2024.01
Features/Enhancements
New Features
- Phishing Impact Test is now live in NodeZero! This feature is crafted to help you gauge and comprehend the impact of successful phishing campaigns within your organization, starting with the employees most susceptible to phishing.
- Attack Path Enhancements now include a Vertical Display option, along with Concise/Detailed views. These improvements aim to provide a clearer narrative of your security posture, emphasizing critical impacts and weaknesses.
- External Asset Discovery has been updated to assist in identifying the status and warnings for discovered hosts that may not be authorized for pentesting.
New Attack Content
- Ivanti Connect Secure VPN: Authentication Bypass (CVE-2023-46805) and Remote Code Execution (CVE-2024-21887) vulnerabilities have been added.
- Fortra GoAnywhere MFT Authentication Bypass (CVE-2024-0204). For more details, see our blog post.
- Apache OFBiz Remote Code Execution Vulnerability (CVE-2023-51467).
- Jenkins CLI Vulnerability: An arbitrary file read through the CLI can lead to RCE (CVE-2024-23897).
- Confluence Data Center and Server RCE (CVE-2023-22527). For additional information, see our blog post.
- Added checks for 21 vulnerabilities from the CISA KEV list.
- A suite of new Azure, Azure AD, and MS Entra AD Connect enumerations enhance NodeZero's capabilities in cloud and hybrid-cloud environments.
Updates & Improvements
- Attack Path Improvements: New toggle buttons for attack graphs, vertical attack path display, and options for detailed or concise attack path narratives.
- 1-Click Verify Documentation: Now available to streamline verification processes.
- New Filters in Tables: Added "Filter by Injected Creds" & "Filter by Phished Creds" in the Impacts, Weaknesses, and Credentials tables.
- Summary Page Enhancements: Now displays injected and phished credentials for a comprehensive view.
Fixed Bugs
- Zmap Upgrade: Moved to version 3.0.0 to diminish errors that could disrupt the scope_discovery module in certain operations.
- Nuclei Template for CVE-2020-10770: Enhanced to reduce false positives.
- Azure ADConnect: Excluded Azure ADConnect AD Service Account from weakness H3-2023-0030 consideration.
- Azure Refresh Tokens Verification: Rectified the module responsible for verifying Azure Refresh Tokens.
- EDR Interference with RAT: Addressed an issue where EDRs blocking RAT's process list retrieval resulted in Data nodes without resource IDs.
- Implant RCE Module: Fixed retry mechanism in some failure scenarios.
- Payload Echoing by Printers/Servers: Adjustments made to mitigate false positives based on header checks.
- AWS boto3 Commands: Updated commands for creating public S3 buckets.
- Httpx Scanning on Port 9103: Resolved an issue causing printers to print gibberish.
- Attack Path Renderings: Corrections made for weakness H3-2022-0086.
- Host Discovery: Implemented fingerprint-based deduplication to refine host discovery accuracy.