Name | Category | Info |
---|---|---|
GooglePlay Aug20 | Mobile | Google Play, formerly Android Market, is a digital distribution service operated and developed by Google. It serves as the official app store for devices running on Google certified Android operating system, allowing users to browse and download applications developed with the Android software development kit (SDK) and published through Google. | Kerberos V5 | Authentication | Kerberos is a computer-network authentication protocol that works using tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily as a client-server model. Kerberos uses mutual authentication: both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. This is a simulation of Kerberos authentication using WSA and wccp setup. |
Name | Category | Info |
---|---|---|
ClientSim Radius Access (over TCP) | Authentication | This simulates a ClientSim RADIUS ACCESS session over TCP with the client using the RADIUS PAP protocol to authenticate to the server. |
ClientSim Radius Accounting (over TCP) | Authentication | This simulates a ClientSim RADIUS ACCOUNTING session over TCP with the client using the RADIUS ACCOUNTING protocol. |
GooglePlay Aug20 | Mobile | Simulates the use of the Google Play Store on Android 9.0. A user opens the Google Play app, searches for an app, views an app and downloads it. |
Kerberos V5 Access Website through WSA | Authentication | This simulates a user accessing a website from the command line using Curl. Between the Client and Server machine there is a WSA (Web Security Appliance) which redirects the user to authenticate through a Kerberos ticket before reaching the server. After authentication, the client sends the request to the server, but the access to the website is blocked by the WSA as it is considered harmful. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
7.5 | E20-9xp41 | CVE-2020-17946CVSSCVSSv3URL | Exploits | A server-side template injection vulnerability that leads to remote code execution exists in vBulletin due to a logic bug in the patch for CVE-2019-16759. By exploiting it, a remote unauthenticated attacker may execute arbitrary code using server's PHP engine. | 6.8 | E20-0xgq1 | CVE-2019-8762CVSSCVSSv3GOOGLE-1916 | Exploits | This strike exploits a vulnerability that exists inside Apple Safari Webkit. An attacker can insert frame elements with an empty URL into a node to overflow the subframe counter. When this node is later removed, the subframes won't be detached. The attacker can also make a subframe "survive" a cross-origin page load. It is possible for the new document to inherit the security context of its parent document, which can be an arbitrary cross-origin page, while the contents will be attacker-controlled. |
Ticket | Info |
---|---|
ATIBPS-16856 | Fixed Strike E18-0ql21. The client now directly sends the malicious request to the server, instead of server sending the malicious POC to be executed. |