Leaderboard
Popular Content
Showing content with the highest reputation on 10/01/20 in all areas
-
Partea mai complicata nu e cea in care se scrie un programel care face asta, ci aflarea unei metode simple de schimbare. Daca e vorba de outlook.com de exemplu, trebuie vazut cum se poate face login (sa nu fie vorba de un captcha acolo) cum se pastreaza sesiunea si ce request e necesar pentru schimbarea pozei. Daca se stiu aceste lucruri se poate face in 2 linii de bash cu curl si grep.2 points
-
Ceva simplu dar nu parca n-am vazut pe nicaieri un tool. N-am mai postat niciodata pe github pana acum. Uses host command to check if a subdomain/domain it's alive (by performing DNS lookups). Saves the live domains/subdomains in a file. shows report of how many are alive and dead (including percentages) Usage: `its-alive.sh subdomains.txt alive_subdomains.txt` https://github.com/truffle-dog/its-alive1 point
-
Vom publica detalii pe masura ce apar atat aici pe forum cat si pe site-ul conferintei: https://rstcon.com Evenimentul e mai mult ca reminder.1 point
-
1 point
-
The Windows Subsystem for Linux 2 will bypass the Windows 10 firewall and any configured rules, raising security concerns for those who use the feature. In a blog post today, Mullvad VPN explained that their product includes an 'Always require VPN' option that blocks Internet access via the Windows Firewall unless connected to the VPN. After Mullvad received a tip from a user, it was determined that WSL2 Linux distributions bypass the Windows 10 firewall and its configured rules, and prevent the VPN's 'Always require VPN' security feature from working. WSL 2 bypasses the Windows firewall Mullvad states that they tested this issue with multiple VPN products, and the problem exists in all of them. The problem is that this has nothing to do with VPN software and is simply how the Windows Subsystem for Linux 2 was developed. The first version of the Windows Subsystem for Linux (WSL 1) uses a Linux-compatible kernel that translates Linux system into calls that work with the Windows NT kernel. When using WSL 1, any network traffic is filtered through the Windows Advanced Firewall (WAF), and the Linux distro honors any configured rules. With the release of WSL 2, Microsoft introduced a true Linux kernel operating in a Hyper-V virtual machine with a Hyper-V virtual network adapter. Unlike WSL 1, WSL 2 traffic is sent to the correct connection, whether it's your LAN Ethernet adapter or VPN, but it completely bypasses the Windows Firewall. For example, I created a Windows Firewall rule that blocks all outbound traffic to port 80 (HTTP) and 443 (HTTPS), the default ports when connecting to web sites. Windows Firewall rule to block outbound web connections When enabled, this rule blocked all outbound connections to websites from Windows 10 and WSL 1 Linux distributions. On the other hand, when I tested from a WSL 2 Ubuntu distribution, I had no problems connecting to Google.com as it bypassed the Windows Firewall's filtering. WSL 2 distribution bypassing the Windows Firewall To make sure that this was not a strange configuration on my end, numerous other people helped BleepignComputer test the bypass, and they confirmed that it was happening on their end as well. What's the big deal? The main concern with WSL 2 bypassing the Windows Firewall is that no one knows about it. If you are coming from WSL 1, you would expect your outbound connections from WSL Linux distributions to be filtered through the Windows Firewall, as that is the usual behavior. Once you upgrade to WSL 2, though, it no longer honors your firewall configuration, and any security that relies on it no longer works. As WSL 2 distributions can support a wide array of Linux applications, including server implementations like Docker, it does make sense to be seen as an independent operating system that does not rely on the Windows Firewall. It is necessary, though, that users know that their configured Windows Firewall rules will be ignored. The good news is that WSL 2 supports Linux firewall implementations like iptables that can control network traffic. For example, after installing iptables, you can use the following command to block connections to port 80 and 443. sudo iptables -A OUTPUT -p tcp --match multiport --dports 80,443 -j DROP Once this rule is enabled, attempting to connect to a website from the WSL 2 Linux distro no longer works. iptables blocking connection to Google The Windows Subsystem for Linux version 2 (WSL 2) is far more powerful than the first version, but with it comes security considerations that users should be aware of. Suppose you rely on the Windows Firewall to control your network communications. In that case, you need to pay special consideration to how you configure your WSL 2 distributions so that you can replicate your configured Windows security. BleepingComputer has contacted Microsoft with questions related to this story but has not heard back. Source1 point
-
Also, din cate stiu eu, pozele sunt stocate in AD (Active Directory). Ca idee, asa ar arata in Powershell: Set-ADUser user_1 -Replace @{thumbnailPhoto=([byte[]](Get-Content "C:\ps\user_1_photo.jpg" -Encoding byte))}1 point
-
1 point
-
Ca sa nu mai creez un alt topic iacata inca niste harti grafice superbe. Includ workflows ptr. diferite scenarii pentest (recon, vuln scan, etc) cu uneltele de rigoare. Una dintre cele mai utile resurse ptr. inceput de drum (mai ales daca nu stii cum naiba sa incepi primul program de bug bounty). https://pentester.land/conference-notes/2018/07/25/bug-bounty-talks-2017-automation-for-bug-hunters.html1 point
-
White hat hacker infects smart coffee machine with ransowmare by Waqas on September 28th, 2020 IPVanish Avast security researcher reverse-engineered an IoT coffee machine to upload ransomware and mine Monero coin. Smart appliances have always remained a risky option for consumers, specifically when it comes to coffee machines. Back in 2015, Pen Test Partners researchers discovered security flaws in the first version of the Smarter iKettle brand of coffee machine with which they could recover its Wi-Fi encryption keys. Similar flaws were identified in the second version of this coffee machine, and now it appears that there are issues in its latest version as well. This should not come as surprise as in 2017 Hackread.com exclusively reported how a coffee machine infected a factory’s entire computer network with ransomware. Now, Martin Hron, a senior researcher at security firm Avast, hacked the iKettle coffee maker’s third version without compromising the network or router. Hron experimented on the £179 coffee machine to demonstrate that hacking an IoT device is possible without accessing unprotected routers. Coffee machine hacked with ransomware (Image: Avast) His experiment was quite successful as he had to pull the plug to stop the machine’s malfunctioning. Later he wrote about his findings in a blog post published on Sep 25, explaining that: “The threat to IoT devices is not just to access them via a weak router or exposure to the internet, but that an IoT device itself is vulnerable and can be easily owned without owning the network or the route.” Hron could access the coffee maker via a firmware update since unencrypted connection corresponded to its Android smartphone app. When he switched it on, the researcher noted that the machine served as a Wi-Fi access point facilitating an unsecured/unencrypted connection to the android app. After probing further, Hron learned that the firmware update mechanism was also unencrypted and didn’t involve any authentication process or code-signing. Then, Hron uploaded the app’s latest firmware version to a computer and performed reverse engineering with an interactive disassembler. Hron also took apart the appliance to identify the CPU installed inside. Initially, he tried to convert it into a cryptocurrency miner but found that the CPU wasn’t efficient enough. Coffee machine hacked to mine Monero coin (Image: Avast) 1 of 3 After obtaining the necessary details, Hron wrote a Python script, which replicated the machine’s update process. He also modified its firmware and script lines to make the machine malfunction and demand a ransom after connecting to a user’s home network. Watch how it happened: Video Player However, Hron clarified that it isn’t as easy to hack the coffee maker as it sounds to be. The hacker will have to remain within the machine’s Wi-Fi range. Still, it is concerning that smart appliances could be exploited in such a way. “With the pace of IoT explosion and a bad attitude to support, we are creating an army of abandoned vulnerable devices that can be misused for nefarious purposes such as network breaches, data leaks, ransomware attack, and DDoS,” Hron wrote. Sursa: https://www.hackread.com/white-hat-hacker-smart-coffee-machine-ransowmare/1 point
-
1 point
-
1 point