Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

AXON Attack Tracks - Spirent Knowledge Base

advertisement 
AXON Attack Tracks
Modified on: Wed, 7 May, 2014 at 9:26 am
There are 10 attack tracks available in AXON that will send attack traffic across a network.
These tracks can be very useful not only from a modeling perspective, but can also be used for
testing security devices and platforms.
ABSOLUTEXSS
Exploit: XSS – Cross Site Scripting
Attack Traffic: This attack sends an eTag query against an Apache server to retrieve
information and own (PwnT!) the Apache server, followed by a Cross Site Script (XSS) attack.
ACEFTP
Exploit: AceFTP Structured Exception Handler Vulnerability – Client Buffer Overflow
Attack Traffic: A malicious FTP server using the AceFTP Client Buffer Overflow exploit,
attacking the AceFTP client.
BEA WebLogic XSS
Exploit: XSS – Cross Site Scripting
Attack Traffic: A Cross Site Script (XSS) attack on a BEA Weblogic server.
BeagleAA
Exploit: Beagle WORM variant Beagle.AA, SMTP Mailer, Attachment as payload
Attack Traffic: The Beagle WORM, performing it’s SMTP role sending mass email it has
harvested.
Beautifier
Exploit: Beautifier is a web based CMS implemented in PHP. It is prone to a remote file include
vulnerability because it fails to properly sanitize user-supplied input to the ‘BEAUT_PATH’
parameter of ‘core.php’.
Attack Traffic: An Apache web server is being attacked, exploiting this issue to take over the
web server.
BrewBlogger SQL II
Exploit: SQL Injection
Attack Traffic: Takes advantage of a SQL injection vulnerability in printLog.php in
BrewBlogger (BB), that allows remote attackers to execute arbitrary SQL commands via the id
parameter.
BusMail
Exploit: SMTP Server – Buffer Overflow
Attack Traffic: Overly long SMTP commands are submitted from a client, resulting in loss of
availability for the service.
CesarFTP
Exploit: Buffer Overflow
Attack Traffic: CesarFTP is prone to a buffer-overflow vulnerability when handling data
through the MKD command. This track in an attack based on passing excessive data in an
attempt to overflow a finite-sized internal memory buffer. This issue may lead to a denial-ofservice condition or to the execution of arbitrary code.
CFNetwork DOS
Exploit: Malformed HTTP GET Request
Attack Traffic: Repeated GET HTTP requests that contain no URL being sent to a web server.
CodeRed II
Exploit: Buffer Overflow in IIS Indexing Service DLL
Attack Traffic: Code Red II attack using a long string on a Windows based IIS server to
overflow a buffer, followed by arbitrary code execution to infect the server.
Related documents
Damn Vulnerable web application
Damn Vulnerable web application
Class2.3
Class2.3
H.264 Rate Control
H.264 Rate Control
033-CompInvestI
033-CompInvestI
presentation - Institute for Security Technology Studies (ISTS)
presentation - Institute for Security Technology Studies (ISTS)
Powerpoint Slides
Powerpoint Slides
julian_PS3_Security... - Department of Computer and Information
julian_PS3_Security... - Department of Computer and Information
ppt
ppt
COMP 521 F10 Final Exam Review
COMP 521 F10 Final Exam Review
New Ways to Exploit Raw Data May Bring Surge of Innovation
New Ways to Exploit Raw Data May Bring Surge of Innovation
Stop Hacker Attacks at the OS Level
Stop Hacker Attacks at the OS Level
objectives-200812161255
objectives-200812161255
Download
advertisement