Shiz 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (164)

タイムライン

言語

en116
de38
zh6
es2
fr2

国・地域

de38
us24
cn14
es4
ru2

アクター

Ramnit9
Shiz3
Chthonic2
Dridex1
Mirai1

アクティビティ

関心

タイムライン

タイプ

Not Defined72
Content Management System8
Web Server6
Domain Name Software6
Cloud Software4

ベンダー

Not Defined38
SourceCodester28
Microsoft8
Google4
Apache4

製品

SourceCodester Online Exam System8
SourceCodester Lost and Found Information System6
Dnsmasq6
Microsoft IIS4
SquaredUp4

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1D-Link DIR-846 QoS POST 特権昇格8.88.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-6580
2SourceCodester Online Exam System GET Parameter updateCourse.php SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.08CVE-2023-2642
3SourceCodester Online Internship Management System POST Parameter login.php SQLインジェクション8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.08CVE-2023-2641
4OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment サービス拒否6.06.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.04CVE-2023-2618
5OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeByteSegment サービス拒否5.65.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000730.08CVE-2023-2617
6SourceCodester Online Reviewer System GET Parameter user-update.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000890.04CVE-2023-2596
7SourceCodester Billing Management System POST Parameter ajax_service.php SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000890.04CVE-2023-2595
8SourceCodester Food Ordering Management System Registration SQLインジェクション8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.04CVE-2023-2594
9SourceCodester Multi Language Hotel Management Software POST Parameter ajax.php クロスサイトスクリプティング4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000620.04CVE-2023-2565
10jja8 NewBingGoGo クロスサイトスクリプティング4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.08CVE-2023-2560
11External Media without Import Plugin external-media-without-import.php print_media_new_panel クロスサイトスクリプティング4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000520.08CVE-2017-20183
12SourceCodester Online Tours & Travels Management System disapprove_delete.php exec SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.04CVE-2023-2619
13PHP-Login POST Parameter class.loginscript.php checkLogin SQLインジェクション8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000590.19CVE-2016-15031
14Dnsmasq Pending Request 特権昇格4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.005360.04CVE-2020-25686
15RRJ Nueva Ecija Engineer Online Portal Quiz add_quiz.php クロスサイトスクリプティング4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000510.04CVE-2024-0190
16Apache ActiveMQ 特権昇格7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.001260.05CVE-2022-41678
17D-Link DIR-846 HNAP1 Privilege Escalation8.07.9$5k-$25k$5k-$25kNot DefinedNot Defined0.006670.00CVE-2023-33735
18PHP phpinfo クロスサイトスクリプティング4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.019600.05CVE-2007-1287
19DZCP deV!L`z Clanportal config.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.53CVE-2010-0966
20Dnsmasq DNSSEC 特権昇格7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002840.04CVE-2017-15107

IOC - Indicator of Compromise (36)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
113.107.21.200Shiz2021年11月06日verified
213.107.22.200Shiz2021年11月06日verified
323.56.9.181a23-56-9-181.deploy.static.akamaitechnologies.comShiz2021年11月06日verified
423.253.126.58Shiz2021年11月06日verified
527.86.106.68mx01.au.comShiz2022年05月11日verified
635.229.93.4646.93.229.35.bc.googleusercontent.comShiz2022年04月14日verified
735.231.151.77.151.231.35.bc.googleusercontent.comShiz2021年11月06日verified
845.33.2.79li956-79.members.linode.comShiz2021年11月06日verified
9XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
10XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
11XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
12XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
13XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
14XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxXxxx2021年11月06日verified
15XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
16XX.XX.XXX.XXXxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
17XX.XX.XXX.XXxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
18XX.XX.XXX.XXXXxxx2022年06月25日verified
19XX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
20XXX.XXX.XXX.XXxxxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxx2022年05月06日verified
21XXX.XXX.XXX.XXXXxxx2021年11月06日verified
22XXX.XXX.XX.XXXx-xxxx.xx-xxxxxx.xxxXxxx2021年11月06日verified
23XXX.XX.XX.XXXxxx2021年11月06日verified
24XXX.XX.XX.XXXxxx2021年11月06日verified
25XXX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
26XXX.XXX.XXX.XXXXxxx2022年05月06日verified
27XXX.X.XXX.XXxxxxxx.xx.xxx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx2022年05月11日verified
28XXX.XX.XXX.XXXxxx2022年05月06日verified
29XXX.XXX.XXX.XXxxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx2023年02月20日verified
30XXX.XX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx2021年11月06日verified
31XXX.XXX.XX.XXXXxxx2022年04月14日verified
32XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxx2022年04月14日verified
33XXX.XX.XXX.XXXXxxx2022年05月06日verified
34XXX.XX.XXX.XXXxxx2022年05月06日verified
35XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx2021年11月06日verified
36XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx2022年04月14日verified

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94Argument Injectionpredictive
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary Privilegespredictive
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
7TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictive
8TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
10TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
11TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
12TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
14TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictive
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
17TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx Xxxxpredictive
18TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
19TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
20TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
21TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (131)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/.htpasswdpredictive
2File/admin/budget/manage_budget.phppredictive
3File/admin/edit_subject.phppredictive
4File/admin/save_teacher.phppredictive
5File/admin/service.phppredictive
6File/api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequestpredictive
7File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictive
8File/cas/logoutpredictive
9File/cgi-bin/nasset.cgipredictive
10File/changeimage.phppredictive
11File/dosen/datapredictive
12File/HNAP1predictive
13File/HNAP1/predictive
14File/index.php/weblinks-categoriespredictive
15File/jurusan/datapredictive
16File/kelas/datapredictive
17File/xxxxxxxxxx/xxxxpredictive
18File/xxx/xxxxx?xxxxx=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&xxxxx=xxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictive
19File/xxxxxxxxx/xxxxpredictive
20File/xxxx/xxxxx-xx-x/predictive
21File/xxxxxxxxx/xxxxxx.xxxpredictive
22File/xxxxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxx/xxxx-xxxxxx.xxxpredictive
23File/xxxx_xxxxx.xxx?xxxxxxxxx=xxxxxxxpredictive
24File/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxxpredictive
25File/xxxxxxx/predictive
26File/xx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictive
27Filexxx_xxxx.xxxpredictive
28Filexxxxx/predictive
29Filexxxxx/?xxxx=xxxxxxxxxx/xxxxxx_xxxxxxxxpredictive
30Filexxxxx/xxxxx.xxxpredictive
31Filexxxxx/xxxxxxxx_xxxxx_xxxx.xxxpredictive
32Filexxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxxpredictive
33Filexxxxx_xxx.xxx?xxxxxx=xxxpredictive
34Filexxxx.xxxpredictive
35Filexxxx_xxxxxxx.xxxpredictive
36Filexxxx/xxx/xx.xpredictive
37Filex:\xxxxxxxx.xxxpredictive
38Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictive
39Filexxx.xpredictive
40Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxxxpredictive
41Filexxxxx.xxxpredictive
42Filexxxxxxxx.xxxpredictive
43Filexxxxxxxxxx_xxxxxx.xxxpredictive
44Filexxxxxxxxxxxxx.xxxpredictive
45Filexxxxxxxx-xxxxx-xxxxxxx-xxxxxx.xxxpredictive
46Filexxxxxxxxxxxx.xxxpredictive
47Filexx_xxxxxxx.xxxpredictive
48Filexxxxxxxxxxxxxxxx.xxxpredictive
49Filexxxxxxxxxx.xxxxx.xxxpredictive
50Filexxxxxxxxxxxxxxxxx.xxxpredictive
51Filexxx/xxxxxx.xxxpredictive
52Filexxxxx.xxx?x=xxxxxxxxpredictive
53Filexxxxx/xxxx.xxxpredictive
54Filexxxxxx.xxpredictive
55Filexxxxx/xxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictive
56Filexxx_xxxx.xxxpredictive
57Filexxxxxx_xxxxxxx.xxxpredictive
58Filexxxxxx.xpredictive
59Filexxxxxx/xxxxxxx/xxxxxxx_xxx_xxxxxx_xxxxxx.xxxpredictive
60Filexxxxxxxx.xxxpredictive
61Filexxxxxxxx/xxxxxx_xxxxxxxx.xxxpredictive
62Filexxxxxxx.xpredictive
63Filexxxx/xxx/xxx_xxxx.xpredictive
64Filexxxxxxx_xxxxxxxxxxxxx.xxxpredictive
65Filexxxx_xxxx.xxxpredictive
66Filexxxxxx_xxxx.xxxpredictive
67Filexxxxxxxx.xxxpredictive
68Filexxxxx.xxxpredictive
69Filexxxxx/xxxx_xxxx.xxxpredictive
70Filexxxx_xxxxxx.xxxpredictive
71Filexxxxxx.xxxpredictive
72Filexxxxxxx.xxxxpredictive
73Filexxxx.xxpredictive
74Library/xxxxxxxxxx.xxx.xxxpredictive
75Libraryxxx/xxxxxxxx.xxxpredictive
76Libraryxxxxx.xxxpredictive
77Argument$_xxxxxx['xxxxx_xxxxxx']predictive
78Argumentxxxxxxxx_xxxxpredictive
79Argumentxxxxxxxxpredictive
80Argumentxxxxxxpredictive
81Argumentxxxxxxxxpredictive
82Argumentxxxxxxxxxxpredictive
83Argumentxx_xxpredictive
84Argumentxxxxxx_xxpredictive
85Argumentxxxx_xxpredictive
86Argumentxxxxxxx[x][xxxx]predictive
87Argumentxxxxxxxxx_xxxxpredictive
88Argumentxxxx_xxxxxxxxpredictive
89Argumentxxxxxpredictive
90Argumentxxxx_xxxxxxx_xxxxpredictive
91Argumentxxxxxxxxpredictive
92Argumentxxxxxxpredictive
93Argumentxxxxxxxx/xxxxxxx/xxxxxxxpredictive
94Argumentxxpredictive
95Argumentxxxxxpredictive
96Argumentxxxxxxxpredictive
97Argumentxxxxxxxxxxpredictive
98Argumentxxxxpredictive
99Argumentxxxxxxpredictive
100Argumentxxxxxxpredictive
101Argumentxxx_xxxxxxxxpredictive
102Argumentxxxxpredictive
103Argumentxxxxxxxxxxxxxxxxxx:xxxxxxxxxxxxxxxxpredictive
104Argumentxxxxxxxxpredictive
105Argumentxxxx xxxxx/xxxx xxxxxxxxxxxpredictive
106Argumentxxxxxxxpredictive
107Argumentxxxxxxxpredictive
108Argumentxxxx/xxxxpredictive
109Argumentxxxxpredictive
110Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictive
111Argumentxxxxxxpredictive
112Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictive
113Argumentxxxpredictive
114Argumentxxx/xxxxx/xxxxx/xxxxxx/xxxx-xxxxpredictive
115Argumentxxxxxxxxpredictive
116Argumentxxxxxxxx-xxxx-xxpredictive
117Argumentxxxxxxxx/xxxxxxxxpredictive
118Argumentxxxxxxxx/xxxxxxxxpredictive
119Argumentxxxx_xxpredictive
120Input Value-xpredictive
121Input Valuex%xx%xx%xxxxxxx%xxxxxxxx%xxxxxxxxxx%xxxxxx%xx%xxxxxxx_xxxxx%xx%xx--%xx%xxpredictive
122Input Valuexxxxxxpredictive
123Input Value</xxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictive
124Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictive
125Input Valuexxxxxpredictive
126Input Valuexxxxxxpredictive
127Input Valuexxxxxxxxxx:xxxxxxxxxpredictive
128Pattern|xx|predictive
129Network Portxxx/xx (xxx xxxxxxxx)predictive
130Network Portxxx/xxxxxpredictive
131Network Portxxx xxxxxx xxxxpredictive

参考 (7)

The following list contains external sources which discuss the actor and the associated activities:

概要

Want to stay up to date on a daily basis?

Enable the mail alert feature now!