Big Head تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (69)

اللغة

en	70

البلد

tr	70

الفاعلين

Big Head	1

الاهتمام

النوع

Not Defined	24
Operating System	6
Content Management System	4
WordPress Plugin	4
Smartphone Operating System	4

المجهز

Not Defined	22
Linux	4
Microsoft	4
Rocklobster	2
CodeBard	2

منتج

Linux Kernel	4
WordPress	2
Rocklobster Contact Form 7	2
CodeBard Patron Button and Widgets for Patreon Plu ...	2
Google Chrome	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	EPSS	CTI	CVE
1	Google Chrome WebRTC تلف الذاكرة	6.3	6.0	$25k-$100k	$5k-$25k	High	Official Fix	0.01152	0.03	CVE-2022-2294
2	nginx تجاوز الصلاحيات	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	1.22	CVE-2020-12440
3	Telegram الكشف عن المعلومات	4.9	4.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00048	0.00	CVE-2021-27205
4	Joget Workflow account_new تجاوز الصلاحيات	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00091	0.03	CVE-2019-14352
5	KLog Server authenticate.php تجاوز الصلاحيات	5.5	5.2	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.95163	0.04	CVE-2020-35729
6	Havelsan Dialogue ACL تجاوز الصلاحيات	8.3	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00087	0.00	CVE-2024-3375
7	Nagios XI monitoringwizard.php حقن إس كيو إل	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00043	0.04	CVE-2024-24401
8	Microsoft Windows تجاوز الصلاحيات	10.0	9.5	$100k أو أكثر	$0-$5k	Not Defined	Official Fix	0.82212	0.00	CVE-2009-2512
9	Python SimpleHTTPServer Module SimpleHTTPServer.py list_directory سكربتات مشتركة	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00422	0.04	CVE-2011-4940
10	CKeditor Paste سكربتات مشتركة	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00123	0.03	CVE-2018-17960
11	CKEditor4 Advanced Content Filter سكربتات مشتركة	5.7	5.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00448	0.03	CVE-2021-41164
12	OpenSSH توثيق ضعيف	7.3	7.3	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.02241	0.03	CVE-2010-4478
13	MikroTik RouterOS Web Server تلف الذاكرة	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00045	0.03	CVE-2023-30800
14	Microsoft .NET Framework Array Copy تلف الذاكرة	7.3	7.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.24098	0.04	CVE-2015-2504
15	CodeBard Patron Button and Widgets for Patreon Plugin سكربتات مشتركة	5.6	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00046	0.00	CVE-2023-30491
16	phpBB Error Message memberlist.php تجاوز الصلاحيات	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01803	0.03	CVE-2006-2219
17	WordPress REST API class-wp-rest-users-controller.php الكشف عن المعلومات	5.3	5.1	$5k-$25k	$0-$5k	Functional	Official Fix	0.87410	0.00	CVE-2017-5487
18	Ovidentia CMS index.php حقن إس كيو إل	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00089	0.04	CVE-2021-29343
19	Zoho ManageEngine Desktop Central MSP DLL dcinventory.exe تجاوز الصلاحيات	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00102	0.00	CVE-2020-9367
20	Apple macOS Bluetooth تلف الذاكرة	4.4	4.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00062	0.00	CVE-2022-42854

IOC - Indicator of Compromise (20)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	13.107.21.200		Big Head	10/08/2023	verified	عالي
2	20.99.133.109		Big Head	10/08/2023	verified	عالي
3	20.99.184.37		Big Head	10/08/2023	verified	عالي
4	23.41.86.106	a23-41-86-106.deploy.static.akamaitechnologies.com	Big Head	10/08/2023	verified	عالي
5	XX.XX.XX.XXX	xxx-xx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
6	XX.XX.XXX.XXX	xxx-xx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
7	XX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
8	XX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
9	XX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
10	XX.XXX.XX.XX	xx.xx.xxx.xx.xxx.xxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
11	XXX.XX.XXX.XX	xxxx-xx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
12	XXX.XXX.XXX.XXX	xxxx-xxx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
13	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx-xxx.xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
14	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx-xxx.xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
15	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx-xxx.xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
16	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx-xxx.xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
17	XXX.XX.XXX.XXX	xx-xxx-xx-xxx-xxx-xxx.xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي
18	XXX.XXX.X.X		Xxx Xxxx	10/08/2023	verified	عالي
19	XXX.XXX.XXX.XXX		Xxx Xxxx	10/08/2023	verified	عالي
20	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxx Xxxx	10/08/2023	verified	عالي

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الفئة	الثغرات	متجه الوصول	النوع	الثقة
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	عالي
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	عالي
3	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	عالي
4	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
5	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	عالي
6	TXXXX	CAPEC-108	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	عالي
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
8	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
9	TXXXX	CAPEC-38	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	عالي
10	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
11	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (36)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/alumni/admin/ajax.php?action=save_settings	predictive	عالي
2	File	/cwp_{SESSION_HASH}/admin/loader_ajax.php	predictive	عالي
3	File	actions/authenticate.php	predictive	عالي
4	File	admin/dashboard.php	predictive	عالي
5	File	college_website/admin/ajax.php?action=login	predictive	عالي
6	File	xxxxxxxxxx/xxx.xx	predictive	عالي
7	File	xxxxxxxxx/xxxxxxx/xxxx.xxx	predictive	عالي
8	File	xxxxxxxxxxx.xxx	predictive	عالي
9	File	xxxxxxxx/xxxxxxxx.x	predictive	عالي
10	File	xxx/xxxxxxx.xxx	predictive	عالي
11	File	xxxxxxx_xxxx_xxxxxx.xxx	predictive	عالي
12	File	xxxx_xxxxxxx.xxx.xxx	predictive	عالي
13	File	xxxxx.xxx	predictive	متوسط
14	File	xx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxx	predictive	عالي
15	File	xxxxxxxxxx.xxx	predictive	عالي
16	File	xxxxxxx/xxxx/xxxx_xxxx.xx	predictive	عالي
17	File	xxxxxxxxxxxxxxxx.xxx	predictive	عالي
18	File	xxx/xxxxxx/xx_xxxxxx.x	predictive	عالي
19	File	xxxxxxxxxxxxxxxx.xx	predictive	عالي
20	File	xxx/xxxxxxx.x	predictive	عالي
21	File	xxxxxxxxx.x	predictive	متوسط
22	File	xx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxx	predictive	عالي
23	File	\xxx\xxxxx_xxxxxxxxxxxx.xxx	predictive	عالي
24	Library	xxxxxxxx.xxx	predictive	متوسط
25	Argument	xxxxxxx xx/xxxxxxx xxxx	predictive	عالي
26	Argument	xxxxxxxxxxx	predictive	متوسط
27	Argument	xxxxxxxx	predictive	متوسط
28	Argument	xx	predictive	واطئ
29	Argument	xxxxxxxxxxxxxxx	predictive	عالي
30	Argument	xxxxxxxxx	predictive	متوسط
31	Argument	xxxx_xxxxxxx	predictive	متوسط
32	Argument	xxxx	predictive	واطئ
33	Argument	xxxx	predictive	واطئ
34	Input Value	xxxxxxxx	predictive	متوسط
35	Input Value	xxxx+x@!xxxx+	predictive	عالي
36	Pattern	() {	predictive	واطئ

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Interested in the pricing of exploits?

See the underground prices here!