Ircbot Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (168)

Oś czasu

Język

en152
de6
fr4
ru4
it2

Kraj

ca60
us18
de10
fr2

Aktorzy

Chthonic2
Ircbot2
Cybergate1
VertexNet1
Havoc1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Not Defined78
Programming Language Software14
Firewall Software6
Web Browser6
Anti-Malware Software4

Sprzedawca

SourceCodester26
Not Defined18
Oracle16
Microsoft8
Cisco6

Produkt

Oracle Java SE10
SourceCodester Lost and Found Information System6
SourceCodester Online Exam System4
Thomas R. Pasawicz HyperBook Guestbook2
Siemens SIMATIC WinCC Sm@rtClient2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzEPSSCTICVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.13CVE-2017-0055
2Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2015-0988
3Lexar F35 Authentication Module privilege escalation4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001380.07CVE-2021-46390
4SourceCodester Online Exam System GET Parameter updateCourse.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.07CVE-2023-2642
5SourceCodester Online Internship Management System POST Parameter login.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.03CVE-2023-2641
6OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment denial of service6.06.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.19CVE-2023-2618
7OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeByteSegment denial of service5.65.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000730.08CVE-2023-2617
8SourceCodester Online Reviewer System GET Parameter user-update.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000890.09CVE-2023-2596
9SourceCodester Billing Management System POST Parameter ajax_service.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000890.05CVE-2023-2595
10SourceCodester Food Ordering Management System Registration sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.05CVE-2023-2594
11SourceCodester Multi Language Hotel Management Software POST Parameter ajax.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000620.05CVE-2023-2565
12jja8 NewBingGoGo cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.09CVE-2023-2560
13External Media without Import Plugin external-media-without-import.php print_media_new_panel cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000520.10CVE-2017-20183
14SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.07CVE-2023-2619
15PHP-Login POST Parameter class.loginscript.php checkLogin sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000590.22CVE-2016-15031
16JFrog Artifactory Pro SAML SSO Signature Validator weak authentication8.07.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.003780.02CVE-2018-19971
17IBM QRadar SIEM weak authentication7.77.7$5k-$25k$5k-$25kNot DefinedNot Defined0.000880.00CVE-2019-4210
18Audacity DLL Loader avformat-55.dll privilege escalation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001100.00CVE-2017-1000010
19Banana Dance search.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.001350.00CVE-2011-5175
20RoadFlow Visual Process Engine .NET Core Mvc Login sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000670.03CVE-2023-3208

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
135.229.93.4646.93.229.35.bc.googleusercontent.comIrcbot2022-04-14verifiedMedium
235.231.151.77.151.231.35.bc.googleusercontent.comIrcbot2022-04-14verifiedMedium
364.70.19.203mailrelay.203.website.wsIrcbot2022-04-14verifiedWysoki
469.49.96.16hostingc6-4.megawebservers.comIrcbot2022-04-14verifiedWysoki
5XX.XX.XX.XXXxxx.x.xxXxxxxx2021-07-18verifiedWysoki
6XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxx2022-04-12verifiedWysoki
7XX.XXX.XXX.XXXxxxxx2021-07-18verifiedWysoki
8XX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxxxxxx.xxxXxxxxx2021-07-18verifiedWysoki
9XXX.XXX.XX.XXxx-xxx-xxx-xx-xx.xxxxxx.xxxxxxxxxxxx.xxxxxx.xxxXxxxxx2022-04-12verifiedWysoki
10XXX.X.XXX.XXxxxxxxxxx.xxxx.xxXxxxxx2022-04-12verifiedWysoki
11XXX.XX.X.XXXXxxxxx2022-04-12verifiedWysoki
12XXX.XXX.XXX.XXXXxxxxx2021-07-18verifiedWysoki
13XXX.XX.XXX.XXxxxxx2022-04-12verifiedWysoki
14XXX.XX.XXX.XXxxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xxXxxxxx2022-04-12verifiedWysoki
15XXX.X.XXX.XXXxxxxx2022-04-12verifiedWysoki
16XXX.XX.XX.XXXxxx.xxxxxxxx.xxxXxxxxx2022-04-12verifiedWysoki
17XXX.XXX.XXX.XXxxxxx.xxxxxxxxxxxx.xxxXxxxxx2022-04-14verifiedWysoki
18XXX.XXX.XXX.XXxxxx-xx.xxxxxxxxxxxx.xxxXxxxxx2022-04-14verifiedWysoki
19XXX.XXX.XX.XXXxxxxx2022-04-12verifiedWysoki

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlasaLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CAPEC-126CWE-22Path TraversalpredictiveWysoki
2T1059CAPEC-242CWE-94Argument InjectionpredictiveWysoki
3T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
4T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveWysoki
5TXXXX.XXXCAPEC-0CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveWysoki
6TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveWysoki
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
8TXXXXCAPEC-0CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveWysoki
9TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveWysoki
10TXXXXCAPEC-50CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
11TXXXX.XXXCAPEC-0CWE-XXXXxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveWysoki
12TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
13TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
14TXXXX.XXXCAPEC-0CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveWysoki
15TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
16TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
17TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
18TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (131)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/budget/manage_budget.phppredictiveWysoki
2File/admin/edit_subject.phppredictiveWysoki
3File/admin/save_teacher.phppredictiveWysoki
4File/admin/service.phppredictiveWysoki
5File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictiveWysoki
6File/cas/logoutpredictiveMedium
7File/catcompany.phppredictiveWysoki
8File/changeimage.phppredictiveWysoki
9File/dosen/datapredictiveMedium
10File/jurusan/datapredictiveWysoki
11File/kelas/datapredictiveMedium
12File/kelasdosen/datapredictiveWysoki
13File/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05predictiveWysoki
14File/mahasiswa/datapredictiveWysoki
15File/paysystem/branch.phppredictiveWysoki
16File/proc/self/cwdpredictiveWysoki
17File/xxxxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxx/xxxx-xxxxxx.xxxpredictiveWysoki
18File/xxxx_xxxxx.xxx?xxxxxxxxx=xxxxxxxpredictiveWysoki
19File/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxxpredictiveWysoki
20File/xxxxxxx/predictiveMedium
21File/xx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveWysoki
22Filexxxxx/predictiveNiski
23Filexxxxx/?xxxx=xxxxxxxxxx/xxxxxx_xxxxxxxxpredictiveWysoki
24Filexxxxx/xxxxx.xxxpredictiveWysoki
25Filexxxxx/xxxxxxxxx.xxxpredictiveWysoki
26Filexxxxx/xxxxxxxx_xxxxx_xxxx.xxxpredictiveWysoki
27Filexxxxxxx/xxxxxxxxxx.xxxpredictiveWysoki
28Filexxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxxpredictiveWysoki
29Filexxxxx_xxx.xxx?xxxxxx=xxxpredictiveWysoki
30Filexxxx.xxxpredictiveMedium
31Filexxxx_xxxxxxx.xxxpredictiveWysoki
32Filexxxxx-xxxxx.xpredictiveWysoki
33Filexxxx/xxxxxxxx.xpredictiveWysoki
34Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictiveWysoki
35Filexxx.xpredictiveNiski
36Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxxxpredictiveWysoki
37Filexxxxx.xxxpredictiveMedium
38Filexxxx/xxxxxxxx.xxpredictiveWysoki
39Filexxxxx.xxxpredictiveMedium
40Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
41Filexxxxxxxx.xxxpredictiveMedium
42Filexxxxxxxxxx_xxxxxx.xxxpredictiveWysoki
43Filexxxxx.xxxpredictiveMedium
44Filexxxxxxxxxxxxx.xxxpredictiveWysoki
45Filexxxxxxx.xxxpredictiveMedium
46Filexxxxxxxx/xxx/xxx.xxx.xxxpredictiveWysoki
47Filexxxxxxxx-xxxxx-xxxxxxx-xxxxxx.xxxpredictiveWysoki
48Filexxxxxxxxxxxx.xxxpredictiveWysoki
49Filexx_xxxxxxx.xxxpredictiveWysoki
50Filexxxxxxxxxxxxxxxx.xxxpredictiveWysoki
51Filexxxxxxxxxx.xxxxx.xxxpredictiveWysoki
52Filexxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
53Filexxxxxxxxxx.xxxpredictiveWysoki
54Filexxxxx/xxxx.xxxpredictiveWysoki
55Filexxxxx/xxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictiveWysoki
56Filexxxxxx_xxxxxxx.xxxpredictiveWysoki
57Filexxxxxx.xpredictiveMedium
58Filexxxxxxx.xpredictiveMedium
59Filexxxxxx.xpredictiveMedium
60Filexxxxxx/xxxxxxx/xxxxxxx_xxx_xxxxxx_xxxxxx.xxxpredictiveWysoki
61Filexxxxx.xxxpredictiveMedium
62Filexxxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveWysoki
63Filexxxx/xxx/xxx_xxxx.xpredictiveWysoki
64Filexxxxxx.xxxpredictiveMedium
65Filexxxxxxx_xxxxxxxxxxxxx.xxxpredictiveWysoki
66Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveWysoki
67Filexxxx_xxxx.xxxpredictiveWysoki
68Filexxxxxx.xxxpredictiveMedium
69Filexxxxxxxx.xxxpredictiveMedium
70Filexxxxxxxx/xxxxxxxxxx.xpredictiveWysoki
71Filexxxxx/xxxx_xxxx.xxxpredictiveWysoki
72Filexxxx_xxxxxx.xxxpredictiveWysoki
73Filexxx.xxxxxxxx.xxxpredictiveWysoki
74Filexxxxxxx.xxxxpredictiveMedium
75Libraryxxxxxxxx.xxxpredictiveMedium
76Libraryxxxxxxxx-xx.xxxpredictiveWysoki
77Libraryxxxxxxx.xxxpredictiveMedium
78Argument$_xxxxxx['xxxxx_xxxxxx']predictiveWysoki
79Argumentxxxxxxxx_xxxxpredictiveWysoki
80ArgumentxxxxxxpredictiveNiski
81ArgumentxxxxxxxxpredictiveMedium
82ArgumentxxxxxxxxpredictiveMedium
83ArgumentxxxxxxxxxxpredictiveMedium
84ArgumentxxxxxxxxxxpredictiveMedium
85Argumentxxx_xxpredictiveNiski
86Argumentxx_xxpredictiveNiski
87Argumentxxxxxx_xxpredictiveMedium
88Argumentxxxx_xxpredictiveNiski
89Argumentxxxxxxx[x][xxxx]predictiveWysoki
90Argumentxxxxxxxxx_xxxxpredictiveWysoki
91ArgumentxxxxxxxxpredictiveMedium
92Argumentxxxx_xxxxxxxxpredictiveWysoki
93Argumentxxxx/xxxx/xxxxxxxxxpredictiveWysoki
94ArgumentxxxxxpredictiveNiski
95ArgumentxxxxxxxxpredictiveMedium
96ArgumentxxxxpredictiveNiski
97ArgumentxxxxxxxxpredictiveMedium
98ArgumentxxxxxxpredictiveNiski
99Argumentxxxxxxxx/xxxxxxx/xxxxxxxpredictiveWysoki
100ArgumentxxxxxxpredictiveNiski
101ArgumentxxpredictiveNiski
102ArgumentxxxxxpredictiveNiski
103ArgumentxxxxxxxpredictiveNiski
104ArgumentxxxxxxxpredictiveNiski
105ArgumentxxxxxxxxxxpredictiveMedium
106ArgumentxxxxpredictiveNiski
107ArgumentxxxxxxpredictiveNiski
108Argumentxxx_xxxxxxxxpredictiveMedium
109ArgumentxxxxpredictiveNiski
110ArgumentxxxxxxxpredictiveNiski
111ArgumentxxxxxxxpredictiveNiski
112ArgumentxxxxxxxpredictiveNiski
113Argumentxxxx/xxxxpredictiveMedium
114ArgumentxxxxxxpredictiveNiski
115ArgumentxxxxxpredictiveNiski
116ArgumentxxxpredictiveNiski
117Argumentxxx/xxxxx/xxxxx/xxxxxx/xxxx-xxxxpredictiveWysoki
118ArgumentxxxxxxxxpredictiveMedium
119Argumentxxxxxxxx-xxxx-xxpredictiveWysoki
120Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
121Argumentxxxx_xxpredictiveNiski
122Input Value-xpredictiveNiski
123Input ValuexxxxxxpredictiveNiski
124Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveWysoki
125Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveWysoki
126Input ValuexxxxxpredictiveNiski
127Input ValuexxxxxxpredictiveNiski
128Pattern|xx|predictiveNiski
129Network Portxxx/xx (xxx xxxxxxxx)predictiveWysoki
130Network Portxxx/xxxpredictiveNiski
131Network Portxxx xxxxxx xxxxpredictiveWysoki

Referencje (7)

The following list contains external sources which discuss the actor and the associated activities:

PoprzedniPrzeglądKolejny

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!