Parrot 解析

IOB - Indicator of Behavior (909)

タイムライン

言語

en844
ru30
zh10
fr8
de6

国・地域

us314
ru106
cn52
hu20
es18

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Microsoft Windows36
Advantech WebAccess16
Adobe Acrobat Reader12
Google Chrome12
Linux Kernel10

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.270.00000
3Atmail Remote Code Execution9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00251CVE-2013-5033
4PHP Link Directory Administration Page index.html クロスサイトスクリプティング4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.340.00374CVE-2007-0529
5DZCP deV!L`z Clanportal config.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.520.00943CVE-2010-0966
6phpMyAdmin phpinfo.php 情報の漏洩5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00142CVE-2016-9848
7Esoftpro Online Guestbook Pro ogp_show.php SQLインジェクション7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.200.00108CVE-2009-4935
8MGB OpenSource Guestbook email.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.440.01302CVE-2007-0354
9Palo Alto PAN-OS GlobalProtect Clientless VPN メモリ破損8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00112CVE-2021-3056
10WordPress SQLインジェクション6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00467CVE-2022-21664
11jQuery クロスサイトスクリプティング4.33.8$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00306CVE-2011-4969
12Microsoft IIS クロスサイトスクリプティング5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
13DZCP deV!L`z Clanportal browser.php 情報の漏洩5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.030.02733CVE-2007-1167
14Linux Kernel emulate.c 特権昇格6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00181CVE-2017-2583
15Flat PHP Board ディレクトリトラバーサル3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.010.00000
16Simple PHP Guestbook guestbook.php クロスサイトスクリプティング3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
17212cafe 212cafeboard view.php SQLインジェクション7.37.1$0-$5k$0-$5kHighUnavailable0.080.00064CVE-2008-4713
18Apache HTTP Server HTTP Digest Authentication Challenge 弱い認証8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01815CVE-2018-1312
19portable SDK for UPnP unique_service_name メモリ破損10.09.5$0-$5k$0-$5kHighOfficial Fix0.030.97445CVE-2012-5958
20VeronaLabs wp-statistics Plugin API Endpoint Blind SQLインジェクション8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00250CVE-2019-13275

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-21, CWE-22, CWE-23, CWE-425Path Traversalpredictive
2T1040CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CWE-94Argument Injectionpredictive
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
6T1068CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary Privilegespredictive
7TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
9TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
10TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx Xxxxxpredictive
13TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
15TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
17TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictive
18TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
21TXXXX.XXXCWE-XXXXxxxxxxxpredictive
22TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
23TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
24TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
26TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (287)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/addnews.htmlpredictive
2File/addsrvpredictive
3File/Admin/Views/FileEditor/predictive
4File/api/RecordingList/DownloadRecord?file=predictive
5File/apply.cgipredictive
6File/article/addpredictive
7File/controller/pay.class.phppredictive
8File/dev/kmempredictive
9File/dev/snd/seqpredictive
10File/device/device=140/tab=wifi/viewpredictive
11File/etc/passwdpredictive
12File/EXCU_SHELLpredictive
13File/forum/away.phppredictive
14File/gena.cgipredictive
15File/goform/SetClientStatepredictive
16File/goform/SysToolChangePwdpredictive
17File/jerry-core/ecma/base/ecma-gc.cpredictive
18File/jpg/image.jpgpredictive
19File/out.phppredictive
20File/php/ping.phppredictive
21File/product_list.phppredictive
22File/rapi/read_urlpredictive
23File/rrps/classes/Master.php?f=delete_categorypredictive
24File/rukovoditel_2.4.1/index.php?module=configuration/save&redirect_to=configuration/applicationpredictive
25File/scripts/unlock_tasks.phppredictive
26File/sec/content/sec_asa_users_local_db_add.htmlpredictive
27File/see_more_details.phppredictive
28File/src/core/controllers/cm.phppredictive
29File/SysInfo1.htmpredictive
30File/sysinfo_json.cgipredictive
31File/system/user/modules/mod_users/controller.phppredictive
32File/transmission/web/predictive
33File/uncpath/predictive
34File/xxx/xxxxxpredictive
35File/xxx/xxxx/xxxxxxxxpredictive
36File/xxxxx/xxxxxxxxxxxpredictive
37File/xx-xxxxx/xxxxx-xxxx.xxx?xx_xxxx=x&xxxxxx_xxxxpredictive
38Filexxxxxxx.xxxpredictive
39Filexxx.xxxpredictive
40Filexxxxx/?x=xxxx&x=xxxxx&x=xxxxxpredictive
41Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictive
42Filexxxxx/xxxxx_xxx.xxxpredictive
43Filexxxxx/xxxxx.xxxpredictive
44Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictive
45Filexxxx_xxxxxxxxx.xxxpredictive
46Filexxx/xxpredictive
47Filexxxxxxxxxxxxxxxx.xxxxpredictive
48Filexxxxxxx/xxxx.xxxpredictive
49Filexxxx/xxx/xxx/xxxxxxx.xpredictive
50Filexxxxx.xxxxpredictive
51Filexxxxxxx/xxxxxxxxxx/xxxxxx_xxxxxx_xxxxxxxx_xxxxx.xxpredictive
52Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictive
53Filexxxxxxx/xxxxx/xxxx_xxxxxxxxxx.xxx?xxxx_xx=x&xxxx_xx=xpredictive
54Filexxxxxx/xxx.xpredictive
55Filexxxxxx/xxxx.xpredictive
56Filexxxxxxxxxxx/xxxxxxxpredictive
57Filexxxx/xxxxxxx/xxxxxxxx_xxx_xxxxxxxxxx_xx.xxpredictive
58Filexxxx/xxxxxxx/xxxxxx_xxxxxx_xx.xxpredictive
59Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictive
60Filexxxxx/xxxxx/?xxxx=xxxx/xxxxxx_xxxxpredictive
61Filexxxxxxxxx.xxx.xxxpredictive
62Filexxxxx/xxxxx.xxxpredictive
63Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
64Filexxxx_xxxxx.xxxpredictive
65Filexxxxx.xxxpredictive
66Filexxxxxx.xpredictive
67Filexxxxxxxxx.xpredictive
68Filexxxxxxx.xxxpredictive
69Filexxxxxx.xxxpredictive
70Filexxxxx_xxxx.xxxpredictive
71Filexxxxxxxx.xxxpredictive
72Filexxxxxxx/xx/xx-xxxxx.xpredictive
73Filexxxx_xxxxx/xxxxxxx.xxxpredictive
74Filexxxx_xxx/xx/xxxxxxxx/xxxxxx.xxxpredictive
75Filexxxx-xxxxxxx-xxxxxx.xpredictive
76Filexxxxx.xxxpredictive
77Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xpredictive
78Filexxxxxxx.xxxpredictive
79Filexxxx.xxxpredictive
80Filexxxxxx.xpredictive
81Filexxxx_xxxxxxxx.xxxpredictive
82Filexx-xxxxxxx/xxxxxxxxxxxx/xxxxxx/xxxxx.xxxxxxxxxxxx.xxxx.xxxpredictive
83Filexx/xx-xx.xpredictive
84Filexxxxxxxxxxxx.xxxpredictive
85Filexxx/xxxx_xxxx.xpredictive
86Filexxxxxx/xxxxxxxxxxxpredictive
87Filexxxx.xxxpredictive
88Filexxxx_xxxxxx.xpredictive
89Filexxxxxxxxx.xxxpredictive
90Filexxxxxxxxx.xxxpredictive
91Filexxxx/xxxxxxx.xpredictive
92Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictive
93Filexxx/xxxxxx.xxxpredictive
94Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictive
95Filexxxxxxxx/xxx/xxx_xxxxxxx.xxxpredictive
96Filexxxxxxxx/xxxxx-xxxxxx-xxxx-xxxxxxx.xxxpredictive
97Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictive
98Filexxxxxxxx/xxxxxxxx.xxxpredictive
99Filexxxxx.xxxxpredictive
100Filexxxxx.xxxpredictive
101Filexxxxx.xxx?xxx=xxxx&xxx=xxxxxxxxpredictive
102Filexxxxxxx/xxxxx.xxxpredictive
103Filexxxxxxxxxx.xxxpredictive
104Filexxxxxxxxxx.xxxpredictive
105Filexxxxxxxxxx_xxxx.xxxpredictive
106Filexxxxxxxxx.xxxpredictive
107Filexxxxx.xxxpredictive
108Filexxxxxxxxxx/xxxxx-xxxxxxxx.xpredictive
109Filexxxxxxxxxx/xxxxxxx.xpredictive
110Filexxxxxxxxxx/xxxxxxxx.xpredictive
111Filexxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictive
112Filexxxxxxxx.xxxpredictive
113Filexxxxxxx.xxxpredictive
114Filexxx/xxx.xxxpredictive
115Filexxx/xxxx/xx/xxxxxx.xxxpredictive
116Filexxx_xxxxx.xpredictive
117Filexxxxxxxx.xxxpredictive
118Filexxxxx.xxxpredictive
119Filexxxx.xxxpredictive
120Filexxx_xxxx.xpredictive
121Filexxx_xxxxxx.xpredictive
122Filexxxxxxx.xxxpredictive
123Filexxxx/xxxx.xpredictive
124Filexxx_xxxx.xxxpredictive
125Filexxxxxxx.xpredictive
126Filexxxxxxxxx.xpredictive
127Filexxxxxxx.xxxpredictive
128Filexxxxxx.xpredictive
129Filexxxx.xxxpredictive
130Filexxxxxxx.xxxpredictive
131Filexxxxxxx.xxxpredictive
132Filexxxxx.xxxpredictive
133Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictive
134Filexxxxx.xpredictive
135Filexxxx.xxxpredictive
136Filexxxxx.xxxpredictive
137Filexxxxx.xxxpredictive
138Filexxxxxxxx.xxpredictive
139Filexxxxxxxxxx.xxxpredictive
140Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictive
141Filexxxxxxx_xxxxxx.xpredictive
142Filexxxxxxxx.xxxpredictive
143Filexxx/xxx_xxxpredictive
144Filexxxxxxxxxxxxxx.xxxxxxxxxxxxxxxpredictive
145Filexxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.xpredictive
146Filexxxxx.xpredictive
147Filexxx.xpredictive
148Filexxxxxx.xxxpredictive
149Filexxxxxxxx/xxxxx/xxxxxxx.xxpredictive
150Filexxxx_xxxx.xxxpredictive
151Filexxx-xxxxxxxxx.xpredictive
152Filexxxxxx/xxxx/xxxxxx/xxxxxx/xxxxxxxxxx.xxpredictive
153Filexxxx.xxxpredictive
154Filexxxxxxx:xxxxxxxxxxxxxxxxxxxpredictive
155Filexxxxx/xxxxx.xxxpredictive
156Filexxxxxxxx.xxxpredictive
157Filexxxxxxxx.xxxpredictive
158Filexxxxxxxxx.xxxpredictive
159Filexxxxxx.xxxpredictive
160Filexxxxxxxx/xxxxx_xxxxxpredictive
161Filexxxx.xxxpredictive
162Filexxxxxxxxxxpredictive
163Filexxxxxx.xxxpredictive
164Filexxxxxxx/xxxxx.xxxpredictive
165Filexxxxxxx.xxxpredictive
166Filexx-xxxxx/xxxxx.xxx?xx-xxxxx-xxxxxx[]=xxxxxpredictive
167Filexx-xxxxxxx/xxxxxxx/xxxxxxx/xxxxx_xxxxpredictive
168File~/xxxxx-xxxx.xxxpredictive
169File~/xxxxx/xxxxx-xxx-xxxxx-xxxxxxx-xxxxx.xxxpredictive
170File~/xxxxxxxxx/xxxxxxxx.xxxpredictive
171Libraryxxxxxxxxx.xxxpredictive
172Libraryxxxxxxxx.xxxpredictive
173Libraryxxxx/xxxxxx.xxxpredictive
174Libraryxxxxxx.xxxpredictive
175Libraryxxxxx.xxxpredictive
176Libraryxxx_xxxxxx.xxxpredictive
177Libraryxxxxxxxxxxxxx/xxxxxxx.xxxpredictive
178Libraryxxxxx.xxxpredictive
179Libraryxxxxxxxxxx.xxxpredictive
180Libraryxxx/xxxxxxxxxx.xpredictive
181Libraryxxxxxxxxx.xxxpredictive
182Libraryxxxxxxxx.xxxpredictive
183Libraryxxxxxx.xxxpredictive
184Libraryxxxxxxxxxxxxxxxxx.xxxpredictive
185Libraryxxxxx.xxxpredictive
186Libraryxxx.xxxpredictive
187Argument$xxxxx_xxxxxxxxxxpredictive
188Argument-xpredictive
189Argumentxxxxxxpredictive
190Argumentxxxxxxx_xxxxpredictive
191Argumentxxxx_xxpredictive
192Argumentxxxxxx_xxxxpredictive
193Argumentxxxxxxxxpredictive
194Argumentxxxxxxxpredictive
195Argumentxxxxxxxxxxxxxxxpredictive
196Argumentxxxpredictive
197Argumentxxxxxxx[]predictive
198Argumentxxxpredictive
199Argumentxxxx_xxpredictive
200Argumentxxxxxxxpredictive
201Argumentxxxxxxxxxpredictive
202Argumentxxxxxxxpredictive
203Argumentxxxxxxxxxxxxxxxxxpredictive
204Argumentxxxxxpredictive
205Argumentxxx_xxxxxxxxxxxxxxxxpredictive
206Argumentxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxpredictive
207Argumentxxxxxxxxxxxpredictive
208Argumentxxxxxx_xxpredictive
209Argumentxxxxxxxpredictive
210Argumentxxxxx_xxxxxpredictive
211Argumentxxxxxxx_xxxxpredictive
212Argumentxxxxpredictive
213Argumentxxxx_xxxxpredictive
214Argumentxxxxxxpredictive
215Argumentxxxxxpredictive
216Argumentxxxx_xxxx_xxxxpredictive
217Argumentxxxxxxxxxpredictive
218Argumentxxxxxxxxxxxxpredictive
219Argumentxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxpredictive
220Argumentxxxxpredictive
221Argumentxxxxxxx_xxxxpredictive
222Argumentxxxxpredictive
223Argumentxxpredictive
224Argumentxxxxxxxxpredictive
225Argumentxxxx_xxpredictive
226Argumentxxxxx[xxxxxx]predictive
227Argumentxxxxxxxx[xx]predictive
228Argumentxxxpredictive
229Argumentxxxxxxxpredictive
230Argumentxxxx/xxx_xxxxxxxxxpredictive
231Argumentxxxxxxxxpredictive
232Argumentxxxxxxxxpredictive
233Argumentxxxxxxpredictive
234Argumentxxx_xxxxpredictive
235Argumentxx-xxxxxxxxxx-xxxxpredictive
236Argumentx_xxxxxx/x_xxxxxxxxxxpredictive
237Argumentx_xxx/xxxxpredictive
238Argumentxxx_xxpredictive
239Argumentxxxxpredictive
240Argumentxxxxxxxxpredictive
241Argumentxxxxxxxxpredictive
242Argumentxxxpredictive
243Argumentxxxxxxx/xxxxxpredictive
244Argumentxxxxxxxxpredictive
245Argumentxxxxxxxx_xxxpredictive
246Argumentxxxxxxxxxxxpredictive
247Argumentxxx_xxx_xxxxxpredictive
248Argumentxxxxxxxxpredictive
249Argumentxxxxxxpredictive
250Argumentxxxxxpredictive
251Argumentxxxxxx_xxxpredictive
252Argumentxxxxxxxxxxxxxxxxxpredictive
253Argumentxxxxxxxxxxxpredictive
254Argumentxxxxxxx xxxxpredictive
255Argumentxxxxxxx_xxxxpredictive
256Argumentxxxxxxxpredictive
257Argumentxxxx_xxpredictive
258Argumentxxxxxxxxxx_xxpredictive
259Argumentxxxxxxxx_xxxxxxxxpredictive
260Argumentxxxxxpredictive
261Argumentx_xxxxxxxxxxxxxxxxxx/x_xxxxxxxxxxxxxxxxxxxxxxx/x_xxxxxxxxxxxxxxxxxxxxpredictive
262Argumentxxxxxpredictive
263Argumentxxxxxxpredictive
264Argumentxxxxxxxxpredictive
265Argumentxxxxxxxxxxxxxxxxxxxxxpredictive
266Argumentxxxxxpredictive
267Argumentxxxx_xxpredictive
268Argumentxxxpredictive
269Argumentxxxxpredictive
270Argumentxxxxxxxxpredictive
271Argumentxxxxxxxxpredictive
272Argumentxxxx/xx/xxxx/xxxpredictive
273Argumentxxxx_xxxxpredictive
274Argumentxxxxxx-xxx[x][xxxx_xxxx]predictive
275Argumentxxxxpredictive
276Input Value%xx%xxpredictive
277Input Value.%xx.../.%xx.../predictive
278Input Value../predictive
279Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictive
280Input Value/xxx/xxxxxxpredictive
281Input Valuexxxxxxx -xxxpredictive
282Input Valuexxxxxxxxxxpredictive
283Network Portxxxxpredictive
284Network Portxxxxpredictive
285Network Portxxxx xxxxpredictive
286Network Portxxx/xxxpredictive
287Network Portxxx/xxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!