student Information System index.php SQLインジェクション6.26.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-5923
15CodeAstro Internet Banking System pages_reset_pwd.php クロスサイトスクリプティング4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.04CVE-2023-5695
16SourceCodester Engineers Online Portal downloadable_student.php SQLインジェクション7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.000770.04CVE-2023-5276
17ZZZCMS Database Backup File save.php restore 特権昇格7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000610.00CVE-2023-5263
18MicroWorld eScan Anti-Virus runasroot Local Privilege Escalation7.87.6$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000420.00CVE-2023-4383
19Lightxun IPTV Gateway web_upload_template.html 特権昇格5.04.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.04CVE-2023-7026
20SourceCodester Best Courier Management System manage_parcel_status.php クロスサイトスクリプティング4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000500.11CVE-2023-5273

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
119.48.17.0BlankSlate2022年04月01日verified
254.68.27.226ec2-54-68-27-226.us-west-2.compute.amazonaws.comBlankSlate2022年04月01日verified
3XX.XX.XX.Xxxxxxxx-xxx-xxx-xxx-xxx.xx.xx.xxxx.xxxxxxxxxx.xxXxxxxxxxxx2022年04月01日verified
4XX.XX.XXX.Xxxx.xx-xx-xx-xxx.xxXxxxxxxxxx2022年04月01日verified
5XXX.XX.XXX.XXXxxxxxxxxx2022年04月01日verified
6XXX.XXX.X.XXXxxx.x.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxx2022年04月01日verified
7XXX.XXX.XXX.Xxxx.xxxx.xxx.xxxx.xxxxxxxXxxxxxxxxx2022年04月01日verified
8XXX.XXX.XXX.Xxxx.xx-xxx-xxx-xxx.xxXxxxxxxxxx2022年04月01日verified
9XXX.XXX.XXX.XXxxxxxxxxx2022年04月01日verified

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22, CWE-24Path Traversalpredictive
2T1040CAPEC-102CWE-294Authentication Bypass by Capture-replaypredictive
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4TXXXXCAPEC-242CWE-XXXxxxxxxx Xxxxxxxxxpredictive
5TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
6TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
7TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
8TXXXXCAPEC-81CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
9TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
10TXXXXCAPEC-112CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
11TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
12TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
13TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (119)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin/index.phppredictive
2File/admin/list_addr_fwresource_ip.phppredictive
3File/admin/makehtml_freelist_action.phppredictive
4File/admin/return_add.phppredictive
5File/admin/save.phppredictive
6File/admin/service/stop/predictive
7File/admin/students/manage_academic.phppredictive
8File/api/v1/attack/falcopredictive
9File/application/websocket/controller/Setting.phppredictive
10File/cgi-bin/cstecgi.cgipredictive
11File/cgi-bin/login_action.cgipredictive
12File/event/admin/?page=user/listpredictive
13File/include/file.phppredictive
14File/index.phppredictive
15File/index.php?menu=asterisk_clipredictive
16File/xxxx/xxxxx/xxxxxxpredictive
17File/xxxxxxxxxxxxxxxpredictive
18File/xxxxxxxx/xxxxpredictive
19File/xxxxxxx/predictive
20File/xxxx/xxxxxxx.xxxpredictive
21File/xxxxxxxxxx.xxxpredictive
22File/xxxxxx/xxxxx.xxx/xxxxx/xxxxx/xxx_xxxxxx_xxxxxxxx.xxxxpredictive
23Filexxxxxxxxxxxx.xxxpredictive
24Filexxxxx/xxx_xxxxxxxx.xxxpredictive
25Filexxxxx/xxxxxxxxxx/xxxxxxx.xxxpredictive
26Filexxx/xxxxxx/xxxxxx.xxxpredictive
27Filexxx/xxxxx/xxxxxxxxxx/xxxx.xxxpredictive
28Filexxx/xxxx/xxxxx/xxxx.xxxpredictive
29Filexxxxxxx.xxxpredictive
30Filexxxxxxx.xxxpredictive
31Filexxxxxxx.xxxpredictive
32Filexxxxxx-xxxxxxx.xxxpredictive
33Filexxxxxxxxxx.xxxpredictive
34Filexxxxxxxx_xxxxxxx.xxxpredictive
35Filexxxx/xx-xxxxxxx.xxxpredictive
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
37Filexxxxxxx.xxxpredictive
38Filexxxxxxxxxxxx_xxxxxxx.xxxpredictive
39Filexxxxxx_xxxxx_xxxxxxxx.xxxpredictive
40Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxxpredictive
41Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=xpredictive
42Filexxxx.xxxpredictive
43Filexxx/xxxxxxx/xxxxxxxxxxxxxx.xpredictive
44Filexxxxxxxx/xxxxx.xxxpredictive
45Filexxxx.xxxpredictive
46Filexxx/xxxxxx.xxxpredictive
47Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictive
48Filexxxxx.xxxpredictive
49Filexx/xxxxxxx.xpredictive
50Filexxxxx/xxxx.xxxpredictive
51Filexxxx_xxxx_xxxxxx.xxxpredictive
52Filexxx.x/xxxxxx.xpredictive
53Filexxxxxx/xxx/xxxxxxxxxxx/xxxx_xxxxxxxxxx.xxpredictive
54Filexxxxxxxxxx.xxxpredictive
55Filexxxxxx_xxxxxx_xxxxxx.xxxpredictive
56Filexxxxxxxxxxx_xxxxx_xxxxxxxx.xxxpredictive
57Filexxxxxxxxx.xxxpredictive
58Filexxxxx_xxxxx_xxx.xxxpredictive
59Filexxxxxxx.xxxpredictive
60Filexxxxxxx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxxpredictive
61Filexxxxxxx_xxxxx.xxxpredictive
62Filexxxxxxxx_xxxxx_xxxxxxxx.xxxpredictive
63Filexxxxxxxxx/xxxx/xxxxxxxxx.xxxpredictive
64Filexxxx/xxxx/predictive
65Filexxxxxxxxxpredictive
66Filexxxx/xxxxx_xxxxxx.xxxpredictive
67Filexxxxxx_xxxxxxx.xxxpredictive
68Filexxx/xxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictive
69Filexxxxxx_xxx_xxxxx_xxx.xxxpredictive
70Filexxxxxxxx/xxxxx/xxx_xxx.xxxpredictive
71Filexxxx_x_xxxx.xxxpredictive
72Filexxxxx/xxxx_xxxx.xxxpredictive
73Libraryxxx.xxxpredictive
74Argument$xxxx["xx"]predictive
75Argument$_xxxxxx['xxx_xxxx']predictive
76Argument$_xxxxxx['xxxxxx_xxxx']predictive
77Argumentxxxxxxpredictive
78Argumentxxxxxxpredictive
79Argumentxxxxxxxxpredictive
80Argumentxxxxxxxpredictive
81Argumentxxxxxxxxxxxxxxpredictive
82Argumentx_xxxxxxpredictive
83Argumentxxxxxxxxxxxpredictive
84Argumentxxx_xxxxpredictive
85Argumentxxxxxxxxpredictive
86Argumentxxxxxxpredictive
87Argumentxxxxxxxxxxxxpredictive
88Argumentxxxxxpredictive
89Argumentxxxxx/xxxxxxx/xxx/xxpredictive
90Argumentxxxxx_xxxxxxxpredictive
91Argumentxxxxxpredictive
92Argumentxxxxpredictive
93Argumentxxxxx xxxx/xxxx xxxxpredictive
94Argumentxxxxxpredictive
95Argumentxxxx_xxxxpredictive
96Argumentxxpredictive
97Argumentxxx_xxx_xxxxxpredictive
98Argumentxxxxxxpredictive
99Argumentxxxxpredictive
100Argumentxxxxpredictive
101Argumentxxxxxxxxpredictive
102Argumentxxx_xxxxx_xxpredictive
103Argumentxxxxxxxxxx/xxxx/xxxxxxxx/xxxx/xxxxxxx_xxxxpredictive
104Argumentxxxxxxxxpredictive
105Argumentxxxxxxxxpredictive
106Argumentxxxx_xxxxpredictive
107Argumentxxxxxxxpredictive
108Argumentxxxxxxxpredictive
109Argumentxxxpredictive
110Argumentxxxxxxxpredictive
111Argumentxxxxxxxpredictive
112Argumentxxxx_xxxxpredictive
113Argumentx_xxxx/x_xxxxpredictive
114Argumentxxxpredictive
115Argumentxxxxxxxx/xxxxxxxxpredictive
116Input Value(xxxxxxxxx(xxxx,xxxxxx(xxxx,xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx),xxxx))predictive
117Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictive
118Input Valuexxxxxxx%xxxxxxxxx.xxx'%xx%xx<xxxxxx%xx>xxxxx(xxxx)</xxxxxx>predictive
119Network Portxxx/xx (xxx)predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!