Data Exfiltration with DNS in SQLi attacks – Pentest Blog
Tags
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Dns Server - T1583.002 Dns Server - T1584.002 Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 97dcb6ba-8db1-40c8-acc0-e8e6e8c6ebc8 |
| Fingerprint | 37901b5565ba92f6 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 1, 2017, 3:47 p.m. |
| Added to db | Jan. 18, 2023, 10:07 p.m. |
| Last updated | Nov. 17, 2024, 12:55 p.m. |
| Headline | Data Exfiltration with DNS in SQLi attacks |
| Title | Data Exfiltration with DNS in SQLi attacks – Pentest Blog |
| Detected Hints/Tags/Attributes | 36/1/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://pentest.blog/data-ex-filtration-with-dns-in-sqli-attacks/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | dnstunnel.com |
|
| Details | Domain | 78 | attacker.com |
|
| Details | Domain | 1 | opendns.online |
|
| Details | File | 6 | master.db |
|
| Details | File | 1 | dbms_ldap.ini |
|
| Details | File | 1 | foobar.txt |
|
| Details | File | 55 | test.php |
|
| Details | IPv4 | 1 | 188.166.29.114 |
|
| Details | Url | 1 | http://188.166.29.114/test.php?uid=1 |