In accordance with the industry standard for vulnerability disclosures, NSS Labs is now publishing information previously withheld from the 2018 Next Generation Firewall Group Test reports.
Test ID | NGFW Resiliency Testcases |
es-null-001 | Base exploit |
res-null-001-q | Base exploit; Alternate ports |
res-nullch-001 | Base exploit; chunked |
res-nullcg-001 | Base exploit; chunked and gzip compressed |
res-wsp-001 | Both spaces and linefeeds replaced with 31 of each |
res-wspch-001 | Both spaces and linefeeds replaced with 31 of each; chunked |
res-wspcg-001 | Both spaces and linefeeds replaced with 31 of each; chunked and gzip compressed |
res-ren-001 | Procedures and variables renamed |
res-rench-001 | Procedures and variables renamed; chunked |
res-rencg-001 | Procedures and variables renamed; chunked and gzip compressed |
res-mth-001 | Numeric values/equations modified and/or inserted; hexadecimal values replaced with decimal values |
res-mthch-001 | Numeric values/equations modified and/or inserted; hexadecimal values replaced with decimal values; chunked |
res-mthcg-001 | Numeric values/equations modified and/or inserted; hexadecimal values replaced with decimal values; chunked and gzip compressed |
res-chr-001 | Change all chr() to chrw() and vice versa where possible |
res-chrch-001 | Change all chr() to chrw() and vice versa where possible; chunked |
res-chrcg-001 | Change all chr() to chrw() and vice versa where possible; chunked and gzip compressed |
res-chr-002 | Change chr() and chrw() to chrb() |
res-chrch-002 | Change chr() and chrw() to chrb(); chunked |
res-chrcg-002 | Change chr() and chrw() to chrb(); chunked and gzip compressed |
res-chr-003 | Some script commands/strings converted to series of chr()/Clng/&H using online vbscript obfuscator |
res-chrch-003 | Some script commands/strings converted to series of chr()/Clng/&H using online vbscript obfuscator; chunked |
res-chrcg-003 | Some script commands/strings converted to series of chr()/Clng/&H using online vbscript obfuscator; chunked and gzip compressed |
res-pay-001 | Nishang bind shell obfuscated with Unicorn |
res-paych-001 | Nishang bind shell obfuscated with Unicorn; chunked |
res-paycg-001 | Nishang bind shell obfuscated with Unicorn; chunked and gzip compressed |
res-pay-002 | Native Unicorn generated bind shell |
res-paych-002 | Native Unicorn generated bind shell; chunked |
res-paycg-002 | Native Unicorn generated bind shell; chunked and gzip compressed |
res-pay-003 | Nishang bind shell obfuscated with PowerSploit’s Out-EncodedCommand |
res-paych-003 | Nishang bind shell obfuscated with PowerSploit’s Out-EncodedCommand; chunked |
res-paycg-003 | Nishang bind shell obfuscated with PowerSploit’s Out-EncodedCommand; chunked and gzip compressed |
res-pay-004 | Veil Ordnance bind shell shellcode dropped into PowerSploit’s Invoke-Shellcode; then obfuscated with PowerSploit’s Out-EncodedCommand |
res-paych-004 | Veil Ordnance bind shell shellcode dropped into PowerSploit’s Invoke-Shellcode; then obfuscated with PowerSploit’s Out-EncodedCommand; chunked |
res-paycg-004 | Veil Ordnance bind shell shellcode dropped into PowerSploit’s Invoke-Shellcode; then obfuscated with PowerSploit’s Out-EncodedCommand; chunked and gzip compressed |
res-pay-005 | Use wscript to call original payload (PoshRat method) |
res-paych-005 | Use wscript to call original payload (PoshRat method); chunked |
res-paycg-005 | Use wscript to call original payload (PoshRat method); chunked and gzip compressed |
res-ord-001 | Remove runmumaa and add to setnotsafemode function; move setnotsafemode function to bottom of script |
res-ordch-001 | Remove runmumaa and add to setnotsafemode function; move setnotsafemode function to bottom of script; chunked |
res-ordcg-001 | Remove runmumaa and add to setnotsafemode function; move setnotsafemode function to bottom of script; chunked and gzip compressed |
res-spl-001 | Some strings split with “+” and “&”; some lines split with “_” |
res-splch-001 | Some strings split with “+” and “&”; some lines split with “_”; chunked |
res-splcg-001 | Some strings split with “+” and “&”; some lines split with “_”; chunked and gzip compressed |
res-mrg-001 | combine both myarray declaration and powershell command into single lines |
res-mrgch-001 | combine both myarray declaration and powershell command into single lines; chunked |
res-mrgcg-001 | combine both myarray declaration and powershell command into single lines; chunked and gzip compressed |
res-renchr-001 | Combination of techniques used in res-ren-001 and res-chr-003 |
res-renchrch-001 | Combination of techniques used in res-ren-001 and res-chr-003; chunked |
res-renchrcg-001 | Combination of techniques used in res-ren-001 and res-chr-003; chunked and gzip compressed |
res-renchrwsp-001 | Combination of techniques used in res-ren-001; res-chr-003; and res-wsp-001 |
res-renchrwspch-001 | Combination of techniques used in res-ren-001; res-chr-003; and res-wsp-001; chunked |
res-renchrwspcg-001 | Combination of techniques used in res-ren-001; res-chr-003; and res-wsp-001; chunked and gzip compressed |
res-renchrwsppay-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; and res-pay-004 |
res-renchrwsppaych-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; and res-pay-004; chunked |
res-renchrwsppaycg-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; and res-pay-004; chunked and gzip compressed |
res-renpay-001 | Combination of techniques used in res-ren-001 and res-pay-004 |
res-renpaych-001 | Combination of techniques used in res-ren-001 and res-pay-004; chunked |
res-renpaycg-001 | Combination of techniques used in res-ren-001 and res-pay-004; chunked and gzip compressed |
res-renchrwsppaymth-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; and res-mth-001 |
res-renchrwsppaymthch-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; and res-mth-001; chunked |
res-renchrwsppaymthcg-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; and res-mth-001; chunked and gzip compressed |
res-renchrwsppaymthspl-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; res-mth-001; res-spl-001 |
res-renchrwsppaymthsplch-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; res-mth-001; res-spl-001; chunked |
res-renchrwsppaymthsplcg-001 | Combination of techniques used in res-ren-001; res-chr-003; res-wsp-001; res-pay-004; res-mth-001; res-spl-001; chunked and gzip compressed |
res-mthmrg-001 | Combination of techniques used in res-mth-001 and res-mrg-001 |
res-mthmrgch-001 | Combination of techniques used in res-mth-001 and res-mrg-001; chunked |
res-mthmrgcg-001 | Combination of techniques used in res-mth-001 and res-mrg-001; chunked and gzip compressed |
res-mthmrgord-001 | Combination of techniques used in res-mth-001; res-mrg-001; and res-ord-001 |
res-mthmrgordch-001 | Combination of techniques used in res-mth-001; res-mrg-001; and res-ord-001; chunked |
res-mthmrgordcg-001 | Combination of techniques used in res-mth-001; res-mrg-001; and res-ord-001; chunked and gzip compressed |
res-mthmrgordpay-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; and res-pay-005 |
res-mthmrgordpaych-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; and res-pay-005; chunked |
res-mthmrgordpaycg-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; and res-pay-005; chunked and gzip compressed |
res-mthmrgordpayspl-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-spl-001 |
res-mthmrgordpaysplch-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-spl-001; chunked |
res-mthmrgordpaysplcg-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-spl-001; chunked and gzip compressed |
res-mthmrgordpaysplchr-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003 |
res-mthmrgordpaysplchrch-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003; chunked |
res-mthmrgordpaysplchrcg-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003; chunked and gzip compressed |
res-mthmrgordpaysplchr-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003; plus removal of all CLng’s |
res-mthmrgordpaysplchrch-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003; plus removal of all CLng’s; chunked |
res-mthmrgordpaysplchrcg-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; and res-chr-003; plus removal of all CLng’s; chunked and gzip compressed |
res-mthmrgordpaychr-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-chr-003 |
res-mthmrgordpaychrch-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-chr-003; chunked |
res-mthmrgordpaychrcg-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; and res-chr-003; chunked and gzip compressed |
res-mthmrgordpaysplchrwsp-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s |
res-mthmrgordpaysplchrwspch-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s; chunked |
res-mthmrgordpaysplchrwspcg-001 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-005; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s; chunked and gzip compressed |
res-mthmrgordpaysplchrwsp-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-001; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s |
res-mthmrgordpaysplchrwspch-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-001; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s; chunked |
res-mthmrgordpaysplchrwspcg-002 | Combination of techniques used in res-mth-001; res-mrg-001; res-ord-001; res-pay-001; res-spl-001; res-chr-003; res-wsp-001; plus removal of all CLng’s; chunked and gzip compressed |