Silly Seedboxes

Tuesday, June 5, 2012 Posted by Unknown 0 comments

Just got a seedbox. snooped around a little. Make sure everything was setup right before I started to use it.

Noticed that in the /tmp/ directory it was storing all the .torrent files. cat a few of them sure enough peoples hashes from all the users on that box. It was a problem in deluge.

file: json_api.py
Line: tmp_file = os.path.join(tempfile.gettempdir(), url.split("/")[-1])


Patch submitted by admin I brought it up to:http://dev.deluge-torrent.org/attachment/ticket/2112/json_api_patch.diff
http://dev.deluge-torrent.org/ticket/2112

This is bad because you are not spouse to leak your hash to other people. You can download files under the other persons ID. It can also create lots of other problems I wont get into.

Labels:

cmyip

Posted by Unknown 0 comments
EDIT: They changed the way the numbers are encoded. See updated post: http://blog.init6.me/2012/11/update-cmyip.html


Just a little script that will echo back your current public IP address. Nice for when you are on a terminal and don't want to fire off any text browsers. etc.

#!/bin/bash
ip_addr=`curl -s http://cmyip.com | grep -o -E '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}'`
echo $ip_addr

Labels:

Teensy Code Update

Friday, February 17, 2012 Posted by Unknown 0 comments
New Teensy Code: 
Exploit/payload:
En/Decode base64.vbs
BSOD.hta


This new code just writes out the payload to the command prompt after you type memexe that way you dont have to write the file to the filesystem before passing it to memexe speeds things up.
Labels:

Zeus Petting Farm

Tuesday, February 14, 2012 Posted by Unknown 0 comments
My Zeus slides from DC214 presentation.
Labels:

WIFI ISP

Wednesday, December 28, 2011 Posted by Unknown 0 comments
Connecting to multiply WIFI connections using the combined bandwidth for nefarious purposes. 


Hardware I am going to be using for this project:
Installed Debian stable.

To utilize multiply WIFI connections you have to setup multi-homing Instead of buying really pricey ISP equipment you can just configure a computer to do the same thing. I used modified steps located at http://tetro.net/misc/multilink.html

To be continued....

Labels:

Simple Python HTTP Proxy

Friday, November 4, 2011 Posted by Unknown 0 comments
Simple Python HTTP Proxy
Labels:

Updated slides for WeaponizingTheTeensy[clean]

Wednesday, November 2, 2011 Posted by Unknown 0 comments
Slides

New code
Labels:
Subscribe to: Posts (Atom)