GALLIUM Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (238)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	164
zh	46
ru	10
es	6
pt	6

Country

cn	70
us	62
hk	46
ru	26
pt	6

Actors

PingPull	18
Cobalt Strike	6
TrickBot	4
RedLine Stealer	2
Mirai	2

Activities

Interest

Timeline

Type

Not Defined	94
Content Management System	20
Operating System	14
Groupware Software	10
WordPress Plugin	8

Vendor

Not Defined	96
Microsoft	14
Apache	8
Oracle	6
Linux	6

Product

Linux Kernel	6
FreeBSD	4
Microsoft Windows	4
Microsoft Exchange Server	4
HGiga OAKlouds Mobile Portal	4

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	CTI	EPSS	CVE
1	Synacor Zimbra Collaboration mboximport pathname traversal	4.7	4.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.96738	CVE-2022-27925
2	Joomla CMS com_easyblog sql injection	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.54	0.00000
3	HP Router/Switch SNMP information disclosure	3.7	3.4	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.04	0.00285	CVE-2012-3268
4	Apache Struts ExceptionDelegator input validation	8.8	8.4	$5k-$25k	$0-$5k	High	Official Fix	0.03	0.15639	CVE-2012-0391
5	Schneider Electric Vijeo Designer path traversal	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.00173	CVE-2021-22704
6	Tiki Admin Password tiki-login.php improper authentication	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	4.87	0.00786	CVE-2020-15906
7	MGB OpenSource Guestbook email.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.70	0.03468	CVE-2007-0354
8	Hscripts PHP File Browser Script index.php path traversal	5.9	5.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.07	0.00190	CVE-2018-16549
9	Laravel Framework Token Encrypter.php decrypt deserialization	6.8	6.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.14422	CVE-2018-15133
10	Laravel Image Upload ValidatesAttributes.php unrestricted upload	5.5	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.01231	CVE-2021-43617
11	Telerik Progress UI for ASP.NET AJAX Telerik.Web.UI inadequate encryption	8.5	8.2	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.03	0.10806	CVE-2017-11317
12	Microsoft IIS IP/Domain Restriction access control	6.5	5.7	$25k-$100k	$0-$5k	Unproven	Official Fix	0.48	0.00817	CVE-2014-4078
13	DHIS 2 API Endpoint trackedEntityInstances sql injection	7.7	7.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.00087	CVE-2021-41187
14	ArcGIS Server sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06	0.00072	CVE-2021-29099
15	Microsoft Windows Win32k Privilege Escalation	8.3	7.7	$100k and more	$0-$5k	Functional	Official Fix	0.04	0.00153	CVE-2021-40449
16	Boa Webserver GET wapopen path traversal	6.4	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.48044	CVE-2017-9833
17	Piwik Factory.php path traversal	5.1	4.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.07	0.02311	CVE-2015-7815
18	Sphinx missing authentication	7.4	7.2	$0-$5k	$0-$5k	Not Defined	Workaround	0.04	0.00743	CVE-2019-14511
19	OpenCart download.php editDownload path traversal	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	0.00121	CVE-2018-11495
20	vBulletin moderation.php sql injection	7.3	7.0	$0-$5k	$0-$5k	High	Official Fix	0.10	0.00284	CVE-2016-6195

Campaigns (1)

These are the campaigns that can be associated with the actor:

PingPull

IOC - Indicator of Compromise (127)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	2.58.242.229	242-58-2-229.hostinginside.com	GALLIUM		06/22/2022	verified	High
2	2.58.242.230	242-58-2-230.hostinginside.com	GALLIUM		06/22/2022	verified	High
3	2.58.242.231	242-58-2-231.hostinginside.com	GALLIUM		06/22/2022	verified	High
4	2.58.242.232	242-58-2-232.hostinginside.com	GALLIUM		06/22/2022	verified	High
5	2.58.242.235	242-58-2-235.hostinginside.com	GALLIUM		06/22/2022	verified	High
6	2.58.242.236	242-58-2-236.hostinginside.com	GALLIUM		06/22/2022	verified	High
7	5.8.71.97	goodluck23.jp.us	GALLIUM	PingPull	06/22/2022	verified	High
8	5.181.25.55	vps76.example.com	GALLIUM	PingPull	06/22/2022	verified	High
9	5.188.33.237	firman00467.example.com	GALLIUM		06/22/2022	verified	High
10	37.61.229.104	theodore974.example.com	GALLIUM		06/22/2022	verified	High
11	37.61.229.106	oliver7891.example.com	GALLIUM		06/22/2022	verified	High
12	43.254.218.43		GALLIUM		06/22/2022	verified	High
13	43.254.218.57		GALLIUM		06/22/2022	verified	High
14	43.254.218.98		GALLIUM		06/22/2022	verified	High
15	43.254.218.104		GALLIUM		06/22/2022	verified	High
16	43.254.218.114		GALLIUM		06/22/2022	verified	High
17	45.14.66.230	45.14.66.230.static.xtom.com	GALLIUM		06/22/2022	verified	High
18	45.76.113.163	45.76.113.163.vultrusercontent.com	GALLIUM		06/22/2022	verified	High
19	45.116.13.153	45.116.13.153.static.xtom.hk	GALLIUM		06/22/2022	verified	High
20	45.121.50.230		GALLIUM		06/22/2022	verified	High
21	45.128.221.61		GALLIUM		06/22/2022	verified	High
22	45.128.221.66		GALLIUM		06/22/2022	verified	High
23	45.128.221.169		GALLIUM		06/22/2022	verified	High
24	45.128.221.172		GALLIUM		06/22/2022	verified	High
25	45.128.221.182		GALLIUM		06/22/2022	verified	High
26	45.128.221.186		GALLIUM		06/22/2022	verified	High
27	XX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
28	XX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
29	XX.XXX.XXX.XXX	xx.xxx.xxx.xxx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
30	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
31	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
32	XX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
33	XX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
34	XX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
35	XX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
36	XX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
37	XX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
38	XX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
39	XX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
40	XX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
41	XX.XXX.XXX.XX	xxxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
42	XX.XX.XX.XX	xxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
43	XX.XX.XXX.XXX	xx--xxx-xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
44	XX.XX.XXX.XXX	xx--xxxx-xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
45	XX.XX.XXX.XX	xxxx.xxx	Xxxxxxx	Xxxxxxxx	06/22/2022	verified	High
46	XX.XX.XXX.XXX	xxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
47	XX.XX.XXX.XX	xxxx.xxxx	Xxxxxxx		06/22/2022	verified	High
48	XX.XX.XXX.XXX	xxxxxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
49	XX.XX.XXX.XXX	xxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
50	XX.XX.XXX.XXX	xxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
51	XX.XX.XXX.XX	xxxxxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
52	XX.XXX.XX.XX	xxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
53	XX.XXX.XX.XXX	xxxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
54	XX.XXX.XX.XX	xxxx.xx	Xxxxxxx		06/22/2022	verified	High
55	XX.XXX.XX.XXX	xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
56	XX.XXX.XX.XXX	xxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
57	XX.XXX.XX.XXX	xxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
58	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
59	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
60	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
61	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
62	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
63	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
64	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
65	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
66	XXX.XX.XXX.XXX	xxxx.xxxxxxx.xx	Xxxxxxx		06/22/2022	verified	High
67	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
68	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
69	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
70	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
71	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
72	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
73	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
74	XXX.XX.XX.XX		Xxxxxxx		06/22/2022	verified	High
75	XXX.XX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
76	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
77	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
78	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
79	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
80	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
81	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
82	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
83	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
84	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
85	XXX.XXX.XXX.XX	xxx.xxx.xxx.xx.xxxxxxxx.xx	Xxxxxxx		06/22/2022	verified	High
86	XXX.XXX.XXX.XX	xxx.xxx.xxx.xx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
87	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
88	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
89	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
90	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
91	XXX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
92	XXX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
93	XXX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High
94	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
95	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
96	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
97	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
98	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
99	XXX.XXX.XXX.XX	xxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
100	XXX.XXX.XXX.XXX	xxxx.xx	Xxxxxxx		06/22/2022	verified	High
101	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
102	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
103	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
104	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
105	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
106	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
107	XXX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
108	XXX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
109	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
110	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
111	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
112	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
113	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
114	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
115	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
116	XXX.XXX.XX.XXX	xxx.xxx.xx.xxx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
117	XXX.XXX.XXX.XXX	xxxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
118	XXX.XXX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
119	XXX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
120	XXX.XXX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
121	XXX.XXX.XXX.XXX	xxxxxxxxxx.xxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
122	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xxxxxx.xxxx.xxx	Xxxxxxx		06/22/2022	verified	High
123	XXX.XX.XXX.XXX		Xxxxxxx		06/22/2022	verified	High
124	XXX.XX.XXX.XX	xxxx.xxx.xx.xxx.xx.xxxxxxxxxxx.xxx	Xxxxxxx		06/22/2022	verified	High
125	XXX.XX.XXX.XX		Xxxxxxx		06/22/2022	verified	High
126	XXX.XXX.XX.XX		Xxxxxxx		06/22/2022	verified	High
127	XXX.XXX.XX.XXX		Xxxxxxx		06/22/2022	verified	High

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CWE-21, CWE-22, CWE-23	Pathname Traversal	predictive	High
2	T1055	CWE-74	Injection	predictive	High
3	T1059	CWE-94	Cross Site Scripting	predictive	High
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	High
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	X2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx Xxxxxxx	predictive	High
6	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
8	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
9	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
10	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	High
11	TXXXX	CWE-XXX, CWE-XXX	Xxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxx	predictive	High
12	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxx	predictive	High
13	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
14	TXXXX	CWE-XXX	Xxxxxxxxxxxxx	predictive	High
15	TXXXX.XXX	CWE-XX	Xxxxxxxxxxxxx	predictive	High
16	TXXXX	CWE-XXX, CWE-XXX	X2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxx	predictive	High
17	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	High
18	TXXXX.XXX	CWE-XXX	Xxxxxxxxxxxx Xxxxxx	predictive	High

IOA - Indicator of Attack (109)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/api/trackedEntityInstances	predictive	High
2	File	/cgi-bin/portal	predictive	High
3	File	/cgi-bin/wapopen	predictive	High
4	File	/index.php	predictive	Medium
5	File	/Items/*/RemoteImages/Download	predictive	High
6	File	/members/view_member.php	predictive	High
7	File	/mifs/c/i/reg/reg.html	predictive	High
8	File	/owa/auth/logon.aspx	predictive	High
9	File	/service/upload	predictive	High
10	File	/SSOPOST/metaAlias/%realm%/idpv2	predictive	High
11	File	/uncpath/	predictive	Medium
12	File	adclick.php	predictive	Medium
13	File	administrator/components/com_media/helpers/media.php	predictive	High
14	File	xxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxx	predictive	High
15	File	xxx/xxx.xxx	predictive	Medium
16	File	xxx-xxxx.xxx	predictive	Medium
17	File	xxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxx	predictive	High
18	File	xxxx/xxxxxxxxxxxxx/xxxxxxx.xxx	predictive	High
19	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
20	File	xxxx_xxxxx.xxx	predictive	High
21	File	xxxxxx.xxx	predictive	Medium
22	File	xxxxx.xxx	predictive	Medium
23	File	xxxxxxxxxxx/xxxx-xxxxxx-xxxxxx.xxx	predictive	High
24	File	xxx/xxxx/xxxx.x	predictive	High
25	File	xxxxxxxxxx.xxx	predictive	High
26	File	xxxxxxxxx.xxx	predictive	High
27	File	xxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxx	predictive	High
28	File	xxxxx.xxxx	predictive	Medium
29	File	xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxx	predictive	High
30	File	xxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxx	predictive	High
31	File	xxx/xxxxxx.xxx	predictive	High
32	File	xxxxxxxx/xxxxx-xx-xxxxxxxxx.xxx	predictive	High
33	File	xxxxx.xxx	predictive	Medium
34	File	xxxxxx.xxx	predictive	Medium
35	File	xxxxxxx/xxxx_xxxxxxxxxx.xxx	predictive	High
36	File	xxxxxxxx/xx/xxxx.xx	predictive	High
37	File	xxxxxxxxxxxxxx.xxx	predictive	High
38	File	xxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxx	predictive	High
39	File	xxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxx	predictive	High
40	File	xxx/xxxxxxxxx/x_xxxxxx.x	predictive	High
41	File	xxx/xxxxx	predictive	Medium
42	File	xxx_xxxx.xxx	predictive	Medium
43	File	xxxxx.xxx	predictive	Medium
44	File	xxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]	predictive	High
45	File	xxxx.xxx	predictive	Medium
46	File	xxxxxxxxxx.xxx	predictive	High
47	File	xxxxxxxxxxxxxxx.xxxx	predictive	High
48	File	xxxxxx	predictive	Low
49	File	xxxxx/xxxxxxxxxxxx/xxxxxxx/xxx.xxxx	predictive	High
50	File	xxxxxxxx/xxxxxxx-xxxxxx	predictive	High
51	File	xxxx-xxxxx.xxx	predictive	High
52	File	xxx.x	predictive	Low
53	File	xxxx.xxx	predictive	Medium
54	File	xxxxxx.xxx	predictive	Medium
55	File	xxxx/xxxxxxxx/xxxxxxxx.xxxx	predictive	High
56	File	xxxxx/xxxxx.xx	predictive	High
57	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	High
58	Library	/_xxx_xxx/xxxxx.xxx	predictive	High
59	Library	xxx/xxxxxx.x	predictive	Medium
60	Library	xxx/xxxxx/xxx/xxx_xx.xx	predictive	High
61	Library	xxxx/xxx.xxx	predictive	Medium
62	Argument	xxxxxxxxx	predictive	Medium
63	Argument	xxxxxxxx	predictive	Medium
64	Argument	xxxxxxxxxxxxxxx	predictive	High
65	Argument	xxxxxxxxx	predictive	Medium
66	Argument	xxxxxxxxxxxxxxxx	predictive	High
67	Argument	xxxx	predictive	Low
68	Argument	xxxxxxx	predictive	Low
69	Argument	xxxx	predictive	Low
70	Argument	xxxxxxxxxx	predictive	Medium
71	Argument	xx_xx	predictive	Low
72	Argument	xxxx	predictive	Low
73	Argument	xx	predictive	Low
74	Argument	xxxxxxxx	predictive	Medium
75	Argument	xxxxxxxxx	predictive	Medium
76	Argument	xxxx xxxxxxx	predictive	Medium
77	Argument	xxxx	predictive	Low
78	Argument	xxxx	predictive	Low
79	Argument	xxx	predictive	Low
80	Argument	xxx	predictive	Low
81	Argument	xxxxxxx	predictive	Low
82	Argument	xxxxx	predictive	Low
83	Argument	xxxxx_xx	predictive	Medium
84	Argument	xxxxxx_xx	predictive	Medium
85	Argument	xxxxxxxx	predictive	Medium
86	Argument	xxxx	predictive	Low
87	Argument	xxxxxxx	predictive	Low
88	Argument	xxxxxxxxx	predictive	Medium
89	Argument	xxxxxx	predictive	Low
90	Argument	xxxxxx	predictive	Low
91	Argument	xxxxxxxxxxx	predictive	Medium
92	Argument	xxxxxxxxx	predictive	Medium
93	Argument	xxxxxxxx[xxxx]	predictive	High
94	Argument	xxx	predictive	Low
95	Argument	xx	predictive	Low
96	Argument	xxx	predictive	Low
97	Argument	xxx	predictive	Low
98	Argument	xxxxxxxx	predictive	Medium
99	Argument	xxxxxxxxxxxxx	predictive	High
100	Argument	x-xxxxxxxxx-xxxxxx	predictive	High
101	Argument	x-xxxx-xxxxx	predictive	Medium
102	Argument	_xxxxxxx	predictive	Medium
103	Input Value	.%xx.../.%xx.../	predictive	High
104	Input Value	../	predictive	Low
105	Input Value	../..	predictive	Low
106	Input Value	xxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]	predictive	High
107	Input Value	xxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxx	predictive	High
108	Network Port	xxx/xxx (xxxx)	predictive	High
109	Network Port	xxx xxxxxx xxxx	predictive	High

References (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!