| Name | Category | Info |
|---|---|---|
| Epic Games Launcher Mar 2023 | Games | The Epic Games Launcher is a storefront for games. |
| Microsoft SharePoint Mar23 | Enterprise Applications | SharePoint is a web-based collaborative enterprise application provided as part of Microsoft Office 365 suite. Launched in 2001, SharePoint is primarily sold as a document management and storage system, but the product is highly configurable and its usage varies substantially among organizations. |
| Verse by Verse Mar 2023 | Social Networking/Search | Verse by Verse is an experimental Google Large Language Model (LLM) application that helps to compose poetry inspired by classic American poets. |
| Name | Category | Tags | Info |
|---|---|---|---|
| Epic Games Launcher Mar 2023 | Games | Streaming Web SimulatedTLS |
The Epic Games Launcher is a storefront for games. This simulates the scenario when a user opens Epic Games Launcher, visits library, creates a library, visits store and adds a game to cart. |
| Microsoft SharePoint Mar23 | Enterprise Applications | Data Transfer/File Sharing Storage HTTP/2 |
Simulates the use of Microsoft SharePoint as of March 2023, where the user gets the home page, opens the Documents section, and performs actions like upload, download and sync on a document. |
| Microsoft SharePoint Mar23 Bandwidth | Enterprise Applications | Data Transfer/File Sharing Storage HTTP/2 |
Simulates the use of Microsoft SharePoint as of March 2023, where the user downloads a document from SharePoint. |
| Microsoft SharePoint Mar23 Upload Document | Enterprise Applications | Data Transfer/File Sharing Storage HTTP/2 |
Simulates the use of Microsoft SharePoint as of March 2023, where the user gets the home page, opens the Documents section, and uploads a document. |
| Microsoft SharePoint Mar23 Sync Document | Enterprise Applications | Data Transfer/File Sharing Storage HTTP/2 |
Simulates the use of Microsoft SharePoint as of March 2023, where the user gets the home page, opens the Documents section, and syncs the changes on a document. |
| SMBv2 Generated File Download | Data Transfer/File Sharing | This simulates a SMBv2 session where the client authenticates and connects to the server to request a file of desired type to download. | |
| Verse by Verse HAR Replay HTTP/2 over TLS1.2 | Social Networking/Search | Productivity AI HARSimulated HTTP/2 |
Verse by Verse is an experimental Google Large Language Model (LLM) application that helps to compose poetry inspired by classic American poets. This is a simulation based on the HAR collected from the Verse by Verse web application as of March 2023 including different user actions like loading the home page and writing a poem. Here all the HTTP transactions are replayed in HTTP/2 over TLS1.2. |
| Verse by Verse HAR Replay HTTP/2 over TLS1.3 | Social Networking/Search | Productivity AI HARSimulated HTTP/2 |
Verse by Verse is an experimental Google Large Language Model (LLM) application that helps to compose poetry inspired by classic American poets. This is a simulation based on the HAR collected from the Verse by Verse web application as of March 2023 including different user actions like loading the home page and writing a poem. Here all the HTTP transactions are replayed in HTTP/2 over TLS1.3. |
| Verse by Verse Mar 2023 | Social Networking/Search | AI HTTP/3 SimulatedTLS |
Verse by Verse is an experimental Google Large Language Model (LLM) application that helps to compose poetry inspired by classic American poets. This is a simulation of Verse by Verse web application as of March 2023 including different user actions like loading the home page and writing a poem. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E23-1m311 | CVE-2023-0669CVSSCVSSv3CWE-502URL | Exploits | This strike exploits an insecure deserialization vulnerability in Fortra GoAnywhere MFT. The vulnerability is due to insufficient validation of user-supplied data sent to the License Response Servlet exposed on the administrative interface. The attacker submits a request to the License Response Servlet running on the target server containing an encoded and encrypted crafted serialized object. A remote, unauthenticated attacker could exploit the vulnerability by sending crafted requests to the target server. Successful exploitation can result in arbitrary code execution under the security context of SYSTEM or root. |
| 10.0 | E23-ggfo1 | CVE-2023-21716CVSSCVSSv3CWE-119URL | Exploits | This strike exploits a heap corruption vulnerability in the Microsoft Word. The vulnerability is due to improper input validation while parsing the font table of RTF documents. A remote attacker can exploit this vulnerability by enticing a target user into opening a crafted RTF file in Microsoft Word. Successful exploitation might result in the execution of arbitrary code under the security context of the target user. Note: The file transferred in this strike just crashes Microsoft Word. |
| 10.0 | E23-gj2o1 | CVE-2023-25136CVSSCVSSv3CWE-415URL | Exploits | This strike exploits a double free vulnerability in the OpenSSH server sshd. The vulnerability is due to insufficient validation on user provided data. A remote attacker can exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could result in denial of service. |
| 8.3 | E23-estk1 | CVE-2022-44456CVSSCVSSv3CWE-78 | Exploits | This strike exploits a vulnerability in the Contec CONPROSYS HMI system. A vulnerability exists due to insufficient sanitation when parsing JSON object and will be triggered when the attacker parses the JSON object with the injected escape character, which allows remote code execution to occur in the context of the web server. |
| 7.8 | E23-gin81 | CVE-2023-24580CVSSCVSSv3CWE-400 | Exploits | This strike exploits a denial of service vulnerability in Django. The vulnerability is due to resource exhaustion when parsing a large number of files in multipart/form-data requests. When there are more open files than allowed, an unhandled "too many open files" exception arises, which leads to an abrupt process termination due to resource exhaustion and a denial of service condition. A remote attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could result in denial of service conditions on the target server. |
| 7.2 | E23-envg1 | CVE-2022-38044CVSSCVSSv3CWE-680URL | Exploits | This strike exploits a remote code execution vulnerability in the Microsoft Windows CDFS driver. The vulnerability is due to improper handling of the data inside an ISO file. A remote attacker can exploit this vulnerability by enticing a target user to opening a crafted file. Successful exploitation could result in the execution of arbitrary code in the kernel. *Note : The zipped ISO file transferred in this strike, when unzipped and mounted, and file 'x' inside the mounted drive, when opened, result in the Blue Screen of Death (BSOD) condition. |
| 6.4 | E23-gg7u1 | CVE-2023-21434CVSSCVSSv3CWE-20URL | Exploits | This strike exploits a JavaScript execution vulnerability in the Samsung Galaxy App store. The vulnerability is due to insufficient input validation in the 'com.sec.android.app.samsungapps.deeplink.CloudGameDeepLink' class of the app. This can exploited both remotely and locally. A remote attacker can serve a malicious web page containing the malicious Intent URI call which if the victim clicks leads to opening of the galaxy store app which can then lead to execution of arbitrary JavaScript pulled from an attacker controlled domain. Locally any installed rogue application can do the same by triggering the same intent call from within the app. *NOTE : This strike covers the remote version of the attack where a server sends a HTML file containing the malicious intent call. |
| 5.2 | E23-gg7t1 | CVE-2023-21433CVSSCVSSv3CWE-285URL | Exploits | This strike exploits an Improper access control vulnerability in the Samsung Galaxy App store. The vulnerability is due to the Samsung Galaxy App Store not handling incoming intents properly. A remote attacker with ADB (Android Debug Bridge) access to the victim phone can trigger intent calls to have the vicitim automatically download any app of choice from the Galaxy App Store. Locally any installed rogue application can do the same by issuing crafted java commands. *NOTE : This strike covers the remote version of the attack where intent calls are made over ADB. |
| Component | Info |
|---|---|
| Apps | Fixed the token support issue in P-GW Pilot Packet app. |
| Security | Fixed an issue for Strike E14-66a01. |
| Security | Fixed an issue where certain strike artifacts had debug information removed. |
| Component | Info |
|---|---|
| Apps | Added support for configurable file generator action to SMB app functioning similar to HTTP file generators. Incorporated with multiple channel support in both SMB versions. |
| Apps | Added maximum number of hosts for superflows: Bandwidth HAR Replay HTTP1.1 over TLS1.2, Bandwidth HAR Replay HTTP1.1 over TLS1.3, ChatGPT HAR Replay over TLS1.2.. |