Today I had recieved an interesting phishing message via Messenger from a frend, who's also a tech guy so it was suprirpising that he got compromised.
The initial message said:
Is it you in this video? 😱
https://zu7.eu/L3VAD6EzsR
The url loaded from any browser, orther than mobile will redirect to twitch.tv otherwise it would display the following html:
| import requests | |
| import time | |
| import urllib.parse | |
| from bs4 import BeautifulSoup | |
| from selenium import webdriver | |
| from selenium.common.exceptions import NoAlertPresentException | |
| url = "https://xss-game.appspot.com/level1/frame" | |
| response = requests.get(url) | |
| soup = BeautifulSoup(response.text) |
| # Source https://github.com/Esox-Lucius/PiHoleblocklists | |
| 0-800-email.com | |
| 0-aprcredit-card.website | |
| 0-aprcredit-cards.website | |
| 0-aprcreditcard.website | |
| 0-aprcreditcards.website | |
| 0-secure-paypal.com | |
| 0.0.0.0 0-0.028.openvpn.cloud.btcchina.com | |
| 0.0.0.0 0-100-195.btcc.com |
The following page contains my notes and links about the seminar we had @ Softuni on Vulnerability management in package dependencies at 31st of August 2021.
| #!/bin/env python3 | |
| # https://www.bleepingcomputer.com/news/security/researcher-hacks-over-35-tech-firms-in-novel-supply-chain-attack/ | |
| # The following script finds all package.json files in the current dir and checks if there are referenced any | |
| # dependencies that no public package is available for, making your application vulnerable to supply-chain attack. | |
| # Simply run ./packagejson.py in your root repository direcotory. | |
| import json | |
| import requests | |
| from pathlib import Path | |
| import urllib.parse |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <opml version="1.0"> | |
| <head> | |
| <title>AWS RSS feeds 2019-04-22</title> | |
| </head> | |
| <body> | |
| <outline text="AWS" title="AWS"> | |
| <outline type="rss" text="Infrastructure & Automation" title="Infrastructure & Automation" xmlUrl="https://aws.amazon.com/blogs/infrastructure-and-automation/feed/" htmlUrl="https://aws.amazon.com/blogs/infrastructure-and-automation/"/> | |
| <outline type="rss" text="AWS Developer Blog" title="AWS Developer Blog" xmlUrl="http://feeds.feedburner.com/AwsDeveloperBlog" htmlUrl="https://aws.amazon.com/blogs/developer/"/> |
| #!/bin/bash | |
| # Test and patch CVE-2021-3156 | |
| patch() { | |
| # Simple method to patch with yum | apt | |
| if command -v apt-get >/dev/null; then | |
| sudo apt-get update | |
| sudo apt-get install $1 | |
| elif command -v yum >/dev/null; then | |
| sudo yum updateinfo $1 |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [{ | |
| "Sid": "DenyPriviledgeEscallationActions", | |
| "Effect": "Deny", | |
| "Action": [ | |
| "cloudformation:CreateStack", | |
| "codestar:AssociateTeamMember", | |
| "codestar:CreateProject", | |
| "codestar:CreateProjectFromTemplate", |
| #!/bin/bash | |
| # | |
| # description: EC2 Instance Prompt | |
| # author: Miglen Evlogiev <github@miglen.com> | |
| # | |
| # deployment: copy this file into /etc/profile.d/ec2-instance-prompt.sh | |
| # sudo wget https://gist.githubusercontent.com/miglen/e2e577b95acf1171a1853871737323ce/raw/ec2-instance-prompt.sh -P /etc/profile.d/ | |
| # sudo bash /etc/profile.d/ec2-instance-prompt.sh | |
| # |
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| import datetime | |
| import requests | |
| from bs4 import BeautifulSoup | |
| """ | |
| The following script books specified sessions for | |
| tomorrow in flyefiet gym web app. | |
| """ |