BlankSlate Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (127)

Oś czasu

Język

en106
de8
pt4
it4
fr4

Kraj

gb62
us22
de6
pt4
it4

Aktorzy

BlankSlate4
Cerber2
Ave Maria1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Not Defined70
WordPress Plugin8
Content Management System6
Network Management Software2
Banking Software2

Sprzedawca

Not Defined34
SourceCodester12
Wondershare6
CodeAstro4
DZCP4

Produkt

WordPress4
CentOS Web Panel4
All in One SEO Pack Plugin4
DZCP deV!L`z Clanportal4
RRJ Nueva Ecija Engineer Online Portal2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzEPSSCTICVE
1DZCP deV!L`z Clanportal config.php privilege escalation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.20CVE-2010-0966
2JetBrains PhpStorm idea.log information disclosure3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.04CVE-2022-48435
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
4All in One SEO Pack Plugin cross site scripting5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000760.07CVE-2023-0586
5PHPGurukul Online Notes Sharing System profile.php cross site request forgery4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.08CVE-2023-7052
6Views for WPForms Plugin create_view cross site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000520.08CVE-2024-0374
7All in One SEO Pack Plugin cross site scripting3.93.9$0-$5k$0-$5kNot DefinedNot Defined0.001010.00CVE-2023-0585
8SourceCodester Responsive Ordering System Product_model.php privilege escalation6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.006320.03CVE-2021-25206
9WPForms Pro Plugin privilege escalation7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002290.04CVE-2022-3574
10Wondershare Dr.Fone privilege escalation7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.000820.00CVE-2023-29835
11Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000610.04CVE-2023-5681
12Campcodes Simple Student Information System manage_academic.php sql injection6.26.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-5929
13Campcodes Simple Student Information System index.php sql injection6.26.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-5923
14CodeAstro Internet Banking System pages_reset_pwd.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.04CVE-2023-5695
15SourceCodester Engineers Online Portal downloadable_student.php sql injection7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.000770.09CVE-2023-5276
16ZZZCMS Database Backup File save.php restore privilege escalation7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000610.04CVE-2023-5263
17MicroWorld eScan Anti-Virus runasroot Local Privilege Escalation7.87.6$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000420.04CVE-2023-4383
18Lightxun IPTV Gateway web_upload_template.html privilege escalation5.04.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.04CVE-2023-7026
19SourceCodester Best Courier Management System manage_parcel_status.php cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000500.04CVE-2023-5273
207-card Fakabao wxpay_notify.php sql injection6.66.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.08CVE-2023-7185

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
119.48.17.0BlankSlate2022-04-01verifiedWysoki
254.68.27.226ec2-54-68-27-226.us-west-2.compute.amazonaws.comBlankSlate2022-04-01verifiedMedium
3XX.XX.XX.Xxxxxxxx-xxx-xxx-xxx-xxx.xx.xx.xxxx.xxxxxxxxxx.xxXxxxxxxxxx2022-04-01verifiedWysoki
4XX.XX.XXX.Xxxx.xx-xx-xx-xxx.xxXxxxxxxxxx2022-04-01verifiedWysoki
5XXX.XX.XXX.XXXxxxxxxxxx2022-04-01verifiedWysoki
6XXX.XXX.X.XXXxxx.x.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxx2022-04-01verifiedMedium
7XXX.XXX.XXX.Xxxx.xxxx.xxx.xxxx.xxxxxxxXxxxxxxxxx2022-04-01verifiedWysoki
8XXX.XXX.XXX.Xxxx.xx-xxx-xxx-xxx.xxXxxxxxxxxx2022-04-01verifiedWysoki
9XXX.XXX.XXX.XXxxxxxxxxx2022-04-01verifiedWysoki

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22, CWE-24Path TraversalpredictiveWysoki
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveWysoki
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveWysoki
4TXXXXCWE-XXXxxxxxxx XxxxxxxxxpredictiveWysoki
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveWysoki
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
7TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
8TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
9TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
10TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
11TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
12TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveWysoki
14TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (119)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/index.phppredictiveWysoki
2File/admin/list_addr_fwresource_ip.phppredictiveWysoki
3File/admin/makehtml_freelist_action.phppredictiveWysoki
4File/admin/return_add.phppredictiveWysoki
5File/admin/save.phppredictiveWysoki
6File/admin/service/stop/predictiveWysoki
7File/admin/students/manage_academic.phppredictiveWysoki
8File/api/v1/attack/falcopredictiveWysoki
9File/application/websocket/controller/Setting.phppredictiveWysoki
10File/cgi-bin/cstecgi.cgipredictiveWysoki
11File/cgi-bin/login_action.cgipredictiveWysoki
12File/event/admin/?page=user/listpredictiveWysoki
13File/include/file.phppredictiveWysoki
14File/index.phppredictiveMedium
15File/index.php?menu=asterisk_clipredictiveWysoki
16File/xxxx/xxxxx/xxxxxxpredictiveWysoki
17File/xxxxxxxxxxxxxxxpredictiveWysoki
18File/xxxxxxxx/xxxxpredictiveWysoki
19File/xxxxxxx/predictiveMedium
20File/xxxx/xxxxxxx.xxxpredictiveWysoki
21File/xxxxxxxxxx.xxxpredictiveWysoki
22File/xxxxxx/xxxxx.xxx/xxxxx/xxxxx/xxx_xxxxxx_xxxxxxxx.xxxxpredictiveWysoki
23Filexxxxxxxxxxxx.xxxpredictiveWysoki
24Filexxxxx/xxx_xxxxxxxx.xxxpredictiveWysoki
25Filexxxxx/xxxxxxxxxx/xxxxxxx.xxxpredictiveWysoki
26Filexxx/xxxxxx/xxxxxx.xxxpredictiveWysoki
27Filexxx/xxxxx/xxxxxxxxxx/xxxx.xxxpredictiveWysoki
28Filexxx/xxxx/xxxxx/xxxx.xxxpredictiveWysoki
29Filexxxxxxx.xxxpredictiveMedium
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxxxxx.xxxpredictiveMedium
32Filexxxxxx-xxxxxxx.xxxpredictiveWysoki
33Filexxxxxxxxxx.xxxpredictiveWysoki
34Filexxxxxxxx_xxxxxxx.xxxpredictiveWysoki
35Filexxxx/xx-xxxxxxx.xxxpredictiveWysoki
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
37Filexxxxxxx.xxxpredictiveMedium
38Filexxxxxxxxxxxx_xxxxxxx.xxxpredictiveWysoki
39Filexxxxxx_xxxxx_xxxxxxxx.xxxpredictiveWysoki
40Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxxpredictiveWysoki
41Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=xpredictiveWysoki
42Filexxxx.xxxpredictiveMedium
43Filexxx/xxxxxxx/xxxxxxxxxxxxxx.xpredictiveWysoki
44Filexxxxxxxx/xxxxx.xxxpredictiveWysoki
45Filexxxx.xxxpredictiveMedium
46Filexxx/xxxxxx.xxxpredictiveWysoki
47Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveWysoki
48Filexxxxx.xxxpredictiveMedium
49Filexx/xxxxxxx.xpredictiveMedium
50Filexxxxx/xxxx.xxxpredictiveWysoki
51Filexxxx_xxxx_xxxxxx.xxxpredictiveWysoki
52Filexxx.x/xxxxxx.xpredictiveWysoki
53Filexxxxxx/xxx/xxxxxxxxxxx/xxxx_xxxxxxxxxx.xxpredictiveWysoki
54Filexxxxxxxxxx.xxxpredictiveWysoki
55Filexxxxxx_xxxxxx_xxxxxx.xxxpredictiveWysoki
56Filexxxxxxxxxxx_xxxxx_xxxxxxxx.xxxpredictiveWysoki
57Filexxxxxxxxx.xxxpredictiveWysoki
58Filexxxxx_xxxxx_xxx.xxxpredictiveWysoki
59Filexxxxxxx.xxxpredictiveMedium
60Filexxxxxxx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxxpredictiveWysoki
61Filexxxxxxx_xxxxx.xxxpredictiveWysoki
62Filexxxxxxxx_xxxxx_xxxxxxxx.xxxpredictiveWysoki
63Filexxxxxxxxx/xxxx/xxxxxxxxx.xxxpredictiveWysoki
64Filexxxx/xxxx/predictiveMedium
65FilexxxxxxxxxpredictiveMedium
66Filexxxx/xxxxx_xxxxxx.xxxpredictiveWysoki
67Filexxxxxx_xxxxxxx.xxxpredictiveWysoki
68Filexxx/xxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
69Filexxxxxx_xxx_xxxxx_xxx.xxxpredictiveWysoki
70Filexxxxxxxx/xxxxx/xxx_xxx.xxxpredictiveWysoki
71Filexxxx_x_xxxx.xxxpredictiveWysoki
72Filexxxxx/xxxx_xxxx.xxxpredictiveWysoki
73Libraryxxx.xxxpredictiveNiski
74Argument$xxxx["xx"]predictiveMedium
75Argument$_xxxxxx['xxx_xxxx']predictiveWysoki
76Argument$_xxxxxx['xxxxxx_xxxx']predictiveWysoki
77ArgumentxxxxxxpredictiveNiski
78ArgumentxxxxxxpredictiveNiski
79ArgumentxxxxxxxxpredictiveMedium
80ArgumentxxxxxxxpredictiveNiski
81ArgumentxxxxxxxxxxxxxxpredictiveWysoki
82Argumentx_xxxxxxpredictiveMedium
83ArgumentxxxxxxxxxxxpredictiveMedium
84Argumentxxx_xxxxpredictiveMedium
85ArgumentxxxxxxxxpredictiveMedium
86ArgumentxxxxxxpredictiveNiski
87ArgumentxxxxxxxxxxxxpredictiveMedium
88ArgumentxxxxxpredictiveNiski
89Argumentxxxxx/xxxxxxx/xxx/xxpredictiveWysoki
90Argumentxxxxx_xxxxxxxpredictiveWysoki
91ArgumentxxxxxpredictiveNiski
92ArgumentxxxxpredictiveNiski
93Argumentxxxxx xxxx/xxxx xxxxpredictiveWysoki
94ArgumentxxxxxpredictiveNiski
95Argumentxxxx_xxxxpredictiveMedium
96ArgumentxxpredictiveNiski
97Argumentxxx_xxx_xxxxxpredictiveWysoki
98ArgumentxxxxxxpredictiveNiski
99ArgumentxxxxpredictiveNiski
100ArgumentxxxxpredictiveNiski
101ArgumentxxxxxxxxpredictiveMedium
102Argumentxxx_xxxxx_xxpredictiveMedium
103Argumentxxxxxxxxxx/xxxx/xxxxxxxx/xxxx/xxxxxxx_xxxxpredictiveWysoki
104ArgumentxxxxxxxxpredictiveMedium
105ArgumentxxxxxxxxpredictiveMedium
106Argumentxxxx_xxxxpredictiveMedium
107ArgumentxxxxxxxpredictiveNiski
108ArgumentxxxxxxxpredictiveNiski
109ArgumentxxxpredictiveNiski
110ArgumentxxxxxxxpredictiveNiski
111ArgumentxxxxxxxpredictiveNiski
112Argumentxxxx_xxxxpredictiveMedium
113Argumentx_xxxx/x_xxxxpredictiveWysoki
114ArgumentxxxpredictiveNiski
115Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
116Input Value(xxxxxxxxx(xxxx,xxxxxx(xxxx,xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx),xxxx))predictiveWysoki
117Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveWysoki
118Input Valuexxxxxxx%xxxxxxxxx.xxx'%xx%xx<xxxxxx%xx>xxxxx(xxxx)</xxxxxx>predictiveWysoki
119Network Portxxx/xx (xxx)predictiveMedium

Referencje (3)

The following list contains external sources which discuss the actor and the associated activities:

PoprzedniPrzeglądKolejny

Want to stay up to date on a daily basis?

Enable the mail alert feature now!