Spam wave threatening Website Owners

It seems there is a massive spam campaign going on originating from this ip: https://www.shodan.io/host/137.59.253.16 and regarding to this guy also 103.103.0.118 and 141.98.103.30 Spam comments get placed on wordpress websites, featuring a pretty threatening text, at least for people who have monetary interest in their websites. Hey. Soon your…

Weiterlesen

Seehofer -.-

Angriff auf WhatsApp & Co.: Seehofer will Messenger zur Entschlüsselung zwingen heise online – https://heise.de/-4431634 Alle bitte mal die CSU ganz dringend abwählen. Aber ist ja nichts neues, seit 2001 sind die Menschenrechte auf dem absteigenden Ast. Wann bekommen wir eigentlich endlich ein Social Scoring System wie in China? Müssen…

Weiterlesen

filezilla stores passwords in (almost) plain text

When importing my sitemanager.xml from my windows filezilla to my linux box i discovered that the passwords in it are store in base64 encoding completely unencrypted. This is sucks, because i use a master password to, what i thought, encrypt my passwords with it. So what is the master password…

Weiterlesen

vulnhub hackingOS writeup

https://www.vulnhub.com/entry/hackinos-1,295/ running sparta gave me port 22 and 8000, on 8000 i found a defunct wordpress. which pointed to localhost, that could be fixed with locally assigning localhost to the vm’s network ip. i also found that Handsome_Container was a valid wordpress username. i started bruteforcing it with burp suite.…

Weiterlesen

Magery

Browsing Reddit I stumbled upon an article about Kevin Mitnick and what he’s doing nowadays. Since I’m still remembering the websites wearing orange free Kevin banners back in the days, I was pretty curious. Its awesome to see that he runs a very successful cybersec company. „Mitnick said he initially…

Weiterlesen

Debian 9.6 Virtual Box Appliance

Da ich häufig zum testen neuer server umgebungen ein frisches Debian benötige, aber auf die schnelle keine Virtual Box Aplliances finden konnte, habe ich mal eines gemacht. Es basiert auf der offiziellen Debian 9.6. Netinstall (https://www.debian.org/CD/netinst/#netinst-stable) und es sind lediglich die standard Systemwerkzeuge und ssh server intalliert. Frisch installiert, keinerlei…

Weiterlesen

i played in utctf

was quite a fun and my first ctf event. i had much rl stuff goin on during the 2 days, might have been better when i had more time. im looking forward to see some writeups for the ones i tried and didnt solve. http://utctf.live

Weiterlesen

immune hacking group writeup

This is a quick writeup of the challenge https://immersivelabs.online/labs/cyber-warrior-immune-hacking-group which was funny 🙂 In this warrior challenge you’ll need to follow the breadcrumbs to infiltrate an underground hacking community. You can find the community at their website, immunehackinggroup.tk – from here its all on you.  i found the first flag…

Weiterlesen

Uploadfilter verhindern

lasst unser Internet nicht sterben – uploadfilter verhindern! https://act.eff.org/action/germany-help-save-the-internet-from-the-copyright-directive

Weiterlesen