Dark Caracal Analyse

IOB - Indicator of Behavior (309)

Chronologie

Langue

en242
zh58
pl4
ru2
de2

De campagne

la192
cz34
cn30
us24
my16

Acteurs

Activités

Intérêt

Chronologie

Taper

Fournisseur

Produit

Revive Adserver6
Adobe ColdFusion6
WordPress6
Joomla CMS6
Ecommerce-CodeIgniter-Bootstrap4

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConCTIEPSSCVE
1Synacor Zimbra Collaboration mboximport directory traversal4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.96501CVE-2022-27925
2DEXT5 DEXT5Upload dext5handler.jsp elévation de privilèges8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.020.01228CVE-2020-13442
3DEXT5Upload dext5handler.jsp directory traversal4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00503CVE-2020-35362
4TikiWiki tiki-register.php elévation de privilèges7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix6.470.01009CVE-2006-6168
5Tiki Admin Password tiki-login.php authentification faible8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix2.480.00936CVE-2020-15906
6DZCP deV!L`z Clanportal config.php elévation de privilèges7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.580.00943CVE-2010-0966
7nginx elévation de privilèges6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
8FasterXML jackson-databind elévation de privilèges9.89.2$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00410CVE-2019-14540
9Liferay Portal elévation de privilèges9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00474CVE-2011-1571
10Drupal Sanitization API cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00056CVE-2020-13672
11LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.300.00000
12LiteSpeed Cache Plugin Shortcode cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00051CVE-2023-4372
13WebTitan Appliance Extensions Persistent cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
14ipTIME NAS-I Bulletin Manage elévation de privilèges7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00988CVE-2020-7847
15request-baskets API Request {name} elévation de privilèges6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000.05974CVE-2023-27163
16PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.02101CVE-2007-1287
17Microsoft Windows Scripting Engine Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.28182CVE-2021-34480
18DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd elévation de privilèges4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.070.00166CVE-2022-41479
19CodeIgniter old elévation de privilèges6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.06897CVE-2022-21647
20Basilix Webmail login.php3 elévation de privilèges7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00000

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-21, CWE-22Path TraversalpredictiveÉlevé
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveÉlevé
3T1059CWE-88, CWE-94Argument InjectionpredictiveÉlevé
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveÉlevé
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
6TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveÉlevé
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveÉlevé
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveÉlevé
9TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveÉlevé
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveÉlevé
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveÉlevé
13TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé
16TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveÉlevé
17TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveÉlevé
18TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveÉlevé

IOA - Indicator of Attack (143)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/admin/dl_sendmail.phppredictiveÉlevé
2File/api/baskets/{name}predictiveÉlevé
3File/api/v2/cli/commandspredictiveÉlevé
4File/apply.cgipredictiveMoyen
5File/dede/sys_sql_query.phppredictiveÉlevé
6File/DXR.axdpredictiveMoyen
7File/forum/away.phppredictiveÉlevé
8File/novel/bookSetting/listpredictiveÉlevé
9File/novel/userFeedback/listpredictiveÉlevé
10File/owa/auth/logon.aspxpredictiveÉlevé
11File/spip.phppredictiveMoyen
12File/usr/bin/pkexecpredictiveÉlevé
13File/zm/index.phppredictiveÉlevé
14Fileadclick.phppredictiveMoyen
15Fileadmin.jcomments.phppredictiveÉlevé
16Fileadmin/file-manager/attachmentspredictiveÉlevé
17Fileapplication/modules/admin/views/ecommerce/products.phppredictiveÉlevé
18Filexxxxx.xxxpredictiveMoyen
19Filexxxxxxxxxxx.xxxpredictiveÉlevé
20Filexxxx/xxxxxxxxxxxx.xxxpredictiveÉlevé
21Filexxxx.xxxpredictiveMoyen
22Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveÉlevé
23Filexxxx_xxxxxxx.xxxpredictiveÉlevé
24Filexxx-xxx/xxxxxxx.xxpredictiveÉlevé
25Filexxxxx.xxxpredictiveMoyen
26Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveÉlevé
27Filexxxxx-xxxxxxx.xxxpredictiveÉlevé
28Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveÉlevé
29Filexxxxxx.xxxpredictiveMoyen
30Filexxxxxxxxxx\xxxx.xxxpredictiveÉlevé
31Filexxxxxxxxxxx.xxxpredictiveÉlevé
32Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveÉlevé
33Filexxxxxxxxxxxx.xxxpredictiveÉlevé
34Filexxxx-xxxxxx.xxxpredictiveÉlevé
35Filexxxx.xxxpredictiveMoyen
36Filexxxxxxxxxxx.xxxxx.xxxpredictiveÉlevé
37Filexxxx.xxxpredictiveMoyen
38Filexxxxx_xxxxxxxx.xxxpredictiveÉlevé
39Filexxxxx_xxxx.xxxpredictiveÉlevé
40Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveÉlevé
41Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveÉlevé
42Filexxx/xxxxxx.xxxpredictiveÉlevé
43Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveÉlevé
44Filexxxxx.xxxxpredictiveMoyen
45Filexxxxx.xxxpredictiveMoyen
46Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveÉlevé
47Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveÉlevé
48Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveÉlevé
49Filexxx.xpredictiveFaible
50Filexxxx_xxxxxxx.xxxpredictiveÉlevé
51Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveÉlevé
52Filexxxxx.xxxxpredictiveMoyen
53Filexxxxx.xxxpredictiveMoyen
54Filexx_xxxx.xpredictiveMoyen
55Filexxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveÉlevé
56Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveÉlevé
57Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveÉlevé
58Filexxxxxxx_xxxx.xxxpredictiveÉlevé
59Filexxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
60Filexxxxxxx.xxxpredictiveMoyen
61Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveÉlevé
62Filexxxxxxx_xxxx.xxxpredictiveÉlevé
63Filexxxxx.xxxpredictiveMoyen
64Filexxxx_xxxx_xxxxxx.xxxpredictiveÉlevé
65Filexxxx.xxxpredictiveMoyen
66Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveÉlevé
67Filexxxx_xxxxx.xxxxpredictiveÉlevé
68Filexxx/xxxx/xxxxpredictiveÉlevé
69Filexxxxxx/xxxxx/xxxx_xxxxxxx.xxxpredictiveÉlevé
70Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveÉlevé
71Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveÉlevé
72Filexxxxxxxxx/xxxxxxxx.xxxpredictiveÉlevé
73Filexxxx-xxxxx.xxxpredictiveÉlevé
74Filexxxx-xxxxxxxx.xxxpredictiveÉlevé
75Filexxxxxxxx.xxxpredictiveMoyen
76Filexxxxxx.xxxpredictiveMoyen
77Filexxxxxxx-xxxxx.xxxpredictiveÉlevé
78Filexxxx_xxxxx.xxxpredictiveÉlevé
79Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveÉlevé
80Filexxxx.xxxpredictiveMoyen
81Filexx-xxxxx/xxxx.xxxpredictiveÉlevé
82Filexx-xxxxx-xxxxxx.xxxpredictiveÉlevé
83Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveÉlevé
84Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveÉlevé
85Filexxxx.xxxpredictiveMoyen
86File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveÉlevé
87File~/xxxxxxxx/xxxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveÉlevé
88File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveÉlevé
89File~/xxxxxxxx/xxxxxx/xxxxxx.xxxpredictiveÉlevé
90Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveÉlevé
91Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveÉlevé
92Argumentxxx_xxxpredictiveFaible
93ArgumentxxxxxxxxxpredictiveMoyen
94ArgumentxxxxxxxxpredictiveMoyen
95Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveÉlevé
96Argumentxxxxx_xxxxpredictiveMoyen
97Argumentxxxx_xxx_xxxxpredictiveÉlevé
98ArgumentxxxxxxxxxxpredictiveMoyen
99ArgumentxxxpredictiveFaible
100ArgumentxxxxxxxxxxxxxxxpredictiveÉlevé
101ArgumentxxxxxxpredictiveFaible
102ArgumentxxxxxxxxxxxxxpredictiveÉlevé
103ArgumentxxxxpredictiveFaible
104ArgumentxxxxxpredictiveFaible
105Argumentxxxxxxxxx_xxxxxxpredictiveÉlevé
106ArgumentxxxxxxxxxpredictiveMoyen
107Argumentxx_xxxxxxxpredictiveMoyen
108ArgumentxxxxpredictiveFaible
109ArgumentxxxxxxxxpredictiveMoyen
110ArgumentxxxxxxxxxxxxxxxpredictiveÉlevé
111Argumentxxxxxx_xxxxxpredictiveMoyen
112Argumentxx_xxpredictiveFaible
113Argumentxxxxxxx[xxxxxxx]predictiveÉlevé
114ArgumentxxxxxpredictiveFaible
115Argumentxxxxxx_xxxx_xxxpredictiveÉlevé
116ArgumentxxpredictiveFaible
117ArgumentxxxxpredictiveFaible
118ArgumentxxxxpredictiveFaible
119ArgumentxxpredictiveFaible
120Argumentxxxxxx/xxxxx/xxxxpredictiveÉlevé
121ArgumentxxxxxxxpredictiveFaible
122ArgumentxxxxpredictiveFaible
123ArgumentxxxxxxxxpredictiveMoyen
124Argumentxxxxxx_xxxxxxpredictiveÉlevé
125Argumentxxxxxxx xxxxpredictiveMoyen
126Argumentxxxxxxxx_xxpredictiveMoyen
127Argumentxxx_xxxxxxpredictiveMoyen
128Argumentxxxxxx_xxxxxpredictiveMoyen
129ArgumentxxxxxxxxpredictiveMoyen
130Argumentxxxx_xxxxpredictiveMoyen
131ArgumentxxxxpredictiveFaible
132ArgumentxxxpredictiveFaible
133Argumentxxxxxx_xxxx[]predictiveÉlevé
134ArgumentxxxxxxxpredictiveFaible
135ArgumentxxxpredictiveFaible
136ArgumentxxxxxpredictiveFaible
137Argumentxx_xxxxxxxxpredictiveMoyen
138ArgumentxxxpredictiveFaible
139ArgumentxxxxxxxxpredictiveMoyen
140Argument_xxx_xxxxxxxxxxx_predictiveÉlevé
141Input ValuexxxxxpredictiveFaible
142Input Valuexxxxxxxxx' xxx 'x'='xpredictiveÉlevé
143Pattern|xx xx xx xx|predictiveÉlevé

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!