ioc[.]one - OSINT Cyber Threat Intelligence Database

A Glossary of Blind SSRF Chains

Tags

attack-pattern:

Data Confluence - T1213.001 Credentials - T1589.001 Cron - T1053.003 Dns - T1071.004 Dns - T1590.002 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	f9be1678-661c-4e1b-a117-135f5e50eebf
Fingerprint	a43b5d046e72d981
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 13, 2021, midnight
Added to db	Jan. 18, 2023, 8:14 p.m.
Last updated	Nov. 17, 2024, 6:50 p.m.
Headline	A Glossary of Blind SSRF Chains
Title	A Glossary of Blind SSRF Chains
Detected Hints/Tags/Attributes	76/1/65

Source URLs

	Redirection	Url
Details	Source	https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/

URL Provider

Details	Provider	Source level domain
Details	assetnote.io	blog.assetnote.io

Attributes

Details	Type	#Events	Value
Details	CVE	17	cve-2021-40438
Details	CVE	3	cve-2014-4210
Details	CVE	27	cve-2020-14883
Details	CVE	80	cve-2021-26084
Details	CVE	4	cve-2017-9506
Details	CVE	2	cve-2019-8451
Details	CVE	4	cve-2020-35476
Details	CVE	7	cve-2018-1000600
Details	CVE	1	cve-2020-5412
Details	CVE	2	cve-2019-6715
Details	CVE	2	cve-2020-13379
Details	Domain	1	livestats.target.com
Details	Domain	1	internal-es-livestats-298228113.us-west-2.elb.amazonaws.com
Details	Domain	339	system.net
Details	Domain	1	firzen.de
Details	Domain	103	target.com
Details	Domain	78	attacker.com
Details	Domain	831	example.com
Details	Domain	32	schemas.xmlsoap.org
Details	Domain	150	www.w3.org
Details	Domain	24	website.com
Details	Domain	138	java.io
Details	Domain	16	burpcollaborator.net
Details	Domain	9	orange.tw
Details	Domain	5	tw.orange
Details	Domain	1	proxy.stream
Details	Domain	454	www.google.com
Details	Domain	20	ajax.googleapis.com
Details	File	1	livestats.tar
Details	File	19	system.xml
Details	File	1	searchpublicregistries.jsp
Details	File	31	schemas.xml
Details	File	5	bea.core
Details	File	10	poc.xml
Details	File	34	net.url
Details	File	1	jboss.sys
Details	File	12	jenkinsci.pl
Details	File	5	github.config
Details	File	2	sns.php
Details	File	2	minify.php
Details	File	1	'.css
Details	File	71	shell.php
Details	File	37	1.php
Details	IPv4	1	10.0.0.82
Details	IPv4	619	0.0.0.0
Details	IPv4	1	0.9.2.6
Details	IPv4	1441	127.0.0.1
Details	IPv4	1	172.19.23.228
Details	IPv4	1	192.168.189.208
Details	IPv4	4	192.168.10.12
Details	Url	1	https://firzen.de/building-a-poc-for-cve-2021-40438.
Details	Url	1	http://target.com/uddiexplorer/searchpublicregistries.jsp?operator=http:
Details	Url	1	http://attacker.com:4000/exp
Details	Url	10	http://schemas.xmlsoap.org/soap/encoding
Details	Url	22	http://www.w3.org/2001/xmlschema
Details	Url	24	http://schemas.xmlsoap.org/soap/envelope
Details	Url	50	http://www.w3.org/2001/xmlschema-instance
Details	Url	1	http://ssrf_canary/poc.xml
Details	Url	1	http://ssrf_canary/solr/collection/config#&stream.body
Details	Url	1	http://ssrf_canary/result=".concat
Details	Url	1	http://ssrf_canary/utils/cmd.war
Details	Url	1	http://jenkins.internal/descriptorbyname/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.securegroovyscript/checkscript?sandbox=true&value=
Details	Url	54	http://www.google.com
Details	Url	2	https://ajax.googleapis.com
Details	Url	1	http://localhost:9121/scrape?target=redis://127.0.0.1:7001