APT32 Analysisinfo

IOB - Indicator of Behavior (769)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

Lang

en622
it44
zh41
fr20
es17

Country

Actors

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android24
Microsoft Windows18
Apple macOS12
Linux Kernel12
Apple iOS10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1BD Totalys MultiProcessor hard-coded credentials8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2022-40263
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
3FreeQboard features.php privileges management7.36.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.079370.00CVE-2006-2998
4DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.028200.45CVE-2010-0966
5Google Chrome V8 Remote Code Execution6.35.7$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.821970.03CVE-2020-16040
6Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 access control5.35.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.001170.00CVE-2023-1453
7Mihalism Multi Host users.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.001850.07CVE-2008-0714
8Ecommerce Online Store Kit shop.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.086180.00CVE-2004-0300
9Gempar Script Toko Online shop_display_products.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001000.03CVE-2009-0296
10Apache PDFbox XML Parser xml external entity reference7.87.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000910.00CVE-2016-2175
11Google Android SimpleDecodingSource.cpp doRead privileges management9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001020.05CVE-2021-39623
12D-Link DCS-2530L/DCS-2670L ddns_enc.cgi command injection7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.001440.05CVE-2020-25079
13Puppet Agent SSL Certificate Valu certificate validation5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000580.00CVE-2018-11751
14Norton Password Manager origin validation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000720.04CVE-2019-18381
15Facebook osquery Configuration extensions.load link following7.77.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.002220.03CVE-2019-3567
16Microsoft Office Word Remote Code Execution7.06.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.101670.05CVE-2023-28311
17Microsoft Windows HMAC Key Derivation Local Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000610.04CVE-2023-36400
18Microsoft Windows Kernel NtQueryInformationJobObject Kernel Memory information disclosure5.14.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.112770.00CVE-2017-8478
19SourceCodester Electronic Medical Records System Cookie administrator.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.002140.04CVE-2023-1151
20ampleShop category.cfm sql injection7.37.3$0-$5k$0-$5kNot DefinedUnavailable0.005900.05CVE-2006-2038

Campaigns (2)

These are the campaigns that can be associated with the actor:

  • Cobalt Kitty
  • OceanLotus

IOC - Indicator of Compromise (68)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.230.35.192APT3208/29/2024verifiedVery High
223.227.196.12623-227-196-126.static.hvvc.usAPT32Cobalt Kitty12/15/2020verifiedLow
323.227.196.21023-227-196-210.static.hvvc.usAPT3212/15/2020verifiedLow
423.227.199.12123-227-199-121.static.hvvc.usAPT32Cobalt Kitty12/15/2020verifiedLow
527.102.70.211APT32Cobalt Kitty12/15/2020verifiedLow
637.59.198.130APT32OceanLotus12/15/2020verifiedLow
737.59.198.131APT32OceanLotus12/15/2020verifiedLow
845.32.100.17945.32.100.179.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
945.32.105.45APT32OceanLotus12/15/2020verifiedLow
1045.32.114.4945.32.114.49.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
1145.76.147.20145.76.147.201.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
1245.76.179.2845.76.179.28.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
1345.76.179.15145.76.179.151.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
1445.77.39.10145.77.39.101.vultr.comAPT32OceanLotus12/15/2020verifiedVery Low
1545.114.117.137APT32Cobalt Kitty12/15/2020verifiedLow
1645.114.117.164folien.reisnart.comAPT32OceanLotus12/15/2020verifiedLow
1746.183.223.79ip-223-79.dataclub.infoAPT3208/29/2024verifiedVery High
1851.81.29.44ip44.ip-51-81-29.usAPT3208/29/2024verifiedVery High
1964.62.174.9agent2.jenkins.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2064.62.174.16unassigned16.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2164.62.174.17unassigned17.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2264.62.174.21unassigned21.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2364.62.174.41dev1.plant-orbit.comAPT32OceanLotus12/15/2020verifiedLow
2464.62.174.99unassigned99.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2564.62.174.145unassigned145.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2664.62.174.146unassigned146.net2.fc.aoindustries.comAPT32OceanLotus12/15/2020verifiedLow
2779.143.87.174APT32OceanLotus12/15/2020verifiedLow
2880.255.3.87APT3212/15/2020verifiedLow
2989.33.64.207APT32OceanLotus12/15/2020verifiedLow
3089.33.64.232mypicsfromplane.comAPT32OceanLotus12/15/2020verifiedLow
3191.231.182.18425761.vps.hostiko.networkAPT3208/29/2024verifiedHigh
32103.28.44.112103028044112.hkserverdomain.comAPT32OceanLotus12/15/2020verifiedLow
33103.28.44.115103028044115.hkserverdomain.comAPT32OceanLotus12/15/2020verifiedLow
34103.41.177.33APT32Cobalt Kitty12/15/2020verifiedLow
35103.53.197.202sg06.dewaweb.comAPT3212/15/2020verifiedLow
36104.24.118.185APT32Cobalt Kitty12/15/2020verifiedLow
37104.24.119.185APT32Cobalt Kitty12/15/2020verifiedLow
38104.27.166.79APT32Cobalt Kitty12/15/2020verifiedLow
39104.27.167.79APT32Cobalt Kitty12/15/2020verifiedLow
40104.237.218.67usgreatly.comAPT32Cobalt Kitty12/15/2020verifiedLow
41104.237.218.7070.utdanne.104.xandien.nlAPT3212/15/2020verifiedLow
42104.237.218.72emudd.pointumetwe.comAPT3212/15/2020verifiedLow
43108.170.31.69APT32Cobalt Kitty12/15/2020verifiedLow
44110.10.179.65APT32Cobalt Kitty12/15/2020verifiedLow
45128.199.90.216APT32OceanLotus12/15/2020verifiedLow
46128.199.227.80426977.cloudwaysapps.comAPT32OceanLotus12/15/2020verifiedVery Low
47138.197.236.215APT32OceanLotus12/15/2020verifiedLow
48139.59.217.207APT32OceanLotus12/15/2020verifiedLow
49139.59.220.10APT32OceanLotus12/15/2020verifiedLow
50139.59.220.12APT32OceanLotus12/15/2020verifiedLow
51139.59.223.191APT32OceanLotus12/15/2020verifiedLow
52176.103.63.48APT3208/29/2024verifiedVery High
53176.107.176.6176.107.176.6.ptrAPT32Cobalt Kitty12/15/2020verifiedLow
54176.107.177.216176.107.177.216.deltahost-ptrAPT32Cobalt Kitty12/15/2020verifiedLow
55176.223.111.116APT32Cobalt Kitty12/15/2020verifiedLow
56184.95.51.179pen179.penflexhost.comAPT32Cobalt Kitty12/15/2020verifiedLow
57184.95.51.181mx.earthgeneration.orgAPT32Cobalt Kitty12/15/2020verifiedLow
58184.95.51.190laudantiumkvgqi.finewonu.clubAPT32Cobalt Kitty12/15/2020verifiedLow
59185.43.220.188vz24.hostlife.netAPT3208/29/2024verifiedVery High
60185.157.79.3185.157.79.3.deltahost-ptrAPT3212/15/2020verifiedLow
61185.198.57.184185-198-57-184.hostsailor.comAPT3208/29/2024verifiedVery High
62188.166.219.18696006.cloudwaysapps.comAPT32OceanLotus12/15/2020verifiedVery Low
63192.121.176.148APT32Cobalt Kitty12/15/2020verifiedLow
64193.107.109.148321780.vps.hostiko.networkAPT3208/29/2024verifiedHigh
65193.169.245.78193.169.245.78.deltahost-ptrAPT3212/15/2020verifiedLow
66193.169.245.137n116.deltahost.com.uaAPT3212/15/2020verifiedLow
67203.114.75.22APT32OceanLotus12/15/2020verifiedLow
68203.114.75.73APT32OceanLotus12/15/2020verifiedLow

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
6T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7T1110.001CAPEC-191CWE-798Hard-coded CredentialspredictiveHigh
8T1202CAPEC-136CWE-77, CWE-78Command Shell in Externally Accessible DirectorypredictiveHigh
9T1204.001CAPEC-178CWE-601Open RedirectpredictiveHigh
10T1211CWE-2547PK Security FeaturespredictiveHigh
11T1222CAPEC-1CWE-275, CWE-276Permission IssuespredictiveHigh
12T1505CAPEC-108CWE-89SQL InjectionpredictiveHigh
13T1548.002CAPEC-1CWE-285Improper AuthorizationpredictiveHigh
14T1552CAPEC-102CWE-255, CWE-522, CWE-640Credentials ManagementpredictiveHigh
15T1574CAPEC-38CWE-426, CWE-427Untrusted Search PathpredictiveHigh
16T1587.003CAPEC-459CWE-295Improper Certificate ValidationpredictiveHigh
17T1588.001CAPEC-133CWE-912BackdoorpredictiveHigh
18T1592CAPEC-116CWE-200, CWE-209, CWE-532Invocation of Process Using Visible Sensitive InformationpredictiveHigh
19T1592.004CWE-16ConfigurationpredictiveHigh
20T1600CAPEC-157CWE-310, CWE-311, CWE-326, CWE-327Cryptographic IssuespredictiveHigh
21T1600.001CWE-320, CWE-321, CWE-547Key Management ErrorpredictiveHigh
22T1608.002CAPEC-1CWE-434Incomplete Identification of Uploaded File VariablespredictiveHigh
23T1611CWE-265Containment ErrorspredictiveHigh

IOA - Indicator of Attack (305)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/predictiveLow
2File/admin/article.phppredictiveHigh
3File/admin/uesrs.php&action=type&userrole=Admin&userid=3predictiveHigh
4File/api/predictiveLow
5File/cgi-bin/cgiServer.exxpredictiveHigh
6File/cgi-bin/login_action.cgipredictiveHigh
7File/cgi-bin/nobody/Search.cgipredictiveHigh
8File/cgi-bin/system_mgr.cgipredictiveHigh
9File/cgi-bin/webviewer_login_pagepredictiveHigh
10File/dev/sg0predictiveMedium
11File/event/runquery.dopredictiveHigh
12File/exportpredictiveLow
13File/filemanager/php/connector.phppredictiveHigh
14File/forum/away.phppredictiveHigh
15File/goform/setmacpredictiveHigh
16File/log_download.cgipredictiveHigh
17File/manager?action=getlogcatpredictiveHigh
18File/mgmt/tm/util/bashpredictiveHigh
19File/nova/bin/detnetpredictiveHigh
20File/pages/systemcall.php?command={COMMAND}predictiveHigh
21File/password.htmlpredictiveHigh
22File/php_action/fetchSelectedCategories.phppredictiveHigh
23File/public/login.htmpredictiveHigh
24File/services/prefs.phppredictiveHigh
25File/system/ws/v11/ss/emailpredictiveHigh
26File/uncpath/predictiveMedium
27File/uploadpredictiveLow
28File/user/update_booking.phppredictiveHigh
29Fileadd_edit_user.asppredictiveHigh
30Fileadd_vhost.phppredictiveHigh
31Fileadmin/gv_mail.phppredictiveHigh
32Fileadmin/images.aspxpredictiveHigh
33Fileadmin/index.phppredictiveHigh
34Fileadministrator.phppredictiveHigh
35Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
36Fileadminpanel/admin/facebox_modal/updateCourse.phppredictiveHigh
37Fileadv2.php?action=modifypredictiveHigh
38Fileagent.cfgpredictiveMedium
39Filearch/x86/include/asm/fpu/internal.hpredictiveHigh
40Fileasm/float.cpredictiveMedium
41Fileasm/nasm.cpredictiveMedium
42Fileauth.phppredictiveMedium
43Fileawstatstotals.phppredictiveHigh
44Filebackup.cgipredictiveMedium
45Filebinder.cpredictiveMedium
46Filebitfield.cpredictiveMedium
47Fileblob.cpppredictiveMedium
48Filebooks.phppredictiveMedium
49Filec.phppredictiveLow
50Filecat.phppredictiveLow
51Filecategories.phppredictiveHigh
52Filecategory.cfmpredictiveMedium
53Filecgi-bin/predictiveMedium
54Filecgi-bin/ddns_enc.cgipredictiveHigh
55Filecgi-bin/luci/admin/network/firewall/rulespredictiveHigh
56Filecgi-bin/MANGA/admin.cgipredictiveHigh
57Filecgi-mod/index.cgipredictiveHigh
58Filecli.confpredictiveMedium
59Filecoders/png.cpredictiveMedium
60Filecoders/tiff.cpredictiveHigh
61Filecoffgen.cpredictiveMedium
62Fileconfig.xmlpredictiveMedium
63Fileconnector.minimal.phppredictiveHigh
64Filecustomer-add.phppredictiveHigh
65Filecustomer.area/customer.browse.list.phppredictiveHigh
66Filecustomer.phppredictiveMedium
67Filedata/gbconfiguration.datpredictiveHigh
68Filedb.phppredictiveLow
69Filedetail.phppredictiveMedium
70Filedevtools.shpredictiveMedium
71Filedomain/section/markdown/markdown.gopredictiveHigh
72Filedrivers/gpu/drm/udl/udl_fb.cpredictiveHigh
73Filedrivers/scsi/sr_ioctl.cpredictiveHigh
74Filedrivers/usb/misc/iowarrior.cpredictiveHigh
75Fileebmlstring.cpredictiveMedium
76Fileelf.cpredictiveLow
77Fileemail.phppredictiveMedium
78Fileevents-manager.jspredictiveHigh
79FileExceptionHandler.phppredictiveHigh
80Fileextensions.loadpredictiveHigh
81Filefeatures.phppredictiveMedium
82FileFlexPaperViewer.swfpredictiveHigh
83Filefolder_view.phppredictiveHigh
84FileFortiClientOnlineInstaller.exepredictiveHigh
85Fileframework/core/subsystems/expRouter.phppredictiveHigh
86Filefs/userfaultfd.cpredictiveHigh
87Filefunction.cpredictiveMedium
88Filefunctions.phppredictiveHigh
89Filefunctions_mod_user.phppredictiveHigh
90FilegetRemoteImage.phppredictiveHigh
91Fileget_set.ccppredictiveMedium
92Filegki_buffer.ccpredictiveHigh
93Filehandle_load_config.phppredictiveHigh
94Filehh.exepredictiveLow
95Fileimage_upload.phppredictiveHigh
96Fileimap/lmtp_sieve.cpredictiveHigh
97Fileinc/config.phppredictiveHigh
98Fileinc/filebrowser/browser.phppredictiveHigh
99Fileinclude/findusers.phppredictiveHigh
100Fileincludes/head.inc.phppredictiveHigh
101Fileindex.cgipredictiveMedium
102Fileindex.phppredictiveMedium
103Fileinit.inc.phppredictiveMedium
104FileintervalCheck.jsppredictiveHigh
105Fileiptc.cpredictiveLow
106Fileitem.asppredictiveMedium
107FileItemReview.phppredictiveHigh
108Fileitems.cpredictiveLow
109Fileitems.queries.phppredictiveHigh
110Fileitem_show.phppredictiveHigh
111FileJBIG2Stream.ccpredictiveHigh
112FilejeecgFormDemoController.do?commonUploadpredictiveHigh
113Filejfinal_cms/admin/filemanager/listpredictiveHigh
114Filejpgraph.phppredictiveMedium
115Filekbdint.cpredictiveMedium
116Filekernel/events/core.cpredictiveHigh
117Filekernel/exit.cpredictiveHigh
118Filekernel/trace/trace_events_filter.cpredictiveHigh
119FilelaunchdpredictiveLow
120Filelibnvmmlite_video.sopredictiveHigh
121Filelibr/asm/asm.cpredictiveHigh
122FileLogin.phppredictiveMedium
123Filemachine.aspxpredictiveMedium
124Filemain/scala/authentikat/jwt/JsonWebToken.scalapredictiveHigh
125Filemisc/apr_rmm.cpredictiveHigh
126Filemm/mempolicy.cpredictiveHigh
127Filemm/oom_kill.cpredictiveHigh
128Filemod1/index.phppredictiveHigh
129Filemodel/__show_info.phppredictiveHigh
130Filemodules/m_sasl.cpredictiveHigh
131FileNativeNfcManager.cpppredictiveHigh
132Filenet/ipv4/datagram.cpredictiveHigh
133Filenet/ipv4/inet_connection_sock.cpredictiveHigh
134Filenet/packet/af_packet.cpredictiveHigh
135Filenet/tipc/crypto.cpredictiveHigh
136Fileopenjp2/pi.cpredictiveMedium
137Fileorderdetails.aspxpredictiveHigh
138Filepages_system_settings.phppredictiveHigh
139Filephpinfo.phppredictiveMedium
140FilePingIframeRpm.htmpredictiveHigh
141Fileplayer.asppredictiveMedium
142Fileplugins\meta_engine\libfolder_plugin.dllpredictiveHigh
143Fileprod.phppredictiveMedium
144Fileprog/htmlviewer.cpredictiveHigh
145Fileproxy.cgipredictiveMedium
146Filepublic/index.php/homepredictiveHigh
147Filepublic/index.php/home/membersnsfriend/findlist.htmlpredictiveHigh
148FileQueryComponentRendererValue!Default.jspapredictiveHigh
149FileRecentLocationApps.javapredictiveHigh
150Fileregister/check/username?usernamepredictiveHigh
151Fileregistration_detailed.inc.phppredictiveHigh
152Filereport.cgipredictiveMedium
153Filereports_mta_queue_status.htmlpredictiveHigh
154Filerss.phppredictiveLow
155Filesapi/cgi/cgi_main.cpredictiveHigh
156Filesecure_img_render.phppredictiveHigh
157Fileserver_databases.phppredictiveHigh
158Filesetenv.shpredictiveMedium
159Filesetup/index.phppredictiveHigh
160Fileshop.cgipredictiveMedium
161Fileshop.phppredictiveMedium
162Fileshop_display_products.phppredictiveHigh
163Fileshowcat.phppredictiveMedium
164FileSimpleDecodingSource.cpppredictiveHigh
165Filesoftware-description.phppredictiveHigh
166Filesvox_ssml_parser.cpppredictiveHigh
167FileSystemEvent.jsppredictiveHigh
168Filesystem_log.cgipredictiveHigh
169Filetest_presenter.phppredictiveHigh
170Filetls1.cpredictiveLow
171Fileui/artifact/uploadpredictiveHigh
172Fileupgrade_handle.phppredictiveHigh
173Fileusers.phppredictiveMedium
174Fileview/ProductsView.phppredictiveHigh
175FileViewItem.phppredictiveMedium
176Fileview_all_bug_page.phppredictiveHigh
177FileWealthT24/GetImagepredictiveHigh
178Filewelcome.phppredictiveMedium
179Filewp-login.phppredictiveMedium
180Filewww/content/lessons/"lessonpredictiveHigh
181File~/admin/vendor/datatables/examples/resources/examples.phppredictiveHigh
182LibraryAeXNSPkgDLLib.dllpredictiveHigh
183LibraryATIDXX64.DLLpredictiveMedium
184LibraryENCDEC.DLLpredictiveMedium
185Libraryfilmfd.syspredictiveMedium
186Libraryfs/ncpfs/ncplib_kernel.cpredictiveHigh
187Libraryigcore19d.dllpredictiveHigh
188LibraryLib/DocXMLRPCServer.pypredictiveHigh
189Librarylib/MongoLite/Database.phppredictiveHigh
190Librarylib/rrd.phppredictiveMedium
191Librarylib/session.cls.phppredictiveHigh
192LibraryMonitor_win7_x64.syspredictiveHigh
193LibraryMonitor_x86.syspredictiveHigh
194LibraryPROCOBSRVESX.SYSpredictiveHigh
195Librarywsdk-driver.syspredictiveHigh
196Argument$linepredictiveLow
197Argument$_SERVER['QUERY_STRING']predictiveHigh
198Argument%spredictiveLow
199Argument-apredictiveLow
200ArgumentagentidpredictiveLow
201ArgumentapppredictiveLow
202ArgumentAUTHENTICATEpredictiveMedium
203ArgumentbasePathpredictiveMedium
204ArgumentbauthpredictiveLow
205ArgumentbookidpredictiveLow
206ArgumentcatpredictiveLow
207ArgumentcategoriesIdpredictiveMedium
208Argumentcategory_idpredictiveMedium
209ArgumentcatidpredictiveLow
210Argumentcat_idpredictiveLow
211Argumentccp_actpredictiveLow
212ArgumentcharsetpredictiveLow
213ArgumentcidpredictiveLow
214Argumentcode_nopredictiveLow
215ArgumentconfigFilepredictiveMedium
216ArgumentcontentpredictiveLow
217ArgumentContent-LengthpredictiveHigh
218ArgumentCPG_M_DIRpredictiveMedium
219ArgumentCustidpredictiveLow
220Argumentdata3predictiveLow
221Argumentdescription/expenses/tasks/customerpredictiveHigh
222ArgumentdirpredictiveLow
223ArgumentdocDownloadPath/uploadLocationpredictiveHigh
224ArgumenterrpredictiveLow
225ArgumentfidpredictiveLow
226ArgumentfilepredictiveLow
227ArgumentfilenamepredictiveMedium
228ArgumentfromName/messagepredictiveHigh
229ArgumentgopredictiveLow
230Argumentgroup/homePostalCodepredictiveHigh
231ArgumentgroupspredictiveLow
232ArgumentHOSTpredictiveLow
233ArgumenthostnamepredictiveMedium
234ArgumentidpredictiveLow
235ArgumentipAddrpredictiveLow
236ArgumentIP addresspredictiveMedium
237ArgumentItemIDpredictiveLow
238ArgumentItemNumpredictiveLow
239Argumentitem_idpredictiveLow
240Argumentl/dl/delpredictiveMedium
241ArgumentlangpredictiveLow
242ArgumentlangID/idpredictiveMedium
243ArgumentlayoutpredictiveLow
244ArgumentlngpredictiveLow
245ArgumentlocationpredictiveMedium
246ArgumentmapTitlepredictiveMedium
247ArgumentmlspredictiveLow
248ArgumentmosConfig_absolute_pathpredictiveHigh
249ArgumentnamepredictiveLow
250ArgumentOrderIDpredictiveLow
251ArgumentpagepredictiveLow
252ArgumentpasswordpredictiveMedium
253ArgumentPasswordpredictiveMedium
254Argumentpattern_0predictiveMedium
255Argumentphpbb_root_pathpredictiveHigh
256ArgumentprioritypredictiveMedium
257ArgumentprodidpredictiveLow
258Argumentqb_pathpredictiveLow
259ArgumentreasonpredictiveLow
260ArgumentredirectpredictiveMedium
261Argumentredirect_uripredictiveMedium
262ArgumentRefererpredictiveLow
263ArgumentrefererpredictiveLow
264ArgumentreferrerpredictiveMedium
265ArgumentresourceNamepredictiveMedium
266ArgumentrootpathpredictiveMedium
267ArgumentsbppredictiveLow
268ArgumentsearchpredictiveLow
269ArgumentsearchidpredictiveMedium
270Argumentset_depthpredictiveMedium
271ArgumentsidpredictiveLow
272ArgumentsitepredictiveLow
273Argumentsms_contentpredictiveMedium
274ArgumentsortpredictiveLow
275Argumentsort_bypredictiveLow
276ArgumentsrcpredictiveLow
277ArgumentSwfilepredictiveLow
278Argumentsys_namepredictiveMedium
279Argumenttournament_idpredictiveHigh
280Argumenttpldir/filename/type/nidpredictiveHigh
281Argumentunique_idpredictiveMedium
282ArgumentupfilepredictiveLow
283ArgumentuploaddirpredictiveMedium
284Argumentup_auto_logpredictiveMedium
285ArgumenturlpredictiveLow
286ArgumentuselangpredictiveLow
287ArgumentuseridpredictiveLow
288ArgumentusernamepredictiveMedium
289Argumentuser_idpredictiveLow
290ArgumentwdpredictiveLow
291Argumentyear/month/hostpredictiveHigh
292Argument\prodid\predictiveMedium
293Argument_receiverspredictiveMedium
294Input Value%0a/%0dpredictiveLow
295Input Value-spredictiveLow
296Input Value./../../../predictiveMedium
297Input Value1" onmouseover=prompt(947671) bad="predictiveHigh
298Input Value</script><script>alert(1)</script>predictiveHigh
299Input Value<ScRiPt >alert(991)</ScRiPt>predictiveHigh
300Input Valuewelc0mepredictiveLow
301Input Value\x3D../../../../etc/passwdpredictiveHigh
302Network Port8888predictiveLow
303Network Porttcp/80 (Web Services)predictiveHigh
304Network Porttcp/873predictiveLow
305Network Porttcp/6200predictiveMedium

References (5)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!