Links
Tag cloud
Picture wall
Daily
Plugins
  • ► Play Videos
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
page 1 / 5
83 results tagged secu  ✕   ✕
JPCERTCC/EmoCheck: Emotet detection tool for Windows OS https://github.com/JPCERTCC/EmoCheck
Mon 21 Sep 2020 04:21:42 PM CEST archive.org
thumbnail

EmoCheck

GitHub release Github All Releases

Emotet detection tool for Windows OS.
How to use

Download EmoCheck from the Releases page.
Run EmoCheck on the host.
Check the exported report.
emotet check scan secu virus malware
Distro_debian · Wiki · AppArmor / apparmor · GitLab https://gitlab.com/apparmor/apparmor/-/wikis/distro_debian
Wed 26 Aug 2020 11:56:05 AM CEST archive.org

Distro_debian
Last edited by Steve Beattie 2 years ago
In Stock Debian

AppArmor should be available out of the box in the latest Debian distros. Please see http://wiki.debian.org/AppArmor

To enable the AppArmor in the Debian kernel, add “security=apparmor” to the kernel parameters, like this:

sed -i -e 's/GRUB_CMDLINE_LINUX_DEFAULT="/&security=apparmor /' /etc/default/grub

This sed command results in the following /etc/default/grub line on my system:

GRUB_CMDLINE_LINUX_DEFAULT=“security=apparmor quiet”

Then run

update-grub

Experimental AppArmor on Debian Jessie amd64
Kernel
Obtaining

mkdir -p ~/apparmor/ && cd ~/apparmor/
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.10.2.tar.xz
tar -xJf linux-3.10.2.tar.xz
cd linux-3.10.2/

Building

cd ~/apparmor/linux-3.10.2/

See if we can reuse the existing kernel configuration (CONFIG_IKCONFIG=y, CONFIG_IKCONFIG_PROC=y):

cp /proc/config.gz ./ && gzip -d config.gz

Tweak the kernel, enable AppArmor:

apt-get install libncurses-dev
make menuconfig

“Security options” ---> “AppArmor support”, “Enable AppArmor 2.4 compatability”
Installing

aptitude install dpkg-dev bc
cd ~/apparmor/linux-3.10.2/
make deb-pkg
dpkg -i ../linux-firmware-image_{version}.deb
dpkg -i ../linux-headers-{version}.deb
dpkg -i ../linux-image-{version}.deb

If the kernel is installed on another host, then symlinks for DKMS should be fixed.

rm /lib/modules/{version}/build; ln -s /usr/src/linux-headers-{version} /lib/modules/{version}/build
rm /lib/modules/{version}/source; ln -s /usr/src/linux-headers-{version} /lib/modules/{version}/source

About dpkg -i ../linux-libc-{version}.deb: /usr/include/x86_64-linux-gnu/asm seems to be missing from latest linux-libc-{version}.deb. If you installed linux-libc-{version}.deb, you can downgrade to Debian version with aptitude install linux-libc-dev=3.0.0-3.

Finally:

update-grub

Checking

Reboot under new kernel:

/sbin/shutdown -r now

or

reboot

Now see if AppArmor is loaded and enabled (should print “Y”):

cat /sys/module/apparmor/parameters/enabled

Tools

aptitude install apparmor apparmor-profiles
/etc/init.d/apparmor restart

Checking

cat /var/log/audit/audit.log | grep apparmor_parser

should display something like

type=AVC msg=audit(1316949034.097:108): apparmor=“STATUS” operation=“profile_load” name=“/bin/ping” pid=5207 comm=“apparmor_parser”

Tuning logs

Audit data by default is dropped into /var/log/messages via rsyslogd. That way, the data is severely capped by the kernel in order not to overload the messages log. To make audit data usable with AppArmor we should install auditd and tune it to keep large amounts of data:

apt-get install auditd
sed -i -re 's/max_log_file = [0-9]+/max_log_file = 200/' /etc/audit/auditd.conf
/etc/init.d/auditd restart

secu debian apparmor boot check
Sécuriser OpenSSH https://www.tronyxworld.be/2020/hardening_ssh/
Sat 22 Aug 2020 02:21:55 PM CEST archive.org

Sécuriser OpenSSH
21 Aug 2020

Sshd est le processus du serveur OpenSSH.

Il écoute les connexions entrantes à l’aide du protocole SSH et agit comme serveur pour le protocole.

Il gère l’authentification des utilisateurs, le chiffrement, les connexions de terminaux, les transferts de fichiers et le tunneling.

ssh config secu debian
SSH Configuration Auditor https://www.ssh-audit.com/
Sat 22 Aug 2020 01:42:31 PM CEST archive.org

Home SSH Hardening Guides Contact

About

This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.

Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.

To see a sample report, click here.

scan ssh secu check
Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server - IT Security Research by Pierre https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html
Mon 10 Aug 2020 02:25:13 PM CEST archive.org

Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server

TL;DR: by analysing the security of a camera, I found a pre-auth RCE as root against 1250 camera models. Shodan lists 185 000 vulnerable cameras. The "Cloud" protocol establishes clear-text UDP tunnels (in order to bypass NAT and firewalls) between an attacker and cameras by using only the serial number of the targeted camera. Then, the attacker can automaticaly bruteforce the credentials of cameras.
Product Description

The Wireless IP Camera (P2P) WIFICAM is a Chinese web camera which allows to stream remotely.

secu ip cam faille
shhgit: find secrets in real time across GitHub, GitLab and BitBucket https://shhgit.darkport.co.uk/
Fri 10 Jul 2020 09:29:52 AM CEST archive.org
thumbnail

shhgit finds secrets and sensitive files across GitHub (including Gists), GitLab and BitBucket committed in near real time.

secu ssh git password leaks

secu ssh git password leaks
IP Leak Tests - DNS, IPv6, WebRTC. Share Results. https://ipleak.org/
Wed 08 Jul 2020 04:05:13 PM CEST archive.org

IP Leak Test DNS Leak Test What is my IP?

secu dns check vpn
DNS leak test https://www.dnsleaktest.com/
Wed 08 Jul 2020 04:03:34 PM CEST archive.org

DNS leak test

What is a DNS leak?
What are transparent DNS proxies?
How to fix a DNS leak
vpn leak test check secu
BotReports.com - Updates on the bots and user-agents for the latest spiders, crawlers, scrapers and more http://www.botreports.com/index.shtml
Fri 03 Jul 2020 08:41:30 PM CEST archive.org
thumbnail

We collect and share information about different bots (user-agents) that you may see visiting your site. If you have noticed a bot that you are not familiar with, search our database of bots. We list many bots that were reported as bad bots and provide as much information as we can about the bots we list.

bot badbot botrepoorts secu web crawler spyder
Mozilla Observatory :: Scan Results for echosystem.fr https://observatory.mozilla.org/analyze/echosystem.fr
Thu 02 Jul 2020 08:06:08 PM CEST archive.org

The Mozilla Observatory has helped over 170,000 websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely.
Scan your site

tls http observatory ssh mozilla check test secu echosystem.fr
💀 Sploitus | Exploit & Hacktool Search Engine https://sploitus.com/
Mon 29 Jun 2020 03:43:28 PM CEST archive.org

Exploits of the week
Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)
Code Blocks 20.03 - Denial Of Service (PoC)
WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting
WebPort 1.19.1 - Cross Site Scripting
Frigate 2.02 - Denial Of Service (PoC)
Responsive Online Blog 1.0 - 'id' SQL Injection
Trend Micro Web Security - Remote Code Execution
Lansweeper 7.2 Default Account / Remote Code Execution
Student Enrollment 1.0 - Remote Code Execution
FileRun CVE-2019-12905 - Cross Site Scripting

exploit hacktool hack tool secu
Report URI: Tools https://report-uri.com/home/tools
Sun 14 Jun 2020 09:15:33 PM CEST archive.org
thumbnail

About us

Report URI was founded to take the pain out of monitoring security policies like CSP and other modern security features. When you can easily monitor what's happening on your site in real time you react faster and more efficiently, allowing you to rectify issues without your users ever having to tell you.

Our platform is constantly evolving to help you, our users, better protect your users.

check uri analiser secu
HSTS Preload List Submission https://hstspreload.org/?domain=echosystem.fr
Thu 14 May 2020 11:42:45 AM CEST archive.org

hstspreload

hstspreload secu webserver apache web
Robots.txt - Manuel d'implémentation http://robots-txt.com/
Thu 07 May 2020 05:59:01 PM CEST archive.org

Robots.txt
Introduction au protocole d'exclusion des robots

Le protocole d'exclusion des robots, plus connu sous le nom de robots.txt, est une convention visant à empêcher les robots d'exploration (web crawlers) d'accéder à tout ou une partie d'un site web.

Le fichier robots.txt, à placer la racine d'un site web, contient une liste de ressources du site qui ne sont pas censées être explorées par les moteurs de recherches. Ce fichier permet également d'indiquer aux moteurs l'adresse du fichier sitemap.xml du site.

Par convention, les robots consultent le fichier robots.txt avant d'explorer puis d'indexer un site Web. Lorsqu'un robot tente d'accéder à une page web, comme par exemple http://www.mon-domaine.fr/page.html, il tente d'accéder en premier lieu au fichier robots.txt situé à l'adresse http://www.mon-domaine.fr/robots.txt
Comment créer le fichier robots.txt

Le fichier robots.txt doit être placé obligatoirement à la racine de votre site ; si celui-ci est placé dans un répertoire par exemple, les moteurs ne le découvriront pas et ne suivront pas ses règles et paramètres. Par ailleurs, le fichier doit être d'une taille inférieure à 62 Ko (cf. Taille maximale du fichier robots.txt).

Si le domaine de votre site est http://www.mon-domaine.fr/, le fichier robots.txt doit se situer obligatoirement à l'adresse suivante http://www.mon-domaine.fr/robots.txt

A noter qu'il est également nécessaire que le nom du fichier robots.txt soit en minuscule (pas de Robots.txt ou ROBOTS.TXT).

Voir également les ressources pour la création d'un fichier robots.txt sur un serveur en HTTPS ou dans le cas de sous-domaines.
Le contenu du fichier robots.txt

Exemple de contenu d'un fichier robots.txt :

User-agent: *
Disallow:

Robots.txt secu aide help
Portsentry : Sécurisez votre serveur Linux contre les tentatives d'intrusion ! - Geeek.org https://www.geeek.org/portsentry-linux-securite/
Mon 20 Apr 2020 09:08:22 PM CEST archive.org
thumbnail

Portsentry : Sécurisez votre serveur Linux contre les tentatives d'intrusion !
par Ludovic Toinel il y a 6 jours
3 min de lecture

secu debian portsentry
Is BGP safe yet? · Cloudflare https://isbgpsafeyet.com/
Mon 20 Apr 2020 10:21:28 AM CEST archive.org
thumbnail

Is BGP safe yet? No.

Border Gateway Protocol (BGP) is the postal service of the Internet. It’s responsible for looking at all of the available paths that data could travel and picking the best route.

Unfortunately, it isn’t secure, and there have been some major Internet disruptions as a result. But fortunately there is a way to make it secure.

ISPs and other major Internet players (Comcast, Sprint, Verizon, and others) would need to implement a certification system, called RPKI.

bgp test secu isp
Terminal Escape Injection - InfosecMatter https://www.infosecmatter.com/terminal-escape-injection/
Fri 17 Apr 2020 02:38:02 PM CEST archive.org
thumbnail

Shell script escape injection

  echo -e '#!/bin/sh\n\necho "evil!"\nexit 0\n\033[2Aecho "Hello World!"\n' > script.sh
 chmod a+x script.sh

The resulting script.sh will then work on (has been tested on):

 Linux (gnome-terminal, xterm, aterm)
 Mac OS (Terminal 2.0, iTerm2)
 Cygwin (Windows)

Python script escape injection

     echo -e '#!/usr/bin/python\n\nprint "evil!";\nexit(0);\n#\033[2A\033[1Dprint "Hello World!";\n' > script.py
   chmod a+x script.py

The resulting script.py will then work on (has been tested on):

Linux (gnome-terminal, xterm, aterm)
Mac OS (Terminal 2.0, iTerm2)
Cygwin (Windows)

Batch (Command Prompt) escape injection

     echo -e '@echo off\n\r\n\recho evil!\r\n::\033[2D  \033[A\033[2Decho Hello World!' > script.bat

The resulting script.bat will then work on (has been tested on):

Windows 10 PowerShell
Windows 10 Command Prompt

PS1 (PowerShell) escape injection

      echo -e 'write-host "evil!"\r\n#\033[A\033[2Dwrite-host "Hello World!"' > script.ps1

The resulting script.ps1 will then work on (has been tested on):

Windows 10 PowerShell
Windows 10 Command Prompt

Conclusion

As we have seen in this article, terminal escape injections affect practically every modern operating system environment and they can be really nasty.

As infosec professionals, we should know about them and keep our guards up when it matters. Hopefully this article provided enough information to stay safe.

Please feel free to let us know in the comment section your thoughts.

secu injection terminal shell
Ne pas copier coller n'importe quel texte de source inconnue - BL 🅾️ G https://blog.echosystem.fr/?d=2020/03/25/13/52/34-ne-pas-copier-coller-nimporte-quel-texte-de-source-inconnue
Wed 25 Mar 2020 03:36:42 PM CET archive.org

Ne pas copier coller n'importe quel texte de source inconnue
pirate

!! Ne pas copier/coller des sources inconnues dans votre terminal SSH

On a tous un jour copier ne serait-ce qu'un git clone ou un bout de script (ou même une toute petite ligne de commande) sur une page/article d'un site , malheureux qu'a tu fais ...

Ne sais tu pas que le texte que tu vois ne correspond pas fatalement au code qu'il renvoie

secu copier/coller
Password Security info https://passwordsecurity.info/
Wed 24 Jul 2019 11:13:20 AM CEST archive.org

PasswordSecurity.info
Put a password in this box:

HaveIBeenPwned? secu hibp
Identity Leak Checker https://sec.hpi.de/ilc/search
Wed 06 Feb 2019 11:36:36 PM CET archive.org

Accounts
8,165,160,541
Leaks
810
Leaked accounts per day
879,875
Is someone spying on you?

Everyday personal data is stolen in criminal cyber attacks. A large part of the stolen information is subsequently made public on Internet databases, where it serves as the starting point for other illegal activities.

With the HPI Identity Leak Checker, it is possible to check whether your email address, along with other personal data (e.g. telephone number, date of birth or address), has been made public on the Internet where it can be misused for malicious purposes.

hack mail password spam bd secu
page 1 / 5
1431 links, including 7 private
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn