Arid Viper Análisis

IOB - Indicator of Behavior (400)

Cronología

Idioma

en372
ru12
pl6
fr4
sv2

País

us354
ru14
de6
pl6
gb4

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

nginx6
PHP4
Node.js2
Thomas R. Pasawicz HyperBook Guestbook2
Open-school2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConCTIEPSSCVE
1jforum User escalada de privilegios5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00289CVE-2019-7550
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgación de información5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
3DZCP deV!L`z Clanportal config.php escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.360.00943CVE-2010-0966
4Dreaxteam Xt-News add_comment.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.020.00599CVE-2006-6746
5Enigma2 Coppermine Bridge e2_header.inc.php escalada de privilegios9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000.10026CVE-2006-6864
6IBM WebSphere Service Registry/Repository Access Restriction escalada de privilegios4.34.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.00162CVE-2014-6160
7Big Webmaster Big Webmaster Guestbook Script addguest.cgi cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00615CVE-2006-2231
8LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.330.00000
9Joomla CMS remember.php escalada de privilegios5.44.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000.03044CVE-2013-3242
10Joomla CMS Media Manager directory traversal8.58.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.040.91689CVE-2019-10945
11Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.870.00000
12Apple macOS autenticación débil5.65.4$5k-$25k$0-$5kHighOfficial Fix0.020.02181CVE-2023-41991
13Oracle Java SE JSSE vulnerabilidad desconocida7.47.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.00119CVE-2023-21930
14ICQ fetch escalada de privilegios10.09.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00346CVE-2011-0487
15WebP Converter for Media Plugin passthru.php Redirect4.94.7$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00106CVE-2021-25074
16CasaOS API escalada de privilegios5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00839CVE-2022-24193
17jQuery cross site scripting4.33.8$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00306CVE-2011-4969
18Oracle Retail Central Office Security cross site scripting6.26.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00384CVE-2021-41184
19InsydeH2O SMM HandleProtocol denegación de servicio5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2021-41839
20PHP zip Extension php_zip.c desbordamiento de búfer9.89.3$25k-$100kCalculadorProof-of-ConceptOfficial Fix0.030.06326CVE-2016-5773

Campañas (1)

These are the campaigns that can be associated with the actor:

  • Hamas

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (50)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/forum/away.phppredictiveAlto
2Fileaddguest.cgipredictiveMedio
3Fileadd_comment.phppredictiveAlto
4Fileadmin/index.phppredictiveAlto
5Fileapi_jsonrpc.phppredictiveAlto
6Filecloud.phppredictiveMedio
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
8Filexx_xxxxxx.xxx.xxxpredictiveAlto
9Filexxxxxx/xxx/xxxxxxx.xxxpredictiveAlto
10Filexxxxx.xxxpredictiveMedio
11Filexxxxx/xxxxx_xxxxx_xpredictiveAlto
12Filexxxxxx.xpredictiveMedio
13Filexx.xxxpredictiveBajo
14Filexxxx/xxx_xxxx_xxxxx.xpredictiveAlto
15Filexxx/xxxxxx.xxxpredictiveAlto
16Filexxxxx.xxxpredictiveMedio
17Filexxxxxxxxxxx.xxxpredictiveAlto
18Filexxxxxx/xxxxxx/xxxx.xpredictiveAlto
19Filexxxxxxxx.xxxpredictiveMedio
20Filexxxxxxx_xxx.xxxpredictiveAlto
21Filexxxxx/xxxxx.xxx.xxxpredictiveAlto
22Filexxxxxxxx.xxxpredictiveMedio
23Filexxx_xxx.xpredictiveMedio
24Filexxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveAlto
25Filexxxxxxxxxxxx.xxxpredictiveAlto
26Filexxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveAlto
27Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveAlto
28Filexxx.xpredictiveBajo
29Filexxxx-xxxx.xpredictiveMedio
30Filexxxxx/xxxxxxxx.xxxpredictiveAlto
31Filexx/xx/xxxxxpredictiveMedio
32ArgumentxxxxxxxxpredictiveMedio
33ArgumentxxxxxxxxpredictiveMedio
34ArgumentxxxxxxxxxxpredictiveMedio
35Argumentxxxxxxxxxxxx/xxxxxxxpredictiveAlto
36Argumentxxxx/xxxxpredictiveMedio
37ArgumentxxxxxxxxxpredictiveMedio
38Argumentxxxx_xxxpredictiveMedio
39ArgumentxxxxxxpredictiveBajo
40ArgumentxxxxxxxxxxxpredictiveMedio
41Argumentxxx_xxxx_xxxxxxxxpredictiveAlto
42Argumentxxxxx xxxx/xxxx xxxxpredictiveAlto
43ArgumentxxxxxxpredictiveBajo
44ArgumentxxpredictiveBajo
45Argumentxx_xxxxpredictiveBajo
46Argumentxxxx_xxxpredictiveMedio
47ArgumentxxxxxxxxpredictiveMedio
48Argumentxxxxxxx_xxxxx_xxxxx_xxxxxxx=xxxxxpredictiveAlto
49Argumentxxxxxxxx_xxxpredictiveMedio
50ArgumentxxxpredictiveBajo

Referencias (4)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!