A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

   

**OpENer Version 2.3.0****Welcome to OpENer!**

OpENer is an EtherNet/IP™ stack for I/O adapter devices; supports multiple I/O and explicit connections; includes objects and services to make EtherNet/IP™- compliant products defined in THE ETHERNET/IP SPECIFICATION and published by ODVA (http://www.odva.org).

**Participate!**

Users and developers of OpENer can join the respective Google Groups in order to exchange experience, discuss the usage of OpENer, and to suggest new features and CIP objects, which would be useful for the community.

Developers mailing list: https://groups.google.com/forum/#!forum/eip-stack-group-opener-developers

Users mailing list: https://groups.google.com/forum/#!forum/eip-stack-group-opener-users

**Requirements:**

OpENer has been developed to be highly portable. The default version targets PCs with a POSIX operating system and a BSD-socket network interface. To test this version we recommend a Linux PC or Windows with Cygwin (http://www.cygwin.com) installed. You will need to have the following installed:

*   CMake
*   gcc
*   make
*   binutils
*   the development library of libcap (libcap-dev or equivalient)

for normal building. These should be installed on most Linux installations and are part of the development packages of Cygwin.

If you want to run the unit tests you will also have to download CppUTest via https://github.com/cpputest/cpputest

For configuring the project we recommend the use of a CMake GUI (e.g., the cmake-gui package on Linux, or the Installer for Windows available at CMake)

**Compile for Linux/POSIX:**

1.  Make sure all the needed tools are available (CMake, make, gcc, binutils)
2.  Change to the /bin/posix
3.  For a standard configuration invoke setup_posix.sh
    1.  Invoke the make command
        
    2.  Grant OpENer the right to use raw sockets via sudo setcap cap_net_raw+ep ./src/ports/POSIX/OpENer
        
    3.  Invoking OpENer:
        
        ./src/ports/POSIX/OpENer <interface_name>
        
        e.g. ./src/ports/POSIX/OpENer eth1
        

OpENer also now has a real-time capable POSIX startup via the OpENer\_RT option, which requires that the used kernel has the full preemptive RT patches applied and activated. If you want to use OpENer\_RT, instead of step 2, the sudo setcap cap_net_raw,cap_ipc_lock,cap_sys_nice+ep ./src/ports/POSIX/OpENer  has to be run to grant OpENEr CAP_SYS_NICE, CAP_IPC_LOCK, and the CAP_NET_RAW capabilities, needed for the RT mode

Shared library support has been added to CMakeLists file and is enabled by setting OPENER\_BUILD\_SHARED\_LIBS=ON. It has only been tested under Linux/POSIX platform.

**Compile for Windows XP/7/8 via Visual Studio:**

1.  Invoke setup\_windows.bat or configure via CMake
2.  Open Visual Studio solution OpENer.sln in bin/win32
3.  Compile OpENer by chosing Build All in Visual Studio
4.  For invoking OpENer type from the command line:
    1.  Change to \\bin\\win32\\src\\ports\\WIN32\\
        
    2.  Depending if you chose the Debug or Release configuration in Visual Studio, your executable will either show up in the subfolder Debug or Release
        
    3.  Invoke OpENer via
        
        OpENer <interface_index>
        
        e.g. OpENer 3
        

In order to get the correct interface index enter the command route print in a command promt and search for the MAC address of your chosen network interface at the beginning of the output. The leftmost number is the corresponding interface index.

**Compile for Windows XP/7/8/10 via Cygwin:**

The POSIX setup file can be reused for Cygwin. Please note, that you cannot use RT mode and you will have to remove the code responsible for checking and getting the needed capabilities, as libcap is not available in Cygwin. The easier and more supported way to build OpENer for Windows is to either use MinGW or Visual Studio.

In order to run OpENer, it has to be run as privileged process, as it needs the rights to use raw sockets.

**Compile for MinGW on Windows XP/7/8/10**

1.  Make sure 64 bit mingw is installed. (Test with gcc --version, should show x86\_64-posix-seh-rev1)
2.  Make sure CMake is installed. (Test with cmake --version, should be version 3.xx)
3.  Change to /bin/mingw
4.  Run the command setup_mingw.bat in a dos command line. (Not a bash shell). If tracing is desired, use the following (where the cmake parameter must be enclosed in quotes) or change the ./source/CMakeList.txt file.
    
        setup_mingw.bat "-DOpENer_TRACES:BOOL=TRUE"
        
    
5.  Run the command "make" from the same directory (./bin/mingw)
6.  The opener.exe is now found in \\bin\\mingw\\src\\ports\\MINGW
7.  Start it like this: "opener 192.168.250.22", where the ip address is the local computer's address on the nettwork you want to use.

**Directory structure:**

*   bin ... The resulting binaries and make files for different ports
*   doc ... Doxygen generated documentation (has to be generated for the SVN version) and Coding rules
*   data ... EDS file for the default application
*   source
    *   src ... the production source code
        *   cip ... the CIP layer of the stack
        *   cip\_objects ... additional CIP objects
        *   enet\_encap ... the Ethernet encapsulation layer
        *   ports ... the platform specific code
        *   utils ... utility functions
    *   tests ... the test source code
        *   enet\_encap ... tests for Ethernet encapsulation layer
        *   utils ... tests for utility functions

**Documentation:**

The documentation of the functions of OpENer is part of the source code. The source packages contain the generated documentation in the directory doc/api\_doc. If you use the GIT version you will need the program Doxygen for generating the HTML documentation. You can generate the documentation by invoking doxygen from the command line in the opener main directory.

**Fuzzing****Intro**

Fuzzing is an automated testing method that directs varying input data to a program in order to monitor output. It is a way to test for overall reliability as well as identify potential security bugs.

The fuzzer we are using is AFL, a fuzzer that uses runtime guided techniques to create input for the tested program. From a high-level prespective AFL works as follows:

*   Forks the fuzzed process
*   Genereates a new test case based on a predefined input
*   Feeds the fuzzed process with the test case through STDIN
*   Monitors the execution and registers which paths are reachable

**Compile**

To start fuzzing this project with AFL you'll need to compile it with AFL. First make sure you have AFL installed:

    sudo apt install build-essential
    wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz
    tar xzf afl-latest.tgz
    cd afl*
    make && sudo make install
    echo "AFL is ready at: $(which afl-fuzz)"
    
    

Then, compile OpENer with AFL:

1.  Change to the OpENer/bin/posix directory
2.  Compile OpENer with AFL ./setup_posix_fuzz_afl.sh
3.  Run make

**Fuzz**

Finally, generate some test cases and start AFL:

    # Generate inputs
    mkdir inputs
    echo 630000000000000000000000000000000000000000000000 | xxd -r -p > ./inputs/enip_req_list_identity
    # You can also use the inputs we prepared from OpENer/fuzz/inputs
    # Finally, let's fuzz!
    afl-fuzz -i inputs -o findings ./src/ports/POSIX/OpENer <interface_name>
    

**Reproduce a crash**

Usually to reproduce a crash it's enough to retransmit the testcase using cat testcase | nc IP_ADDR 44818 However, since CIP runs over the EtherNet/IP layer, it must first register a valid session. Therefore, we need to use a dedicated script: python fuzz/scripts/send_testcase.py IP testcase_path

**Porting OpENer:**

For porting OpENer to new platforms please see the porting section in the Doxygen documentation.

**Contributing to OpENer:**

The easiest way is to fork the repository, then create a feature/bugfix branch. After finishing your feature/bugfix create a pull request and explain your changes. Also, please update and/or add doxygen comments to the provided code sections. Please stick to the coding conventions, as defined in source/doc/coding\_rules The easiest way to conform to the indenting convertion is to set uncrustify as git filter in the OpENer repository, which can be done with the following to commands:

    git config filter.uncrustify.clean "/path/to/uncrustify/uncrustify -c uncrustify.cfg --mtime --no-backup"
    
    git config filter.uncrustify.smudge "cat"

CVE-2021-27500: GitHub - EIPStackGroup/OpENer: OpENer is an EtherNet/IP stack for I/O adapter devices. It supports multiple I/O and explicit connections and includes objects and services for making EtherNet/IP-compli

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.

**Get to Know MicroStrategy**

Our company vision is intelligence everywhere. Our analytics platform delivers answers, and gets results. Our entire company is committed to your success.

**Pilot Enterprise Analytics**

Quickly deploy consumer-grade BI experiences for every role, on any device, with the platform that provides sub-second response at enterprise scale.

**Make your applications intelligent with Embedded Analytics**

Deliver in-context insights and analysis in any application and on any device. 

**Drive more value with MicroStrategy Cloud    **

Drive digital transformation and scale with confidence.

**Success Stories**

Hear stories from our customers and partners about how they use MicroStrategy to be a more Intelligent Enterprise.

**Featured Customer: Sainsbury's**

Learn how leading UK retailer Sainsbury’s democratized its data to empower every colleague from the store floor to the C-suite, powered by MicroStrategy.

**Featured Customer: Schwarz Group**

Explore how Schwarz IT enables brands like Lidl and Kaufland to drive global business impact with an enterprise analytics strategy, powered by MicroStrategy.

**Featured Customer: NICE**

Discover how AI-powered innovation and cloud-native technologies help NICE deliver the world’s leading cloud CX platform, with data and analytics visualization from MicroStrategy.

**Find Solutions with MicroStrategy**

Build consumer-grade intelligence applications, empower users with data discovery, and seamlessly push content to employees, partners, and customers in minutes.

01:30

**Overview of the MicroStrategy Platform**

Discover the power of MicroStrategy, the modern, open, enterprise BI platform that delivers intelligence everywhere. Watch this overrview to learn everything you need to know.

37753 views · April 01, 2021

31:41

**Data Storytelling with Dossiers**

Did you know you can easily build no-code analytics applications with MicroStrategy Dossiers? In this session from MicroStrategy World 2022, experts introduced the art of data storytelling.

960 views · February 02, 2022

08:57

**Overview of MicroStrategy Mobile**

Watch the MicroStrategy team review how to integrate context-rich analytics and collaborative workflows with powerful no-code mobile applications. Learn more about traditional mobile applications from the MicroStrategy platform.

3727 views · September 22, 2020

06:27

**Trusted Data for Excel, BI Tools, and Data Science Tools**

Leverage the power of the industry's strongest semantic graph. Watch this to learn how MicroStrategy will help you get the most out of Excel and other BI applications. The tools you love, with data you can trust.

4052 views · September 22, 2020

**HyperIntelligence**

Deploy analytics beyond the analyst by injecting insights and actions into the applications and websites your people use every day.

00:44

**Introduction to HyperIntelligence**

With HyperIntelligence, deliver instant insights into your everyday applications with no code to make informed decisions and take action faster.

26031 views · November 18, 2019

**Embedded Intelligence**

Learn about MicroStrategy's #1 rated platform for Embedded Analytics.

01:00

**Make your Applications Intelligent with Embedded Analytics**

MicroStrategy’s #1-rated Embedded Analytics platform provides faster in-context insights and analysis in any application and on any device. Extend analytics into portals and applications, allowing users to take advantage of actionable insights in their day-to-day workflows.

1007 views · October 14, 2021

11:35

**Overview of MicroStrategy Embedded Analytics**

MicroStrategy is the industry leader for application development and embedded analytics. Watch this video to learn more about the functionality related to customization and embedded analytics.

4023 views · May 29, 2020

**Cloud Intelligence**

The fastest, most efficient way to run your Intelligent Enterprise.

03:01

**What to Expect From Your Cloud Migration**

"Learn how you’ll collaborate with our MicroStrategy experts to ensure easy and efficient migration to the cloud—in a matter of weeks with no disruption to your users. "

681 views · June 22, 2021

43:31

**Top Trends: The Future of Cloud Computing**

Explore the top cloud trends on the horizon and learn to leverage robust application and infrastructure security to ensure integrity across a robust suite of analytics applications.

81 views · February 02, 2022

**Resources**

**Partners**

16:23

**Exasol: Turbocharging the BI Stack**

This session showcases how to accelerate time to insights and how to future-proof your MicroStrategy environment by adding Exasol to your data stack.

40 views · February 10, 2022

CVE-2020-22984: Business Intelligence & Analytics Solutions

**Get to Know MicroStrategy**

Our company vision is intelligence everywhere. Our analytics platform delivers answers, and gets results. Our entire company is committed to your success.

**Pilot Enterprise Analytics**

Quickly deploy consumer-grade BI experiences for every role, on any device, with the platform that provides sub-second response at enterprise scale.

**Make your applications intelligent with Embedded Analytics**

Deliver in-context insights and analysis in any application and on any device. 

**Drive more value with MicroStrategy Cloud    **

Drive digital transformation and scale with confidence.

**Success Stories**

Hear stories from our customers and partners about how they use MicroStrategy to be a more Intelligent Enterprise.

**Featured Customer: Sainsbury's**

Learn how leading UK retailer Sainsbury’s democratized its data to empower every colleague from the store floor to the C-suite, powered by MicroStrategy.

**Featured Customer: Schwarz**

Explore how Schwarz IT enables brands like Lidl and Kaufland to drive global business impact with an enterprise analytics strategy, powered by MicroStrategy.

**Featured Customer: NICE**

Discover how AI-powered innovation and cloud-native technologies help NICE deliver the world’s leading cloud CX platform, with data and analytics visualization from MicroStrategy.

**Find Solutions with MicroStrategy**

Build consumer-grade intelligence applications, empower users with data discovery, and seamlessly push content to employees, partners, and customers in minutes.

01:30

**Overview of the MicroStrategy Platform**

Discover the power of MicroStrategy, the modern, open, enterprise BI platform that delivers intelligence everywhere. Watch this overrview to learn everything you need to know.

36959 views · April 01, 2021

31:41

**Data Storytelling with Dossiers**

Did you know you can easily build no-code analytics applications with MicroStrategy Dossiers? In this session from MicroStrategy World 2022, experts introduced the art of data storytelling.

927 views · February 02, 2022

08:57

**Overview of MicroStrategy Mobile**

Watch the MicroStrategy team review how to integrate context-rich analytics and collaborative workflows with powerful no-code mobile applications. Learn more about traditional mobile applications from the MicroStrategy platform.

3703 views · September 22, 2020

06:27

**Trusted Data for Excel, BI Tools, and Data Science Tools**

Leverage the power of the industry's strongest semantic graph. Watch this to learn how MicroStrategy will help you get the most out of Excel and other BI applications. The tools you love, with data you can trust.

4007 views · September 22, 2020

**HyperIntelligence**

Deploy analytics beyond the analyst by injecting insights and actions into the applications and websites your people use every day.

00:44

**Introduction to HyperIntelligence**

With HyperIntelligence, deliver instant insights into your everyday applications with no code to make informed decisions and take action faster.

25983 views · November 18, 2019

**Embedded Intelligence**

Learn about MicroStrategy's #1 rated platform for Embedded Analytics.

01:00

**Make your Applications Intelligent with Embedded Analytics**

MicroStrategy’s #1-rated Embedded Analytics platform provides faster in-context insights and analysis in any application and on any device. Extend analytics into portals and applications, allowing users to take advantage of actionable insights in their day-to-day workflows.

925 views · October 14, 2021

11:35

**Overview of MicroStrategy Embedded Analytics**

MicroStrategy is the industry leader for application development and embedded analytics. Watch this video to learn more about the functionality related to customization and embedded analytics.

3944 views · May 29, 2020

**Cloud Intelligence**

The fastest, most efficient way to run your Intelligent Enterprise.

03:01

**What to Expect From Your Cloud Migration**

"Learn how you’ll collaborate with our MicroStrategy experts to ensure easy and efficient migration to the cloud—in a matter of weeks with no disruption to your users. "

666 views · June 22, 2021

43:31

**Top Trends: The Future of Cloud Computing**

Explore the top cloud trends on the horizon and learn to leverage robust application and infrastructure security to ensure integrity across a robust suite of analytics applications.

79 views · February 02, 2022

**Resources**

**Partners**

16:23

**Exasol: Turbocharging the BI Stack**

This session showcases how to accelerate time to insights and how to future-proof your MicroStrategy environment by adding Exasol to your data stack.

39 views · February 10, 2022

By Jon Munshaw. 
Welcome to this week’s edition of the Threat Source newsletter. 
Mandatory multi-factor authentication is all the rage nowadays. GitHub just announced that all contributors would have to enroll in MFA by 2023 to log into their accounts. And Google announced as part of...


[[ This is only the beginning! Please visit the blog for the complete entry ]]

_By Jon Munshaw._ 

Welcome to this week’s edition of the Threat Source newsletter. 

Mandatory multi-factor authentication is all the rage nowadays. GitHub just announced that all contributors would have to enroll in MFA by 2023 to log into their accounts. And Google announced as part of World Password Day that it would soon be making MFA compulsory for all users.  

But is it too little, too late? 

Don’t get me wrong, MFA is one of the best first lines of defense for preventing a cyber attack or any other type of network intrusion. It comes up in pretty much every Talos blog post and Talos Takes episode I record.  

However, if we keep pushing off the deadline for making this step mandatory, it only gives attackers more time to catch up to us. Adversaries have already figured out ways to intercept MFA codes that are sent via SMS message, as. I talked about with Wendy Nather last year. 

And on the latest Beers with Talos episode, Nate Pors from Talos Incident Response talked about “prompt bombing” users, essentially annoying them to the point that they click “yes” on an MFA prompt and let a bad guy in.  

By the time MFA becomes mandatory on major sites and for some of our most important accounts on the internet, what other types of attacks will threat actors come up with to get around it. Already, one-time codes are starting to become out-of-fashion in favor of FIDO or certificate-based PKI authentication. Rather than adopting what should have been standard practice several years ago, is it time to start thinking about what the future of MFA is? 

It might be best for us to all look forward to zero-trust as our security future. It’s something the federal government is already looking at, but it goes without saying that things don’t happen quickly within the government at any level.  

In the meantime, everyone should work toward making MFA mandatory as quickly as possible. Yes, it can be a pain, but it will save many future headaches. If you do have MFA already, rely on app push notifications rather than SMS-based authentication. And, as always, user education is important. It should go without saying but tell users that unless they know they initiated an MFA push, they should never click on it. Even if it’s 3 a.m. 

**The one big thing **

The MustangPanda threat actor is breaking with what many would think to be protocol, and recently started targeting Russian organizations. MustangPanda has long thought to be a Chinese state-sponsored actor. Thus far in Russia’s invasion of Ukraine, China has been slow to criticize Russia and hasn’t taken part in many of the Western-backed sanctions levied against Russia over the past few months. This seems to break MustangPanda’s attack pattern, but also illustrates that this longstanding actor isn’t going anywhere.  

> **Why do I care? **
> 
> Over the years, Mustang Panda has evolved their tactics and implants to target a wide range of entities spanning multiple governments in three continents, including the European Union, the U.S., Asia and pseudo allies such as Russia. By using summit- and conference-themed lures in Asia and Europe, this attacker aims to gain as much long-term access as possible to conduct espionage and information theft. 
> 
> **So now what? **We’ll keep following MustangPanda’s choice of targets, especially as a continued wave of big game hunting ransomware attacks continues. They’ve shown that pretty much no one is off limits. We have new Snort rules available to protect users against the download and execution of their signature PlugX malware, plus many other forms of protection against their attacks and known exploits.  

**Other news of note**

A critical vulnerability in F5’s BIG-IP software is being exploited actively in the wild, taking the security community by storm. BIG-IP is a line of appliances that act as load balancers, firewalls, and can inspect and encrypt data going in and out of networks. This particular vulnerability has a severity score of 9.8 out of 10, but what’s more notable is that there are more than 16,000 instances of this software discoverable online, and it’s used by some of the world’s largest companies. This software has a close proximity to network perimeters and often looks at the decrypted version of HTTPS-protected traffic, so if an attacker exploits this, it opens several avenues for further attacks.  (Talos blog, ZDNet, Ars Technica) 

Multiple Western governments publicly blamed Russian state-sponsored actors for launching a cyber attack against an American satellite communications company in the weeks leading up to Russia’s invasion of Ukraine. The E.U., U.K. and U.S. all released separate reports saying attackers hit the European networks belonging to Viasat, just as the invasion started on Feb. 24. A statement from the U.S. State Department said “The activity disabled very small aperture terminals in Ukraine and across Europe” that, “among other things, support wind turbines and provide Internet services to private citizens.” (State Department, NBC News) 

Microsoft released more than 70 vulnerabilities as part of its weekly security update. May’s Patch Tuesday includes fixes for seven “critical” flaws, as well as a zero-day vulnerability that affects all supported versions of Windows. There’s also a vulnerability in the Magnitude Simba Amazon Redshift ODBC Driver that affects the Windows self-hosted integration runtime service. Adobe also issued five security bulletins on Tuesday, covering 18 vulnerabilities across Adobe CloudFusion, InDesign, Character Animator, Framemaker and other software. However, none of these issues have been actively exploited in the wild, according to Adobe. (Talos blog, Adobe) 

**Can’t get enough Talos? **

*   Celebrating 20 years of ClamAV
*   Bitter APT adds Bangladesh to their targets
*   Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service
*   Talos Incident Response added to German BSI Advanced Persistent Threat response list
*   Threat Roundup for April 29 - May 6

  

**Upcoming events where you can find Talos ****NorthSec 2022 (May 19 – 20, 2022)  
Montreal, Canada ****REcon (June 3 – 5, 2022)  
Montreal, Canada ****RSA 2022 (June 6 – 9, 2022)  
San Francisco, California ****Cisco Live U.S. (June 12 – 16, 2022)  
Las Vegas, Nevada ****Most prevalent malware files from Talos telemetry over the past week  **

**SHA 256:** e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934  **MD5:** 93fefc3e88ffb78abb36365fa5cf857c  **Typical Filename:** Wextract    
**Claimed Product:** Internet Explorer    
**Detection Name:** PUA.Win.Trojan.Generic::85.lp.ret.sbx.tg  

**SHA 256:** a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91   **MD5:** 7bdbd180c081fa63ca94f9c22c457376  **Typical Filename:** c0dwjdi6a.dll    
**Claimed Product:** N/A   **Detection Name:** Trojan.GenericKD.33515991  

**SHA 256:** 1b94aaa71618d4ecba665130ae54ef38b17794157123675b24641dc85a379426    
**MD5:** a841c3d335907ba5ec4c2e070be1df53  **Typical Filename:** chip 1-click installer.exe    
**Claimed Product:** chip 1-click installer     
**Detection Name:** Win.Trojan.Generic::ptp.cam  

**SHA 256:** 59f1e69b68de4839c65b6e6d39ac7a272e2611ec1ed1bf73a4f455e2ca20eeaa   **MD5:** df11b3105df8d7c70e7b501e210e3cc3   **Typical Filename:** DOC001.exe   **Claimed Product:** N/A     
**Detection Name:** Win.Worm.Coinminer::1201  

**SHA 256:** e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c  **MD5:** a087b2e6ec57b08c0d0750c60f96a74c  **Typical Filename:** AAct.exe    
**Claimed Product:** N/A    **Detection Name:** PUA.Win.Tool.Kmsauto::1201

Threat Source newsletter (May 12, 2022) — Mandatory MFA adoption is great, but is it too late? 

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.

Drive

Anmelden

Drive

Name

os command injection 1 .png

os command injection 2.png

os command injection 2.txt

Keine Dateien in diesem Ordner.Melden Sie sich an, um diesem Ordner Dateien hinzuzufügen.

CVE-2022-29303: os command injection POC – Google Drive

Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

**Description**

The Organizr application allows large characters to insert in the input field "Username" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

**Proof of Concept**

1.Sign up to the application, capture the request in burp suites, and send it to Repeater.

2.After the &username= parameter put the payload mentioned on this link:- https://drive.google.com/file/d/1PBd3aXwKOL8uinLG7FJsn-8ldQceW4Zb/view?usp=sharing

3.Now press go and you will see the JWT token also get generated as the same size as the user input.

**Video PoC**

    https://drive.google.com/file/d/1su5IYU3GwUBCMX6SP_Ur-u2uxXXPh6cT/view?usp=sharing
    

**Impact**

This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

CVE-2022-1699: Uncontrolled Resource Consumption in organizr

Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

**Description**

The Organizr application allows to sending a very long password (10000000 characters) it's possible to cause a denial of service attack on the server. This may lead to the website becoming unavailable or unresponsive. Usually, this problem is caused by a vulnerable password hashing implementation. When a long password is sent, the password hashing process will result in CPU and memory exhaustion.

**Proof of Concept**

1.Sign up to the application, capture the request in burp suites, and send it to Repeater.

2.Copy the payload from this link:- https://drive.google.com/file/d/11AwLp8Ae1\_eJqGb44W9QJDtPmVw-1RSQ/view?usp=sharing and paste on password parameter and send go.

3.You will see that the application allows long passwords this can leads to Dos and can exploit as DDos

**Video PoC**

    https://drive.google.com/file/d/1V_ZoXRJGkF7XSGdXJ4yPKRtQoxeTDyFe/view?usp=sharing
    

**Impact**

This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

Tag

#google