| Ticket | Info |
|---|---|
| US79120 | New features added to SMB OneArm testing engine allowing multiple subsequent incomplete SMB sessions being negotiated between the client and the server. This feature is especially useful when testing strike D17-m8lf1 in OneArm mode. |
| US79580 | 'BreakingPoint Linkedin_1301' super flow is superseded by two new LinkedIn super flows: - BreakingPoint LinkedIn Dec17 Manage Connections - BreakingPoint LinkedIn Dec17 Send Message |
| Name | Category | Info |
|---|---|---|
| ADP Dec17 | Enterprise Applications | ADP website is the main portal for the services and software provided by ADP LLC - a provider of human resources management for businesses, for example, pay roll and tax, benefits administration, talent management, etc. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| DocuSign Dec17 | Enterprise Applications | DocuSign provides electronic signature technology and digital transaction management services for facilitating electronic exchanges of contracts and signed documents. DocuSign's features include authentication services, user identity management and workflow automation. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Confluence Nov17 | Enterprise Applications | Confluence is a content collaboration tool developed by Atlassian. User can create and share documents in the form of Wiki pages; organize them under different spaces and projects; and manage the access to them. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| GoDaddy Nov17 | Enterprise Applications | GoDaddy is a website that provides services for domain name registration, website building and web hosting. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| DropBox Nov17 | Data Transfer/File Sharing | The use of the Dropbox website as of November 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| WebEx Dec17 | Voice/Video/Media | WebEx audio/video meeting with content sharing and chat. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| LinkedIn Dec17 | Social Networking/Search | LinkedIn is a social networking website used for professional networking, including employers posting jobs and job seekers posting their CVs. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Name | Category | Info |
|---|---|---|
| ADP Login Pages | Enterprise Applications | The user performs the following actions - loads the ADP main page; clicks the 'user logins' button for general login information; then clicks the 'All users logins' tab; finally clicks the 'Employee Login' button. |
| DocuSign Access Website Dec17 | Enterprise Applications | Simulates a user that explores the services and facilities displayed on the DocuSign website. |
| Confluence Space and Page Operations Nov17 | Enterprise Applications | The user performs the following actions - loads and signs in to pre-configured Atlassian site with user's email and a password; creates a new Confluence space; creates a page using blank template and publishes it; writes comments to the created page; edits the page by inserting an image file; deletes created page; checks the details of the space; deletes the space; finally user logs out. |
| Confluence Space Operations Nov17 | Enterprise Applications | The user performs the following actions - loads and signs in to pre-configured Atlassian site with user's email and a password; creates a new Confluence space; checks the details of the space; deletes the space; then logs out. |
| GoDaddy Manage Account Details and Products Nov17 | Enterprise Applications | Simulates a user that manages account settings such as payment methods and uses the help section to contact support. |
| GoDaddy Shop for Domain Names Nov17 | Enterprise Applications | Simulates a user that searches and shops for domain names. |
| GoDaddy Use Website Builder Tool Nov17 | Enterprise Applications | Simulates the use of Website Builder tool by creating and publishing a basic website. |
| DropBox Nov 17 | Data Transfer/File Sharing | The use of the Dropbox website as of November 2017. All of the available actions for this flow are exercised. |
| DropBox Nov 17 Sync File | Data Transfer/File Sharing | The use of the Dropbox website as of November 2017. User creates a new folder, upload and download files. |
| WebEx Meeting | Voice/Video/Media | Simulates a user that searches for another LinkedIn user to connect to, sends a connect request, then browses their connections and views the profile of one connection. |
| LinkedIn Dec17 Manage Connections | Social Networking/Search | Enter WebEx, start a meeting, use audio and video, share content, chat and then sign out. |
| LinkedIn Dec17 Send Message | Social Networking/Search | Simulates a user that composes and sends a message to one of their connections. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E17-3egr1 |
BID-101868 CVE-2017-12635 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a remote privilege escalation vulnerability in Apache CouchDB. The vulnerability is due to insufficient validation of user-supplied JSON objects. Successful exploitation will allow an attacker to create an administrative account within CouchDB. |
| 7.8 | D17-m8lf1 |
BID-95318 CVE-2017-0004 CVSS-7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C) SECURITYTRACKER-1037571 URL |
Denial | This strike exploits a Denial of Service vulnerability in Microsoft Windows LSASS Authentication. The vulnerability can be triggered by sending a crafted SMB request to the target system. By exploiting this vulnerability, an attacker could cause a reboot of the target server. |
| 7.5 | E17-fdcp1 |
CVE-2015-2825 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-34922 EXPLOITDB-36374 EXPLOITDB-36640 URL |
Exploits | This strike exploits a series of file upload vulnerabilities in different Wordpress Plugins targeted by recently published XAttacker Tool. The common issue is the lack of sanitization of the user-uploaded files in the components in charge of handling files upload queries. . By exploiting this vulnerabilities, an unauthenticated attacker can run arbitrary code by uploading files on the server and execute them. |
| 7.5 | E17-0uu91 |
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-37166 EXPLOITDB-39969 URL |
Exploits | This strike exploits one of the file upload vulnerabilities present in some Wordpress Plugins targeted by recently published XAttacker Tool. The main issue is the lack of sanitization of the user-supplied files by the components in charge of handling files upload queries. By exploiting these vulnerabilities, an unauthenticated attacker can run arbitrary code by uploading files on the server and execute them. |
| 7.5 | E17-madc1 |
CVE-2017-16943 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SECURITYTRACKER-1039872 URL |
Exploits | This strike exploits a use after free vulnerability in Exim when it parses mail header. The vulnerability is due to an invalid BDAT command with chunk-size parameter containing non-printable characters. A remote attacker can connect to the SMTP service and send a crafted BDAT command to trigger a use-after-free memory error in the ESMTP CHUNKING extension and execute arbitrary code on the target system. |
| 6.8 | E17-0f7s1 |
BID-100610 CVE-2017-5112 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-740603 |
Exploits | This strike exploits a vulnerability in Google Chrome. Specifically, the vulnerability exists within the WebGL2 library's ReadPixels function. It is possible to craft javascript in such a way that when the rows of pixel data of a webgl2 canvas are read and copied to an offset with the PACK_SKIP_ROWS parameter, a heap buffer overflow can occur. This can cause a denial of service or potentially lead to remote code execution. |
| 6.0 | E17-3hkv1 |
BID-101760 CVE-2017-16671 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | This strike exploits a buffer overflow vulnerability in Digium Asterisk. The contents of the X-ClientCode parameter are copied to a fixed-length buffer without validation. An attacker can send a specially constructed SIP request to exploit this vulnerability. Successful exploitation may result in arbitrary code execution or abnormal program termination. |
| 5.0 | D17-3hsg1 |
CVE-2017-16944 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) EXPLOITDB-43184 URL |
Denial | This strike exploits a Denial of Service vulnerability in Exim when it parses mail header. The vulnerability is due to improper parsing of invalid BDAT commands. A remote attacker can connect to the SMTP service and send crafted BDAT commands to lead to DoS attack. |
| 5.0 | D17-3gzo1 |
BID-101600 CVE-2017-15908 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) URL |
Denial | This strike exploits an infinite loop denial of service vulnerability in systemd resolved. When resolving DNS responses with NSEC resource records, the bitmap field is processed one bit at a time, using a bitmask value to pull out the individual bits. However, if a bit representing a pseudo RR type is set, resolved will fail to increment the bitmask value, resulting in an infinite loop. An attacker could send specially crafted DNS responses to trigger infinite loops, potentially causing excessive resource usage, resulting in a denial of service condition. |
| 3.5 | E17-3dtz1 |
BID-101136 CVE-2017-11815 CVSS-3.5 (AV:N/AC:M/AU:S/C:P/I:N/A:N) SECURITYTRACKER-1039528 URL |
Exploits | This strike exploits an Information Disclosure vulnerability in Windows SMB Server. The vulnerability can be triggered by sending a crafted request to the target system. By exploiting this vulnerability, an attacker could obtain information which may be used to facilitate further attacks. NOTE: When run in OneArm mode, the strike requires \Users\Public to be shared and write access enabled for Anonymous account. |