Shiz Analysis

IOB - Indicator of Behavior (164)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en116
de42
zh2
es2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de42
us32
cn6
es4
vn2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

SourceCodester Online Exam System8
SourceCodester Lost and Found Information System6
Dnsmasq4
Google Android4
Samsung SmartThings Hub STH-ETH-2504

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1D-Link DIR-846 QoS POST deserialization8.88.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.030.00064CVE-2023-6580
2SourceCodester Online Exam System GET Parameter updateCourse.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00063CVE-2023-2642
3SourceCodester Online Internship Management System POST Parameter login.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.100.00063CVE-2023-2641
4OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment memory leak6.06.0$0-$5k$0-$5kNot DefinedOfficial Fix0.160.00052CVE-2023-2618
5OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeByteSegment null pointer dereference5.65.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.160.00052CVE-2023-2617
6SourceCodester Online Reviewer System GET Parameter user-update.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00077CVE-2023-2596
7SourceCodester Billing Management System POST Parameter ajax_service.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.180.00077CVE-2023-2595
8SourceCodester Food Ordering Management System Registration sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00090CVE-2023-2594
9SourceCodester Multi Language Hotel Management Software POST Parameter ajax.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00052CVE-2023-2565
10jja8 NewBingGoGo cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.170.00064CVE-2023-2560
11External Media without Import Plugin external-media-without-import.php print_media_new_panel cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.140.00052CVE-2017-20183
12SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.130.00063CVE-2023-2619
13PHP-Login POST Parameter class.loginscript.php checkLogin sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.130.00058CVE-2016-15031
14Dnsmasq Pending Request security check4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00378CVE-2020-25686
15RRJ Nueva Ecija Engineer Online Portal Quiz add_quiz.php cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00051CVE-2024-0190
16Apache ActiveMQ deserialization7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00126CVE-2022-41678
17D-Link DIR-846 HNAP1 Privilege Escalation8.07.9$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00577CVE-2023-33735
18PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.100.02101CVE-2007-1287
19DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.050.00954CVE-2010-0966
20Dnsmasq DNSSEC access control7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00284CVE-2017-15107

IOC - Indicator of Compromise (36)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
113.107.21.200Shiz11/06/2021verifiedHigh
213.107.22.200Shiz11/06/2021verifiedHigh
323.56.9.181a23-56-9-181.deploy.static.akamaitechnologies.comShiz11/06/2021verifiedHigh
423.253.126.58Shiz11/06/2021verifiedHigh
527.86.106.68mx01.au.comShiz05/11/2022verifiedHigh
635.229.93.4646.93.229.35.bc.googleusercontent.comShiz04/14/2022verifiedMedium
735.231.151.77.151.231.35.bc.googleusercontent.comShiz11/06/2021verifiedMedium
845.33.2.79li956-79.members.linode.comShiz11/06/2021verifiedHigh
9XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
10XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
11XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
12XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
13XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
14XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxXxxx11/06/2021verifiedHigh
15XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
16XX.XX.XXX.XXXxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
17XX.XX.XXX.XXxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
18XX.XX.XXX.XXXXxxx06/25/2022verifiedHigh
19XX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
20XXX.XXX.XXX.XXxxxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxx05/06/2022verifiedHigh
21XXX.XXX.XXX.XXXXxxx11/06/2021verifiedHigh
22XXX.XXX.XX.XXXx-xxxx.xx-xxxxxx.xxxXxxx11/06/2021verifiedHigh
23XXX.XX.XX.XXXxxx11/06/2021verifiedHigh
24XXX.XX.XX.XXXxxx11/06/2021verifiedHigh
25XXX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
26XXX.XXX.XXX.XXXXxxx05/06/2022verifiedHigh
27XXX.X.XXX.XXxxxxxx.xx.xxx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx05/11/2022verifiedHigh
28XXX.XX.XXX.XXXxxx05/06/2022verifiedHigh
29XXX.XXX.XXX.XXxxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx02/20/2023verifiedHigh
30XXX.XX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedHigh
31XXX.XXX.XX.XXXXxxx04/14/2022verifiedHigh
32XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxx04/14/2022verifiedHigh
33XXX.XX.XXX.XXXXxxx05/06/2022verifiedHigh
34XXX.XX.XXX.XXXxxx05/06/2022verifiedHigh
35XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx11/06/2021verifiedHigh
36XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx04/14/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (131)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.htpasswdpredictiveMedium
2File/admin/budget/manage_budget.phppredictiveHigh
3File/admin/edit_subject.phppredictiveHigh
4File/admin/save_teacher.phppredictiveHigh
5File/admin/service.phppredictiveHigh
6File/api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequestpredictiveHigh
7File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictiveHigh
8File/cas/logoutpredictiveMedium
9File/cgi-bin/nasset.cgipredictiveHigh
10File/changeimage.phppredictiveHigh
11File/dosen/datapredictiveMedium
12File/HNAP1predictiveLow
13File/HNAP1/predictiveLow
14File/index.php/weblinks-categoriespredictiveHigh
15File/jurusan/datapredictiveHigh
16File/kelas/datapredictiveMedium
17File/xxxxxxxxxx/xxxxpredictiveHigh
18File/xxx/xxxxx?xxxxx=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&xxxxx=xxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
19File/xxxxxxxxx/xxxxpredictiveHigh
20File/xxxx/xxxxx-xx-x/predictiveHigh
21File/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
22File/xxxxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxx/xxxx-xxxxxx.xxxpredictiveHigh
23File/xxxx_xxxxx.xxx?xxxxxxxxx=xxxxxxxpredictiveHigh
24File/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxxpredictiveHigh
25File/xxxxxxx/predictiveMedium
26File/xx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
27Filexxx_xxxx.xxxpredictiveMedium
28Filexxxxx/predictiveLow
29Filexxxxx/?xxxx=xxxxxxxxxx/xxxxxx_xxxxxxxxpredictiveHigh
30Filexxxxx/xxxxx.xxxpredictiveHigh
31Filexxxxx/xxxxxxxx_xxxxx_xxxx.xxxpredictiveHigh
32Filexxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxxx_xxx.xxx?xxxxxx=xxxpredictiveHigh
34Filexxxx.xxxpredictiveMedium
35Filexxxx_xxxxxxx.xxxpredictiveHigh
36Filexxxx/xxx/xx.xpredictiveHigh
37Filex:\xxxxxxxx.xxxpredictiveHigh
38Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictiveHigh
39Filexxx.xpredictiveLow
40Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxxxpredictiveHigh
41Filexxxxx.xxxpredictiveMedium
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxxxxxxxxx_xxxxxx.xxxpredictiveHigh
44Filexxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxxx-xxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxxx.xxxpredictiveHigh
47Filexx_xxxxxxx.xxxpredictiveHigh
48Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
49Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
50Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
51Filexxx/xxxxxx.xxxpredictiveHigh
52Filexxxxx.xxx?x=xxxxxxxxpredictiveHigh
53Filexxxxx/xxxx.xxxpredictiveHigh
54Filexxxxxx.xxpredictiveMedium
55Filexxxxx/xxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictiveHigh
56Filexxx_xxxx.xxxpredictiveMedium
57Filexxxxxx_xxxxxxx.xxxpredictiveHigh
58Filexxxxxx.xpredictiveMedium
59Filexxxxxx/xxxxxxx/xxxxxxx_xxx_xxxxxx_xxxxxx.xxxpredictiveHigh
60Filexxxxxxxx.xxxpredictiveMedium
61Filexxxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
62Filexxxxxxx.xpredictiveMedium
63Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
64Filexxxxxxx_xxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxxx_xxxx.xxxpredictiveHigh
66Filexxxxxx_xxxx.xxxpredictiveHigh
67Filexxxxxxxx.xxxpredictiveMedium
68Filexxxxx.xxxpredictiveMedium
69Filexxxxx/xxxx_xxxx.xxxpredictiveHigh
70Filexxxx_xxxxxx.xxxpredictiveHigh
71Filexxxxxx.xxxpredictiveMedium
72Filexxxxxxx.xxxxpredictiveMedium
73Filexxxx.xxpredictiveLow
74Library/xxxxxxxxxx.xxx.xxxpredictiveHigh
75Libraryxxx/xxxxxxxx.xxxpredictiveHigh
76Libraryxxxxx.xxxpredictiveMedium
77Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
78Argumentxxxxxxxx_xxxxpredictiveHigh
79ArgumentxxxxxxxxpredictiveMedium
80ArgumentxxxxxxpredictiveLow
81ArgumentxxxxxxxxpredictiveMedium
82ArgumentxxxxxxxxxxpredictiveMedium
83Argumentxx_xxpredictiveLow
84Argumentxxxxxx_xxpredictiveMedium
85Argumentxxxx_xxpredictiveLow
86Argumentxxxxxxx[x][xxxx]predictiveHigh
87Argumentxxxxxxxxx_xxxxpredictiveHigh
88Argumentxxxx_xxxxxxxxpredictiveHigh
89ArgumentxxxxxpredictiveLow
90Argumentxxxx_xxxxxxx_xxxxpredictiveHigh
91ArgumentxxxxxxxxpredictiveMedium
92ArgumentxxxxxxpredictiveLow
93Argumentxxxxxxxx/xxxxxxx/xxxxxxxpredictiveHigh
94ArgumentxxpredictiveLow
95ArgumentxxxxxpredictiveLow
96ArgumentxxxxxxxpredictiveLow
97ArgumentxxxxxxxxxxpredictiveMedium
98ArgumentxxxxpredictiveLow
99ArgumentxxxxxxpredictiveLow
100ArgumentxxxxxxpredictiveLow
101Argumentxxx_xxxxxxxxpredictiveMedium
102ArgumentxxxxpredictiveLow
103Argumentxxxxxxxxxxxxxxxxxx:xxxxxxxxxxxxxxxxpredictiveHigh
104ArgumentxxxxxxxxpredictiveMedium
105Argumentxxxx xxxxx/xxxx xxxxxxxxxxxpredictiveHigh
106ArgumentxxxxxxxpredictiveLow
107ArgumentxxxxxxxpredictiveLow
108Argumentxxxx/xxxxpredictiveMedium
109ArgumentxxxxpredictiveLow
110Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveHigh
111ArgumentxxxxxxpredictiveLow
112Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictiveHigh
113ArgumentxxxpredictiveLow
114Argumentxxx/xxxxx/xxxxx/xxxxxx/xxxx-xxxxpredictiveHigh
115ArgumentxxxxxxxxpredictiveMedium
116Argumentxxxxxxxx-xxxx-xxpredictiveHigh
117Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
118Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
119Argumentxxxx_xxpredictiveLow
120Input Value-xpredictiveLow
121Input Valuex%xx%xx%xxxxxxx%xxxxxxxx%xxxxxxxxxx%xxxxxx%xx%xxxxxxx_xxxxx%xx%xx--%xx%xxpredictiveHigh
122Input ValuexxxxxxpredictiveLow
123Input Value</xxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
124Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
125Input ValuexxxxxpredictiveLow
126Input ValuexxxxxxpredictiveLow
127Input Valuexxxxxxxxxx:xxxxxxxxxpredictiveHigh
128Pattern|xx|predictiveLow
129Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
130Network Portxxx/xxxxxpredictiveMedium
131Network Portxxx xxxxxx xxxxpredictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!