Armor | Managed Detection & Response (MDR) and Compliant Cloud Solutions
Armor is a global leader in Managed Detection & Response (MDR) and Compliant Cloud Solutions. As a trusted partner to more than 2,000 companies in over 40 countries, Armor offers cybersecurity and compliance consulting, professional services, and managed cybersecurity services (MSSP).
www.armor.com
Код:
Prod AWS keys:
Low-privilege: AKIAI2OGB3SLEXPOLIHQ SjMeU6SojdzqpUn95d3dTNuBp3X+33i0Eajnu6PB
Low-privilege: AKIAIF35H5VLZRMDOVGQ qQRnN449SoT8Qeqoo/3yClpUY5sVN96I6Xlr7Xg0
Dev AWS keys:
FULL ACCESS: AKIAJUZ2KU2V7WR5SE2Q nvGRasnqWEGCh8zC9Tdz5EkphyE773lzDMTY/cgm
FULL ACCESS: AKIAI75TZTYLOURZCXOA PfWqvdnsOg7ev7GW6UO474JEl+MehmEY/8Gd68wi
FULL ACCESS: AKIAIRCXI6BQGZ7HMWZA E16ctnhgqNbrE042ILoT6kJpAEiE2p4IgsyipKaT
(shit) Coalfire:
FULL ACCESS: AKIAI6MR63RQTGBYN7BA 0rG5NXnklcRcmshq9Ri//wtNI2FZc1g2dOFnXbum
Код:
[header]
magic=CC05E358
version=1.4
image_version=FVAWS1-6.01-FW-build0036-180822
model=FVAWS1
type=full_config
file_number=3
file_split=-------FVAWS1-6.01-FW-build0036-180822-------2023-05-14 14:03:56-------22FFFF6F0EFF14FF6739---------
[/header]
[file]
name=/data/config/sys_global.conf.gz
domain=global
type=config
encrypt=no
compress=no
-------FVAWS1-6.01-FW-build0036-180822-------2023-05-14 14:03:56-------22FFFF6F0EFF14FF6739---------
#config-version=FVAWS1-6.01-FW-build0036-180822:opmode=0:vdom=0
#conf_file_ver=0
config system hsm partition
end
config system admin-certificate local
end
config system global
set https-certificate defaultcert
end
config system accprofile
end
config system dashboard
end
config user ldap-user
end
config user radius-user
end
config system admin-certificate ca
end
config user pki-user
end
config user admin-usergrp
end
config system admin
edit "admin"
set trusthost1 192.34.240.11/32
set trusthost2 192.34.240.11/32
set trusthost3 192.34.240.11/32
set access-profile prof_admin
config dashboard
edit "sysinfo"
set column 1
next
edit "fortiguard"
set column 1
next
edit "policy-sessions"
set column 1
next
edit "sysres"
set column 2
next
edit "policysummary"
set column 2
next
edit "alert"
set column 2
next
edit "sysop"
set column 2
next
end
set password ENC AK1smv9LxxVbwhC/19t3CWIdG7zi10Gu/IHKMyh8zb0TBI=
set passwd-set-time 1536781431
set history-password0 AK1smv9LxxVbwhC/19t3CWIdG7zi10Gu/IHKMyh8zb0TBI=
set history-password1 AK1YzcpRH87ksTglMqdxUtOcYolh7lDbAQuzIQv0ks4g8U=
set history-password2 AK1qIK/yFRflRJ+V5VEAlW0DpHmZCWKbcby8thFlde4240=
set history-password3 AK1X2kSfkrw65RFfKTCUsCm651cOkKy7pMNAb98LDKffIk=
set history-password4 AK14JjWEB4RIdP/L+GQ/lEuPnHKJpPp4CI9p7mEMnUwTNI=
set history-password5 AK11sTHQYVxdlX5Kjm8vWCUnkfjhz/Ji8QR2A2FFSGQxro=
set history-password6 AK1dlzL7zU58mVPOiOtL1PjhVE5eK5yBXHaNT7myDaxHSU=
set history-password7 AK1Pfo41GOTx6sYUmIsy4Qrf7VdvlBeTXruY5u/tOuUrMA=
set history-password8 AK1Rf0/brqcptq6fNB203hTN3vLDQzi2E9S4jK0J5c/BPY=
set history-password9 AK1FLT5x4lyX+0C1N5VgHJV5/Opd8srCqqGAg103KUIgEc=
next
end
config system settings
set enable-file-upload enable
end
config server-policy setting
end
config system advanced
end
config system console
end
config system ip-detection
end
config system autoupdate override
end
config system autoupdate push-update
end
config system autoupdate schedule
end
config system autoupdate tunneling
end
config system fips-cc
end
config user local-user
end
config system interface
edit "port1"
set type physical
set allowaccess https ping ssh snmp http telnet
set mode dhcp
config secondaryip
end
next
end
config system ha
end
config system wccp
end
config system v-zone
end
config system conf-sync
end
config system backup
end
config system dns
end
config system snmp sysinfo
end
config system snmp community
end
config system snmp user
end
config system network-option
end
config user ntlm-user
end
config user kerberos-user
end
config user saml-user
end
config user user-group
end
config system fortigate-integration
end
config router static
end
config system tcpdump
end
config router policy
end
config router setting
end
config log custom-sensitive-rule
end
config log syslog-policy
end
config log siem-policy
end
config log ftp-policy
end
config log attack-log
set packet-log parameter-rule-failed hidden-fields-failed http-protocol-constraints signature-detection custom-protection-rule anti-virus-detection illegal-xml-format ip-intelligence illegal-file-type cookie-security
end
config log traffic-log
end
config log disk
end
config log email-policy
end
config log alertmail
end
config log fortianalyzer-policy
end
config log trigger-policy
end
config log event-log
end
config log forti-analyzer
end
config log siem-message-policy
end
config system firewall address
end
config system firewall service
end
config system firewall firewall-policy
config firewall-policy-match-list
end
end
config system firewall snat-policy
end
config waf ip-intelligence-flag
end
config waf harvest-credential-flag
end
config waf geo-block-flag
end
config waf fds-update-flag
end
config waf av-update-flag
end
config waf fsa-db-update-flag
end
config log sensitive
end
config log syslogd
end
config system fortisandbox
end
config system antivirus
end
config log analyzer-sync
end
config wad file-filter
end
config wad website
end
config wvs schedule
end
config wvs profile
end
config wvs policy
end
config system feature-visibility
end
config system password-policy
end
config system central-management
end
-------FVAWS1-6.01-FW-build0036-180822-------2023-05-14 14:03:56-------22FFFF6F0EFF14FF6739---------
[/file]
[file]
name=/data/config/sys_domain.root.conf.gz
domain=root
type=config
encrypt=no
compress=no
-------FVAWS1-6.01-FW-build0036-180822-------2023-05-14 14:03:56-------22FFFF6F0EFF14FF6739---------
#config-version=FVAWS1-6.01-FW-build0036-180822:opmode=0
#conf_file_ver=0
config system certificate sign-ca
end
config system certificate local
edit "tdecert"
set certificate "-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIMVOCRbUuIfOx8uPcUMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTgwODA2MjExNTAzWhcNMTkwODA3MjExNTAzWjBHMSEwHwYDVQQLExhEb21haW4g
Q29udHJvbCBWYWxpZGF0ZWQxIjAgBgNVBAMTGTNhLmVwc2VjLnRkZS5hcm1vcmxh
YnMuY28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsTTVJ1aFjdXga
gg90VzbEZZhuJ6G6M5UUzOElwdeXk16bdlxy+QI0K4CH4fitvYtg1A7PB4vI2XRc
y1fFLg1F0Ogt6dPLUnLTXpmEGEefYQWdd/qRcvSrMLjF0jSvYyQ+sSMPxalaYZ2S
T8pJi2FGUsvfx/2js1TBzn4/D86gREVhuC2bDEbv4/sckB0jgsYjQEvci0hZNfpX
PPFcQhncDuPJfK4KGaZqQ8CHmCjfIxH6jL9L8pLRGBXXx7xlpLovR2gITOG6FuHF
9PDWJjKbFRp+vzdG2uKCMuH7WPkJWcjgEvvUucDGtGFuMWZ6MdCTNxBfxMeqhTW7
V0VN52UzAgMBAAGjggLgMIIC3DAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEB
BIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29t
L2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0
cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYGA1Ud
IARPME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmds
b2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAAMEMG
A1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nk
b21haW52YWxzaGEyZzIuY3JsMCQGA1UdEQQdMBuCGTNhLmVwc2VjLnRkZS5hcm1v
cmxhYnMuY28wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
BBTR+gF9tu6xIjrDsCQfFY1pbPVUJDAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyC
bcCYpM+XDzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AKS5CZC0GFgUh7sTosxn
cAo8NZgE+RvfuON3zQ7IDdwQAAABZREX7YQAAAQDAEgwRgIhALtmhRP+vZ5O8Sfe
zaU22szRjKSLZ2GiY8xNv47QIawRAiEAwzugS2GwhPSp+Kg0mYRyUejaxqZhMsQk
LjgbBRONff0AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWUR
F+2uAAAEAwBGMEQCIGBT7VA3lBQG1OXkEgQRBTM9olhHRD5FlOozP+f45cUEAiAI
gyrbxHd/zTASdL1IZCUtWHAmGMIk7HTp2TZkbAGiSjANBgkqhkiG9w0BAQsFAAOC
AQEAVg/WyipYTW7uhFfbN9yB3uAYk/mqC6UhrrbC4JReozUzscBHu+ZuePOun7vx
dAQOfpKsV4ENcEzWhtnPpCiQS45zBeXaV4fXuAXQ2pZ4WOM9egnp1TrsVFNubsLt
k4oibTSaymQ+wAXuKo2/sPMrOY3u1IFbEZNWefcSAzF1eOYhg3jxq4whOZykfukX
oBlxjfevcrSy+TwvrZGPbW5bmFa2LUXMxOWu+op1CQbjh77bSrE/NzM5uhVYMJVA
A3HXpQ6ASaR5mXfkM3S5Xeidsx/v2kMSt8y1RtpQSuISCSx/SQsK+jQODWxaSP/2
dxMg/DCPTj32vbnRlDpas8gRNw==
-----END CERTIFICATE-----
"
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
AZBMrkJGOUTVXklvvbbO0a7GOHXNWETHPBzeckTpOxXIWsJGOHVaPXWO1rYrzBhf
xz91ZagSQSpqN3L6D2CQdPJznwmTo88puefu+RN0B1KD5gnhmRbc2B9DS1dE3YWq
r1bJMl1W7Wcx3iDCNvHXYuaVZMajZVKuw/mVdaGiFTfJ7oGmRgM+tXAGqiheZE2J
B9tKn2WZCozgc/3ca2XCeb5/L97hWSMacY3cISso4/wdpP1cooCkVSmvq1lAStgQ
LTGhEygkZyQOtB1SCeAvE9VPiGkkWoA6fP6Q8gEZCFYCl8qtlPpaF3zQPSH8TlAN
0QIKAcSxJSu+mslC3vPQDnP8AQpXNvrcIwaIlvLCxHKiDPH7QeHHEqJbbNjeyME8
W2JE22QdBlASTIAGhlSRPU5Odc2htam3urZdxL5nPnXh3IqFMfy9R1UhkVdMaocw
xA/PGiS2NE6r1lC/W7qse2tJw6wbIcojJzdsgOwuPPz+UfzdQ2L8BT/rj8qIhTSD
W3XlMm1UgEJZt0QO19HdcOisi96ApETa5TF/vDxP7FQzopFav2g8e16Ztbz1VWBc
Jf/0CgqAEmk0KC0LOAhyIr8EE3pLJO0aSChEOwlU6LtvodLAtyTjR/OEXAzPn2/q
ZtnxOXx+7pVnxmZDLz2WiqmuLSCs8QBj2SVym8NxE8j1XXOVUaPqrs7EUytjbVKU
D1RJk7q/T3e2KAGmmJXV4rtcF2j2iElAoGhu9o2y4MOClEUhuQ+PCvuseMnoGFAn
1BhENzvRONIDbdYmV1obLChVEi3zqG8+HDE/kSy2TStQz05KtAm1UEQYbs/Rnqcb
/qT8XuVkmHYx0vUerN/GkCEhrJzDeSSqN7mj2/xxancYF+9/9eC0q+Q+ndCIE7WM
tu9KDd31WJ/P67cIS4oelAE03bYSzYY0pzbiQN+UlI+lSgeyFTFFQyRL4ABPsEDI
AoiCZ76bbPyiH2EMhCjukrlNDN4VE9hczDLIue9O/n9EYsaths/5IlSn0RwdF/gn
bCDcjZY9rfikF8OULs1P6iMQcbtHFCGfAZWv6KibluFJiDmFhbiIZzX9D1eNiaMb
IxQmhzS73JSXkRHpDcIu/gZV0sBFgFogJWmmSt8lVpy0XoFXONOkfaE0iE9hFW0s
Rifx/L4Rh98aaAGmmSe+I4EBrEaNdMe87jAlRRHVtz2qoVGdz5nrMIpkPHwJMR5T
JRT/eSmpLxrUoyfoZB2PH6tSbz8AdyO3bfU1jssm+6SMDH5QPI1S1g7rQMOClSN6
opWdvMj/Akywh0J8Jlq2GVbxeWucpGXbmH+E8n6I9nmmK2b51J7u7IE6C4DyVTRx
CVf5g0J5BKJvlNxjNLJRlSD0DsIOtc5nFoTrGN/xmpwJknGHXbCB82qWR1O+/iNO
pYKeYRjYybAyg/ZmnB/odQCuivVfgq5PKBOVkTEVBtUSTVi8Zmw/OpM4QzJ+SWR1
BKy/M9XSjFETttxPvbiBwn/7/AvWmaegA53CzwiKJMrnu9J+gw+P+FTn1CZ2KUbh
kYXHv5510ZZ7iauoOX9L+Z2KTril9Ew1mbnvtkg1DA5EIGIy9zKEoa0Ie7LZ85o3
YaT98pCwFr99XSudQqoEtDsH
-----END ENCRYPTED PRIVATE KEY-----
"
next
end
config system certificate ca
edit "CA_Cert_1"
set certificate "-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
-----END CERTIFICATE-----
"
next
end
config system certificate tsl-ca
end
config system certificate remote
end
config system certificate intermediate-certificate
edit "Inter_Cert_1"
set certificate "-----BEGIN CERTIFICATE-----
MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
MDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0
aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZC
jn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eG
ExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgX
qa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3It
INH6yjfaGJjmFiRxJUvE5XuJUgkC/VkrBG7KB4HUs9ra2+PMgKhWBwZ8lgg3nds4
tmI0kWIHdAE42HIw4uuQcSZiwFfzAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMC
AQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU6k581IAt5RWBhiaMgm3A
mKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSG
Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEE
MTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290
cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEL
BQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex
4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXE
GwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1oj
H6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1Pj
tywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6
EjxS1QSCVS1npd+3lXzuP8MIugS+wEY=
-----END CERTIFICATE-----
"
next
end
config system certificate intermediate-certificate-group
edit "DSM Intermediate"
config members
edit 1
set name Inter_Cert_1
next
end
next
end
config system replacemsg-image
end
config system replacemsg
edit "url-block"
set header http
set format html
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html, body { margin: 0; padding: 0; font-family: Verdana, Arial, sans-serif; font-size: 10pt; } h1, h2 { height: 82px; text-indent: -999em; margin: 0; padding: 0; margin: 0; } div { margin: 0; padding: 0; } div.header { background: url(%%IMAGE:logo_v2_fnet%%) 0 0 repeat-x; height: 82px; } div.sidebar { width: 195px; height: 200px; float: left; } div.main { padding: 5px; margin-left: 195px; } div.buttons { margin-top: 30px; text-align: right; } h3 { margin: 36px 0; font-size: 16pt; } .blocked h3 { color: #c00; } .authenticate h3 { color: #36c; } h2.fgd_icon { background: url(%%IMAGE:logo_v2_fnet%%) 0 -166px repeat-x; width: 90px; height: 92px; margin: 48px auto; } .blocked h2.fgd_icon { background-position: 0 -166px; } .authenticate h2.fgd_icon { background-position: -89px -166px; } form { width: 300px; margin: 30px 0; } label { display: block; width: 300px; margin: 5px 0; line-height: 25px; } label input { width: 200px; border: 1px solid #7f9db9; height: 20px; float: right; }</style><title> The URL you requested has been blocked </title></head><body class=\"block\"><div class=\"header\"></div><div class=\"sidebar\"><h2 class=\"fgd_icon\">block</h2></div><div class=\"main\"><h3>Web Page Blocked!</h3><div class=\"notice\"><p>The page cannot be displayed. Please contact the administrator for additional information.</p><p>URL: %%URL%%<br /><br/>Client IP: %%SOURCE_IP%%<br/>Server IP: %%DEST_IP%%<br/>Attack ID: %%EVENT_ID%%</p><p></p></div></div></body></html>"
next
edit "server-inaccessible"
set header http
set format html
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html, body { margin: 0; padding: 0; font-family: Verdana, Arial, sans-serif; font-size: 10pt; } h1, h2 { height: 82px; text-indent: -999em; margin: 0; padding: 0; margin: 0; } div { margin: 0; padding: 0; } div.header { background: url(%%IMAGE:logo_v2_fnet%%) 0 0 repeat-x; height: 82px; } div.header h2 { background: url(%%IMAGE:logo_v2_fnet%%) 0 -82px no-repeat; width: 160px; float: right; } div.sidebar { width: 195px; height: 200px; float: left; } div.main { padding: 5px; margin-left: 195px; } div.buttons { margin-top: 30px; text-align: right; } h3 { margin: 36px 0; font-size: 16pt; } .blocked h3 { color: #c00; } .authenticate h3 { color: #36c; } h2.fgd_icon { background: url(%%IMAGE:logo_v2_fnet%%) 0 -166px repeat-x; width: 90px; height: 92px; margin: 48px auto; } .blocked h2.fgd_icon { background-position: 0 -166px; } .authenticate h2.fgd_icon { background-position: -89px -166px; } form { width: 300px; margin: 30px 0; } label { display: block; width: 300px; margin: 5px 0; line-height: 25px; } label input { width: 200px; border: 1px solid #7f9db9; height: 20px; float: right; }</style><title> Server Unavailiable </title></head><body class=\"block\"><div class=\"header\"></div><div class=\"sidebar\"><h2 class=\"fgd_icon\">block</h2></div><div class=\"main\"><h3>Server Unavailable!</h3><div class=\"notice\"><p>Server unavailable.Please visit again later</p><p>URL: %%URL%%<br /><br/>Client IP: %%SOURCE_IP%%<br/>Server IP: %%VSERVER_IP%%</p><p></p></div></div></body></html>"
set code 503
next
edit "login"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height:100%; padding:0; margin:0; } .oc{ display:table; width:100%;height:100%; } .ic{ display:table-cell; vertical-align:middle;} form{ display:block; background:#ccc;border:2px solid red; padding:0 0 25px 0; width:500px; font-family:helvetica,sans-serif;font-size:14px; margin:10px auto; } .fel,.fer,.fec{ text-align:center; width:350px;margin:0 auto; padding:10px; } .fel{ text-align:left; } .fer{ text-align:right;} h1{ font-weight:bold; font-size:21px; margin:0; padding:15px 10px; text-align:center;} p{ margin:15px auto; width:75%; text-align:left; } ul{ margin:15px auto;width:75%; } h2{ margin:25px 10px; font-weight:bold; text-align:center;} label{ width:90px; font-size:16px; }</style><title>Firewall Authentication</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%LOGIN_POST_URL%%\" method=\"post\"><input type=\"hidden\" name=\"sph_org_location\" value=\"%%ORG_LOCATION_VAL%%\"><h1 style=\"background:#eee center 25px ;\">Authentication Required</h1><h2>Please enter your credentials to continue</h2><div class=\"fel\"><table><tr><td width=\"90px\"><label for=\"ft_un\">Username:</label></td><td><input name=\"sph_username\" type=\"text\" autocorrect=\"off\" autocapitalize=\"off\" style=\"width:230px\"></td></tr></table></div><div class=\"fel\"><table><tr><td width=\"90px\"><label for=\"ft_pd\">Password:</label></td><td><input name=\"sph_password\" type=\"password\" autocomplete=\"off\" style=\"width:230px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Continue\"></div></form></div></div></body></html>"
set code 200
next
edit "token"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height:100%; padding:0; margin:0; } .oc{ display:table; width:100%;height:100%; } .ic{ display:table-cell; vertical-align:middle;} form{ display:block; background:#ccc;border:2px solid red; padding:0 0 25px 0; width:500px; font-family:helvetica,sans-serif;font-size:14px; margin:10px auto; } .fel,.fer,.fec{ text-align:center; width:350px;margin:0 auto; padding:10px; } .fel{ text-align:left; } .fer{ text-align:right;} h1{ font-weight:bold; font-size:21px; margin:0; padding:15px 10px; text-align:center;} p{ margin:15px auto; width:75%; text-align:left; } ul{ margin:15px auto;width:75%; } h2{ margin:25px 10px; font-weight:bold; text-align:center;} label{ width:90px; font-size:16px; }</style><title>Firewall Authentication</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%TOKEN_POST_URL%%\" method=\"post\"><input type=\"hidden\" name=\"sph_org_location\" value=\"%%ORG_LOCATION_VAL%%\"><h1 style=\"background:#eee center 25px ;\">Authentication Required</h1><h2>Please enter your token code to continue</h2><div class=\"fel\"><table><tr><td width=\"100px\"><label for=\"ft_pd\">Token Code:</label></td><td><input name=\"sph_token\" type=\"password\" autocomplete=\"off\" style=\"width:220px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Continue\"></div></form></div></div></body></html>"
set code 200
next
edit "rsa-login"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height:100%; padding:0; margin:0; } .oc{ display:table; width:100%;height:100%; } .ic{ display:table-cell; vertical-align:middle;} form{ display:block; background:#ccc;border:2px solid red; padding:0 0 25px 0; width:500px; font-family:helvetica,sans-serif;font-size:14px; margin:10px auto; } .fel,.fer,.fec{ text-align:center; width:350px;margin:0 auto; padding:10px; } .fel{ text-align:left; } .fer{ text-align:right;} h1{ font-weight:bold; font-size:21px; margin:0; padding:15px 10px; text-align:center;} p{ margin:15px auto; width:75%; text-align:left; } ul{ margin:15px auto;width:75%; } h2{ margin:25px 10px; font-weight:bold; text-align:center;} label{ width:90px; font-size:16px; }</style><title>Firewall Authentication</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%RSA_LOGIN_POST_URL%%\" method=\"post\"><input type=\"hidden\" name=\"sph_org_location\" value=\"%%ORG_LOCATION_VAL%%\"><h1 style=\"background:#eee center 25px ;\">Authentication Required</h1><h2>Please enter your RSA SecurID to continue</h2><div class=\"fel\"><table><tr><td width=\"90px\"><label for=\"ft_un\">Username:</label></td><td><input name=\"sph_username\" type=\"text\" autocorrect=\"off\" autocapitalize=\"off\" style=\"width:230px\"></td></tr></table></div><div class=\"fel\"><table><tr><td width=\"90px\"><label for=\"ft_pd\">Passcode:</label></td><td><input name=\"sph_passcode\" type=\"password\" autocomplete=\"off\" style=\"width:230px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Continue\"></div></form></div></div></body></html>"
set code 200
next
edit "rsa-challenge"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height:100%; padding:0; margin:0; } .oc{ display:table; width:100%;height:100%; } .ic{ display:table-cell; vertical-align:middle;} form{ display:block; background:#ccc;border:2px solid red; padding:0 0 25px 0; width:500px; font-family:helvetica,sans-serif;font-size:14px; margin:10px auto; } .fel,.fer,.fec{ text-align:center; width:350px;margin:0 auto; padding:10px; } .fel{ text-align:left; } .fer{ text-align:right;} h1{ font-weight:bold; font-size:21px; margin:0; padding:15px 10px; text-align:center;} p{ margin:15px auto; width:75%; text-align:left; } ul{ margin:15px auto;width:75%; } h2{ margin:25px 10px; font-weight:bold; text-align:center;} label{ width:90px; font-size:16px; }</style><title>Firewall Authentication</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%RSAC_POST_URL%%\" method=\"post\"><input type=\"hidden\" name=\"sph_org_location\" value=\"%%ORG_LOCATION_VAL%%\"><h1 style=\"background:#eee center 25px ;\">Challenge Required</h1><h2 style=\"color:#000000;\">%%REPLY_TAG%%</h2><div class=\"fel\"><table><tr><td width=\"90px\"><label for=\"ft_pd\">Passcode:</label></td><td><input name=\"sph_passcode\" type=\"password\" autocomplete=\"off\" style=\"width:230px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Continue\"></div></form></div></div></body></html>"
set code 200
next
edit "change-passwd"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height:100%; padding:0; margin:0; } .oc{ display:table; width:100%;height:100%; } .ic{ display:table-cell; vertical-align:middle;} form{ display:block; background:#ccc;border:2px solid red; padding:0 0 25px 0; width:500px; font-family:helvetica,sans-serif;font-size:14px; margin:10px auto; } .fel,.fer,.fec{ text-align:center; width:400px;margin:0 auto; padding:10px; } .fel{ text-align:left; } .fer{ text-align:right;} h1{ font-weight:bold; font-size:21px; margin:0; padding:15px 10px; text-align:center;} p{ margin:15px auto; width:75%; text-align:left; } ul{ margin:15px auto;width:75%; } h2{ margin:25px 10px; font-weight:bold; text-align:center;} label{ width:90px; font-size:16px; }</style><title>Change Password</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%CPW_POST_URL%%\" method=\"post\" onsubmit=\"before_submit();\"><input type=\"hidden\" name=\"sph_org_location\" value=\"%%ORG_LOCATION_VAL%%\"><input type=\"hidden\" name=\"sph_cancel\" value=\"0\"><h1 style=\"background:#eee center 25px ;\">Change Password</h1><h2>%%REPLY_TAG%%</h2><h2>Please enter your passwords to continue</h2><div class=\"fel\"><table><tr><td width=\"190px\"><label>Old Password:</label></td><td><input name=\"sph_password\" type=\"password\" autocomplete=\"off\" style=\"width:200px\"></td></tr></table></div><div class=\"fel\"><table><tr><td width=\"190px\"><label>New Password:</label></td><td><input name=\"sph_new_pwd\" type=\"password\" autocomplete=\"off\" style=\"width:200px\"></td></tr></table></div><div class=\"fel\"><table><tr><td width=\"190px\"><label>Confirm New Password:</label></td><td><input name=\"sph_cfm_pwd\" type=\"password\" autocomplete=\"off\" style=\"width:200px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Continue\"> <input type=\"button\" value=\"Cancel\" onclick=\"cancel();\" ></div></form></div></div></body><script type=\"text/javascript\"> function cancel() { document.forms[0].sph_cancel.value = 1; document.forms[0].submit(); } function before_submit() { document.forms[0].sph_cancel.value = 0; }</script></html>"
set code 200
next
edit "account-lockout"
set header http
set format html
set group site-publish
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html, body { margin: 0; padding: 0; font-family: Verdana, Arial, sans-serif; font-size: 10pt; background-color: #ffffff; } h1, h2 { height: 82px; text-indent: -999em; margin: 0; padding: 0; margin: 0; } div { margin: 0; padding: 0; } div.header { background: url(%%IMAGE:logo_v2_fnet%%) 0 0 repeat-x; height: 82px; } div.sidebar { width: 195px; height: 200px; float: left; } div.main { padding: 5px; margin-left: 195px; } div.buttons { margin-top: 30px; text-align: right; } h3 { margin: 36px 0; font-size: 16pt; } .blocked h3 { color: #c00; } .authenticate h3 { color: #36c; } h2.fgd_icon { background: url(%%IMAGE:logo_v2_fnet%%) 0 -166px repeat-x; width: 90px; height: 92px; margin: 48px auto; } .blocked h2.fgd_icon { background-position: 0 -166px; } .authenticate h2.fgd_icon { background-position: -89px -166px; } form { width: 300px; margin: 30px 0; } label { display: block; width: 300px; margin: 5px 0; line-height: 25px; } label input { width: 200px; border: 1px solid #7f9db9; height: 20px; float: right; }</style><title>The URL you requested has been blocked</title></head><body class=\"block\"><div class=\"header\"></div><div class=\"sidebar\"><h2 class=\"fgd_icon\">block</h2></div><div class=\"main\"><h3>Account Blocked!</h3><div class=\"notice\"><p>Your credentials are invaild. Please contact the administrator for additional information.</p><p>Account %%ACCOUNT%% locked for the next %%PERIOD_TIME%% minutes.<br/></p><p></p></div></div></body></html>"
next
edit "captcha-page"
set header http
set format html
set group captcha
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html,body{ height: 100%; padding: 0; margin: 0; background-color: #ffffff; } .oc{ display: table; width: 100%; height: 100%; } .ic{ display: table-cell; vertical-align: middle; } form{ display: block; background: #ccc; border: 2px solid red; padding: 0 0 25px 0; width: 500px; font-family: helvetica,sans-serif; font-size: 14px; margin: 10px auto; } .fel,.fer,.fec{ text-align: center; width: 350px; margin: 0 auto; padding: 10px; } .fel{ text-align: left; } .fer{ text-align:right; } h1{ font-weight: bold; font-size: 21px; margin: 0; padding: 15px 10px; text-align: center; } p{ margin: 15px auto; width:75%; text-align: left; } ul{ margin:15px auto; width: 75%; } h2{ margin: 25px 10px; font-weight: bold; text-align: center; } label{ width: 90px; font-size: 16px;}</style><title>Firewall Captcha Authentication</title></head><body><div class=\"oc\"><div class=\"ic\"><form action=\"%%CAPTCHA_POST_URL%%\" method=\"post\"><input type=\"hidden\" name=\"vcode\" value=\"%%CAPTCHA_VCODE_STR%%\"><input type=\"hidden\" name=\"req_data\" value=\"%%CAPTCHA_REQ_DATA%%\"><h1 style=\"background:#eee center 25px ;\"><img src=\"data:image/gif;base64,%%CAPTCHA_IMG_SRC%%\"></h1><h2>Security check</h2><h2>Please enter the above text to continue</h2><div class=\"fel\"><table><tr><td width=\"120px\"><label>Captcha Code:</label></td><td><input name=\"pcode\" type=\"text\" style=\"width:220px\"></td></tr></table></div><div class=\"fer\"><input type=\"submit\" value=\"Submit\"></div></form></div></div></body></html>"
set code 200
next
edit "captcha-block"
set header http
set format html
set group captcha
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\"><html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><style type=\"text/css\"> html, body { margin: 0; padding: 0; font-family: Verdana, Arial, sans-serif; font-size: 10pt; background-color: #ffffff; } p { margin-left:0; } h1, h2 { height: 82px; text-indent: -999em; margin: 0; padding: 0; margin: 0; } div { margin: 0; padding: 0; } div.header { background: url(%%IMAGE:logo_v2_fnet%%) 0 0 repeat-x; height: 82px;} div.sidebar { width: 195px; height: 200px; float: left; } div.main { padding: 5px; margin-left: 195px; } div.buttons { margin-top: 30px; text-align: right; } h3 { margin: 36px 0; font-size: 16pt; } .blocked h3 { color: #c00; } .authenticate h3 { color: #36c; } h2.fgd_icon { background: url(%%IMAGE:logo_v2_fnet%%) 0 -166px repeat-x; width: 90px; height: 92px; margin: 48px auto;} .blocked h2.fgd_icon { background-position: 0 -166px; } .authenticate h2.fgd_icon { background-position: -89px -166px; } form { width: 300px; margin: 30px 0; } label {display: block; width: 300px; margin: 5px 0; line-height: 25px; } label input { width: 200px; border: 1px solid #7f9db9; height: 20px; float: right;}</style><title>The URL you requested has been blocked</title></head><body class=\"block\"><div class=\"header\"></div><div class=\"sidebar\"><h2 class=\"fgd_icon\">block</h2></div><div class=\"main\"><h3>Captcha Failed!</h3><div class=\"notice\"><p>You entered an invaild Captcha code. Please contact the administrator for additional information.</p></div></div></body></html>"
set code 200
next
edit "pre-login-disclaimer"
set format text
set group admin
set buffer "P R E W A R N I N G W A R N I N G W A R N I N G W A R N I N G
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. All use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action.
P R E W A R N I N G W A R N I N G W A R N I N G W A R N I N G"
set code 200
next
end
config system fortisandbox-statistics
end
config waf allow-method-exceptions
end
config server-policy service custom
edit "Trend_4119"
set port 4119
next
end
config server-policy service predefined
end
config server-policy pattern custom-data-type
end
config server-policy pattern data-type-group
end
config server-policy custom-application url-replacer
end
config server-policy custom-application application-policy
end
config waf url-access url-access-rule
edit "DSM DL"
set host-status enable
set host 3a.epsec.tde.armorlabs.co:4119
config match-condition
edit 1
set reg-exp ^/software/agent/(.*)/x86_64/(.*)$
set type regex-expression
next
end
next
end
config waf url-access url-access-policy
edit "AllowDSMDL"
config rule
edit 1
set url-access-rule-name "DSM DL"
next
end
next
end
config waf exclude-url
end
config waf file-uncompress-rule
end
config waf file-compress-rule
end
config waf http-request-flood-prevention-rule
end
config waf http-connection-flood-check-rule
end
config waf layer4-access-limit-rule
end
config waf geo-ip-except
end
config waf geo-block-list
end
config waf ip-list
edit "ArmorHQ"
config members
edit 1
set ip 192.34.240.11
next
end
next
end
config waf http-authen http-authen-rule
end
config waf http-authen http-authen-policy
end
config waf hidden-fields-rule
end
config waf hidden-fields-protection
end
config waf page-access-rule
end
config waf user-tracking rule
end
config waf user-tracking policy
end
config waf xml-schema file
end
config waf xml-wsdl file
end
config waf xml-validation rule
end
config waf xml-validation policy
end
config waf device-reputation reputation-exceptions
end
config waf device-reputation reputation-security-policy
end
config waf url-rewrite url-rewrite-rule
end
config waf url-rewrite url-rewrite-policy
end
config waf allow-method-policy
end
config waf http-constraints-exceptions
end
config waf start-pages
edit "DSM Mgmt"
config start-page-list
edit 1
set host 3a.epsec.tde.armorlabs.co:4119
set host-status enable
set request-file /
set default yes
next
end
set action alert_deny
set severity Medium
next
end
config waf file-upload-restriction-rule
end
config waf csrf-protection
end
config waf input-rule
end
config waf parameter-validation-rule
end
config waf base-signature-disable
end
config waf custom-protection-rule
end
config waf custom-protection-group
end
config waf ip-intelligence
edit 1
set category Botnet
set status enable
next
edit 2
set category "Anonymous Proxy"
set status enable
next
edit 3
set category Phishing
set status enable
next
edit 4
set category Spam
set status enable
next
edit 5
set category Others
set status enable
next
edit 6
set category Tor
set status enable
next
end
config waf ip-intelligence-exception
end
config waf signature
edit "High Level Security"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set fpm-status disable
next
edit "030000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "040000000"
set fpm-status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set fpm-status disable
next
edit "070000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "080000000"
set fpm-status disable
set action alert_erase
set severity High
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set fpm-status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "Medium Level Security"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "Alert Only"
config main_class_list
edit "010000000"
set fpm-status disable
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set severity Low
next
edit "090000000"
set fpm-status disable
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set severity Low
next
edit "120000000"
set status disable
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "Exchange 2013"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "010000034"
next
edit "010000062"
next
edit "010000070"
next
edit "010000072"
next
edit "010000092"
next
edit "010000093"
next
edit "010000095"
next
edit "010000155"
next
edit "020000062"
next
edit "020000095"
next
edit "030000136"
next
edit "030000164"
next
edit "040000131"
next
edit "040000137"
next
edit "050050027"
next
edit "050130002"
next
edit "050140001"
next
edit "050050051"
next
edit "050050052"
next
edit "060050027"
next
edit "060130002"
next
edit "060140001"
next
edit "060140003"
next
edit "090240001"
next
edit "090500036"
next
edit "090490010"
next
edit "080110001"
next
edit "080110002"
next
edit "080080001"
next
edit "030000128"
next
edit "050110001"
next
edit "050130001"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "Exchange 2016"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "010000062"
next
edit "010000068"
next
edit "010000070"
next
edit "010000092"
next
edit "010000093"
next
edit "010000094"
next
edit "010000105"
next
edit "010000108"
next
edit "010000214"
next
edit "030000182"
next
edit "050010001"
next
edit "050030001"
next
edit "050050004"
next
edit "050050006"
next
edit "050050027"
next
edit "050050034"
next
edit "050050045"
next
edit "050050051"
next
edit "050050052"
next
edit "050080033"
next
edit "050110001"
next
edit "050130002"
next
edit "050140004"
next
edit "050180005"
next
edit "050180006"
next
edit "120010004"
next
edit "120010005"
next
edit "120020003"
next
edit "120020005"
next
edit "120030004"
next
edit "120030005"
next
edit "120010003"
next
edit "050180003"
next
edit "050200002"
next
edit "120030002"
next
edit "030000204"
next
edit "050050053"
next
edit "120030003"
next
edit "120020004"
next
edit "050010002"
next
edit "030000136"
next
edit "050140003"
next
edit "050150001"
next
edit "010000066"
next
edit "080200004"
next
edit "080200005"
next
edit "080200006"
next
edit "050220001"
next
edit "050140001"
next
edit "010000072"
next
edit "010000095"
next
edit "010000139"
next
edit "120010001"
next
edit "120010002"
next
edit "050130001"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "SharePoint 2013"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "010000062"
next
edit "010000069"
next
edit "010000070"
next
edit "010000072"
next
edit "010000093"
next
edit "010000108"
next
edit "010000155"
next
edit "020000093"
next
edit "040000131"
next
edit "040000137"
next
edit "040000138"
next
edit "050050027"
next
edit "050140001"
next
edit "050140004"
next
edit "060130002"
next
edit "060140001"
next
edit "060140003"
next
edit "060140004"
next
edit "090240001"
next
edit "080080001"
next
edit "080110001"
next
edit "080110002"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "SharePoint 2016"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "080080001"
next
edit "080200005"
next
edit "080200004"
next
edit "090240001"
next
edit "080200010"
next
edit "050140001"
next
edit "050140004"
next
edit "050180003"
next
edit "010000130"
next
edit "120030003"
next
edit "010000001"
next
edit "120030001"
next
edit "120030004"
next
edit "050050027"
next
edit "010000072"
next
edit "010000108"
next
edit "050030001"
next
edit "050220001"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "WordPress"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "050140001"
next
edit "050140004"
next
edit "010000092"
next
edit "010000019"
next
edit "010000072"
next
edit "010000095"
next
edit "010000093"
next
edit "010000105"
next
edit "010000069"
next
edit "050130002"
next
edit "010000155"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
edit "Drupal"
config main_class_list
edit "010000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "020000000"
set status disable
set fpm-status disable
next
edit "030000000"
set action alert_deny
set severity High
next
edit "040000000"
set status disable
next
edit "050000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "060000000"
set status disable
set fpm-status disable
next
edit "070000000"
set fpm-status disable
next
edit "080000000"
set fpm-status disable
set action only_erase
set severity Low
next
edit "090000000"
set fpm-status disable
set action alert_deny
set severity High
next
edit "100000000"
set status disable
set fpm-status disable
set severity High
next
edit "110000000"
set fpm-status disable
set action alert_deny
set severity Low
next
edit "120000000"
set status disable
set action alert_deny
set severity High
next
end
config sub_class_disable_list
end
config signature_disable_list
edit "060030001"
next
edit "060120001"
next
edit "080080005"
next
edit "080200001"
next
edit "080080003"
next
edit "090410001"
next
edit "090410002"
next
edit "040000141"
next
edit "040000136"
next
edit "030000137"
next
edit "050140004"
next
edit "010000092"
next
edit "050140001"
next
edit "030000166"
next
edit "010000095"
next
edit "030000136"
next
edit "010000062"
next
edit "010000105"
next
edit "010000107"
next
edit "050130002"
next
edit "010000070"
next
edit "010000108"
next
edit "010000072"
next
edit "010000019"
next
edit "010000093"
next
edit "010000155"
next
edit "050130001"
next
edit "050080033"
next
end
config alert_only_list
end
config fpm_disable_list
end
config scoring_override_disable_list
end
config score_grade_list
end
config filter_list
end
next
end
config waf x-forwarded-for
end
config system device-tracking
end
config server-policy health
end
config system certificate crl
end
config system certificate ca-group
edit "DSM"
config members
edit 1
set name CA_Cert_1
next
end
next
end
config system certificate crl-group
end
config system certificate verify
end
config system certificate sni
edit "DSM"
config members
end
next
end
config system certificate urlcert
end
config system certificate hpkp
end
config server-policy vserver
edit "Trend11DSM"
set interface port1
set use-interface-ip enable
next
end
config server-policy pattern custom-susp-url
end
config server-policy pattern custom-susp-url-rule
end
config server-policy pattern predefined-global-white-list-group
end
config server-policy pattern custom-global-white-list-group
end
config server-policy pattern threat-weight
end
config server-policy pattern known-search-engines-group
end
config server-policy pattern suspicious-url-rule
end
config server-policy allow-hosts
edit "DSM"
set default-action deny
config host-list
edit 1
set host 3a.epsec.tde.armorlabs.co:4119
next
end
next
end
config waf http-protocol-parameter-restriction
end
config log client-device-management-delete-flag
end
config waf brute-force-login
end
config waf file-upload-restriction-policy
end
config waf layer4-connection-flood-check-rule
end
config waf application-layer-dos-prevention
end
config waf custom-access rule
edit "DenyTrend11Mgmt"
set action alert_deny
config source-ip-filter
end
config user-filter
end
config url-filter
end
config http-header-filter
end
config access-limit-filter
end
config parameter
end
config http-transaction
end
config response-code
end
config content-type
end
config packet-interval
end
config main-class
end
config sub-class
end
config signature
end
config custom-signature
end
config occurrence
end
next
end
config waf custom-access policy
end
config waf padding-oracle
end
config waf web-cache-exception
end
config waf web-cache-policy
end
config waf http-header-security
end
config waf cookie-security
end
config waf site-publish-helper keytab_file
end
config waf site-publish-helper authentication-server-pool
end
config waf site-publish-helper service-principal-name-pool
end
config waf site-publish-helper rule
end
config waf site-publish-helper policy
end
config waf ftp-file-security
end
config waf ftp-command-restriction-rule
end
config waf machine-learning url-replacer-rule
end
config waf machine-learning url-replacer-policy
end
config waf ftp-protection-profile inline-protection
end
config waf web-protection-profile inline-protection
edit "DSM"
set http-session-management enable
set url-access-policy AllowDSMDL
set signature-rule "Alert Only"
set start-pages "DSM Mgmt"
set redirect-url https://www.armor.com
set rdt-reason enable
set ip-list-policy ArmorHQ
set profile-id 17536269259170770179
next
end
config waf web-protection-profile offline-protection
end
config waf web-protection-profile autolearning-profile
end
config log reports
end
config server-policy persistence-policy
end
config server-policy server-pool
edit "Trend"
set server-balance enable
set health HLTHCK_TCP
set server-pool-id 2022497767989143733
config pserver-list
edit 1
set ip 18.207.105.61
set port 4119
set server-id 6272786170966570157
set ssl enable
set client-certificate tdecert
set ssl-noreg disable
set ssl-custom-cipher ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256
next
edit 2
set ip 34.239.226.11
set port 4119
set server-id 15334416257131084320
set ssl enable
set client-certificate tdecert
set ssl-noreg disable
set ssl-custom-cipher ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256
next
end
next
end
config server-policy http-content-routing-policy
end
config server-policy policy
edit "Trend11DSM"
set ssl enable
set vserver Trend11DSM
set web-protection-profile DSM
set server-pool Trend
set allow-hosts DSM
set https-service Trend_4119
set certificate tdecert
set intermediate-certificate-group "DSM Intermediate"
set ssl-custom-cipher ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256
set policy-id 8287805622971570683
config http-content-routing-list
end
next
end
config waf machine-learning-policy
end
-------FVAWS1-6.01-FW-build0036-180822-------2023-05-14 14:03:56-------22FFFF6F0EFF14FF6739---------
[/file]
[file]
name=/tmp/extend_tar_file
domain=unknown
type=extend
encrypt=yes
compress=gzipped#1
#2
Exploit.IN Send
Encrypt and send files with a link that automatically expires to ensure your important documents don’t stay online forever.
send.exploit.in
