Tuesday, July 8, 2025

AI loves me right ( nerd issue)

 


Cyber ( Hack NATO join login and logout url path )

 

















public class UrlKeyDecoder {


    public static class DecodedKey {

        public String loginId;

        public String logoutKey;

    }


    public static DecodedKey decodeKey(String encodedPathKey) {

        DecodedKey key = new DecodedKey();


        // Assuming ⊕ is used to split loginId and logoutKey

        String delimiter = "⊕";  // or use "*" or custom symbol

        String[] parts = encodedPathKey.split(delimiter);


        if (parts.length == 2) {

            key.loginId = parts[0];

            key.logoutKey = parts[1];

        } else {

            throw new IllegalArgumentException("Invalid encoded key format");

        }


        return key;

    }


    public static void main(String[] args) {

        DecodedKey result = decodeKey("user123⊕log987");

        System.out.println("Login ID: " + result.loginId);

        System.out.println("Logout Key: " + result.logoutKey);

    }

}

POST /flushcache/user123⊕log987

POST /flushcache/user123%E2%8A%95log987


import java.net.URI;

import java.net.http.HttpClient;

import java.net.http.HttpRequest;

import java.net.http.HttpResponse;

import java.util.Base64;


public class CacheFlusher {


    public static void flushCache(String userId, String logoutKey) {

        try {

            // Step 1: Combine using a math expression format

            String rawKey = userId + "+" + logoutKey;


            // Step 2: Encode (example: Base64 or hash)

            String encodedKey = Base64.getEncoder().encodeToString(rawKey.getBytes());


            // Optional: Use a symbolic operator

            // String encodedKey = userId + "★" + logoutKey;


            // Step 3: Build the POST request with encoded key in path

            String pathUrl = "https://yourdomain.com/flushcache/" + encodedKey;


            HttpRequest request = HttpRequest.newBuilder()

                .uri(URI.create(pathUrl))

                .POST(HttpRequest.BodyPublishers.noBody()) // Or send JSON if needed

                .build();


            HttpClient client = HttpClient.newHttpClient();

            HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());


            System.out.println("Status: " + response.statusCode());

            System.out.println("Response: " + response.body());


        } catch (Exception e) {

            e.printStackTrace();

        }

    }

}


POST /flushcache/user123★log987

POST /flushcache/dXNlcjEyMytsb2c5ODc=


import java.net.URI;

import java.net.http.HttpClient;

import java.net.http.HttpRequest;

import java.net.http.HttpResponse;


public class CacheFlusher {


    public static void flushCache(String userId, String logoutKey) {

        try {

            // Define the request body

            String jsonPayload = String.format(

                "{ \"key\": \"%s@%s\" }", userId, logoutKey

            );


            // Build the POST request

            HttpRequest request = HttpRequest.newBuilder()

                .uri(URI.create("https://yourdomain.com/flushcache"))

                .header("Content-Type", "application/json")

                .POST(HttpRequest.BodyPublishers.ofString(jsonPayload))

                .build();


            // Create HttpClient and send request

            HttpClient client = HttpClient.newHttpClient();

            HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());


            // Log the response

            System.out.println("Status Code: " + response.statusCode());

            System.out.println("Response Body: " + response.body());


        } catch (Exception e) {

            e.printStackTrace();

        }

    }

}

CacheFlusher.flushCache("user123", "log987");


import java.io.BufferedReader;

import java.io.InputStreamReader;

import java.net.HttpURLConnection;

import java.net.URL;


public class CacheFlusher {


    public static void flushCache(String userId, String logoutKey) {

        try {

            String operator = "@";

            String urlString = "https://yourdomain.com/flushcache?key=" + userId + operator + logoutKey;

            URL url = new URL(urlString);


            HttpURLConnection conn = (HttpURLConnection) url.openConnection();

            conn.setRequestMethod("GET");


            int status = conn.getResponseCode();

            System.out.println("HTTP Status: " + status);


            BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));

            String line;

            StringBuilder response = new StringBuilder();


            while ((line = in.readLine()) != null) {

                response.append(line);

            }


            in.close();

            System.out.println("Response: " + response.toString());


        } catch (Exception e) {

            e.printStackTrace();

        }

    }

}

CacheFlusher.flushCache("user123", "log987");

String userId = "user123";

String logoutKey = "log987";

String operator = "@";

String flushUrl = "https://yourdomain.com/flushcache?key=" + userId + operator + logoutKey;


// Sample user ID and logout key

String userId = "user123";

String logoutKey = "log987";


// Special character operator

String operator = "@";


// Flush cache endpoint

String baseUrl = "https://yourdomain.com/flushcache";


// Construct final URL with special character and query parameter

String flushUrl = baseUrl + "?key=" + userId + operator + logoutKey;


// Output: https://yourdomain.com/flushcache?key=user123@log987

System.out.println("Flush URL: " + flushUrl);



Monday, July 7, 2025

Cyber ( NATO URL HACK REQUEST 1 ATTEMPT)


 https://amdc2-iss-ncia-nato-int.auth.eu-central-1.amazoncognito.com/error?redirect_uri=https%3A%2F%2Famdc2-iss.ncia.nato.int%2Fparseauth&response_type=code&client_id=t9jvi6o4it7u7k5j0svjd18f3&state=eyJub25jZSI6IjE3NTE4OTA5MDRUSS1kbXduLWZTWEV6VFB0ayIsInJlcXVlc3RlZFVyaSI6Ii8ifQ&scope=phone%20email%20profile%20openid%20aws.cognito.signin.user.admin/

Cyber ( NATO hack JSON JUST IN TIME URL)

 







https://nia.nato.int/access?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Cyber ( NATO HACK proof of concept server down access to login url )