Catch me if you can: detection of injection exploitation by validating query and API integrity
Common Information
| Type | Value |
|---|---|
| UUID | 434814bd-4029-4edb-aaee-8e7d79a859fe |
| Fingerprint | f02fc6acb132a8178ae3f887657852cf8d59936c5eb6d6e92c02bcc93abdd110 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Nov. 5, 2019, 12:35 p.m. |
| Added to db | April 18, 2024, 10:56 a.m. |
| Last updated | Aug. 31, 2024, 1:16 a.m. |
| Headline | Catch me if you can: detection of injection exploitation by validating query and API integrity |
| Title | Catch me if you can: detection of injection exploitation by validating query and API integrity |
| Detected Hints/Tags/Attributes | 49/2/42 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 247 | www.virusbulletin.com |
|
| Details | Domain | 2 | prismosystems.com |
|
| Details | Domain | 12 | server.com |
|
| Details | Domain | 57 | www.owasp.org |
|
| Details | Domain | 360 | attack.mitre.org |
|
| Details | Domain | 145 | www.us-cert.gov |
|
| Details | Domain | 1 | ckarande.gitbooks.io |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 180 | readme.md |
|
| Details | Domain | 1 | esprima.org |
|
| Details | Domain | 1 | zanon.io |
|
| Details | Domain | 55 | cwe.mitre.org |
|
| Details | Domain | 222 | www.blackhat.com |
|
| Details | Domain | 1 | www.rubydoc.info |
|
| Details | 2 | rmani}@prismosystems.com |
||
| Details | File | 55 | test.php |
|
| Details | File | 1 | kral.php |
|
| Details | File | 2 | connection.exe |
|
| Details | File | 12 | app.php |
|
| Details | File | 1206 | index.php |
|
| Details | File | 1 | a1_-_sql_and_nosql_injection.html |
|
| Details | File | 1 | 643.html |
|
| Details | File | 1 | bh-eu-08-alonso-parada-wp.pdf |
|
| Details | File | 1 | rubydoc.inf |
|
| Details | Github username | 1 | lfi |
|
| Details | Github username | 1 | rse |
|
| Details | MITRE ATT&CK Techniques | 542 | T1190 |
|
| Details | Url | 1 | http://x.x.x.x:8000/test.php?fi |
|
| Details | Url | 1 | http://server.com/app.php?year= |
|
| Details | Url | 1 | http://server.com/app.php?year=2015 |
|
| Details | Url | 1 | https://www.owasp.org/index.php/top_10-2017_top_10. |
|
| Details | Url | 3 | https://attack.mitre.org/techniques/t1190/. |
|
| Details | Url | 1 | https://attack.mitre.org/software/s0225/. |
|
| Details | Url | 1 | https://www.us-cert.gov/ncas/alerts/ta15-314a. |
|
| Details | Url | 1 | https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial |
|
| Details | Url | 1 | https://github.com/lfi |
|
| Details | Url | 1 | http://esprima.org |
|
| Details | Url | 1 | https://zanon.io/posts/nosql-injection-in-mongodb. |
|
| Details | Url | 1 | https://cwe.mitre.org/data/defi |
|
| Details | Url | 1 | https://github.com/rse/json-asty. |
|
| Details | Url | 4 | https://www.blackhat.com |
|
| Details | Url | 1 | https://www.rubydoc.info/github/ruby-ldap/ruby-net-ldap/net/ldap |