PortDoor Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (16)

Chronologie

Langue

en14
es2

De campagne

us16

Acteurs

TA4281

Activités

Intérêt

Chronologie

Taper

Not Defined8
Programming Language Software4
JavaScript Library2

Fournisseur

DZCP4
Not Defined4
Google2
Thomas R. Pasawicz2
DUware2

Produit

DZCP deV!L`z Clanportal4
Google Go2
Kerberos Package2
Thomas R. Pasawicz HyperBook Guestbook2
PHP2

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgation de l'information5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
2Microsoft Windows Registry Password divulgation de l'information3.73.6$25k-$100k$0-$5kNot DefinedWorkaround0.000000.02
3Nextcloud Server Image Preview config.php elévation de privilèges7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002540.04CVE-2021-32802
4D-Link DIR-865L register_send.php authentification faible7.57.1$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.001090.02CVE-2013-3096
5Google Go ExtractTo directory traversal7.47.4$5k-$25k$5k-$25kNot DefinedNot Defined0.001070.00CVE-2020-7668
6PHP phpinfo buffer overflow6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.023450.02CVE-2005-2491
7DZCP deV!L`z Clanportal config.php elévation de privilèges7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.74CVE-2010-0966
8DZCP deV!L`z Clanportal browser.php divulgation de l'information5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027331.03CVE-2007-1167
9Kerberos Package DLL LoadLibrary elévation de privilèges6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.004400.00CVE-2020-13110
10WordPress AdServe adclick.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000730.08CVE-2008-0507
11LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.39
12Bitcoin Core/Bitcoin Knots Final Alert chiffrement faible6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001580.00CVE-2016-10725
13DUware DUdownload detail.asp sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.002540.03CVE-2006-6367

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadresse IPHostnameActeurCampagnesIdentifiedTaperConfiance
145.63.27.16245.63.27.162.vultr.comPortDoor04/03/2022verifiedMoyen

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CAPEC-126CWE-22Path TraversalpredictiveÉlevé
2T1059CAPEC-242CWE-94Argument InjectionpredictiveÉlevé
3TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveÉlevé
4TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveÉlevé
5TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
6TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé
7TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveÉlevé

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/forum/away.phppredictiveÉlevé
2Fileadclick.phppredictiveMoyen
3Filexxxxxx.xxxpredictiveMoyen
4Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveÉlevé
5Filexxxxxx.xxxpredictiveMoyen
6Filexxx/xxxxxx.xxxpredictiveÉlevé
7Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveÉlevé
8Filexxxxxxxx_xxxx.xxxpredictiveÉlevé
9ArgumentxxxxxxxxpredictiveMoyen
10ArgumentxxxxpredictiveFaible
11ArgumentxxpredictiveFaible
12ArgumentxxxxxpredictiveFaible
13Input Value..predictiveFaible

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!