Jump to content

enquire

Active Members
  • Posts

    10
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by enquire

  1. I'm working through the Metasploitable 3 vulnerabilities. One of the frequent ones I see mentioned is Elasticsearch on port 9200. I can't get nmap to identify that port as Elasticsearch. Even when I do a -A -sV --version-all (and a bunch of other noisy scans) the best it can do is say it's the default wap-wsp port. So, I have 2 questions: Will Elasticsearch always be running on that port? Can anything be preventing nmap from identifying it on 9200? I'm running through virtualbox - I've heard it can drop some packets when looking at wireshark, but I haven't heard whether the VM can affect the scan results. (I've tried running the script_mvel_rce exploit blind... it copies the file but can't execute it).
  2. Thanks digininja. I'd really like to find out how the tracking mechanism actually works and what information they are capturing. I know on an academic level what they do, but that's not quite the same as seeing the actual code.
  3. Hi all, I decided to have a look at some spam links that I have been getting. The initial link gets redirected and has a bunch of stuff added to the header. I'm trying to work out what this cookie value is actually doing. k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABDk5OTNtAAAACndQT2pnck96QVJtAAAAA2hpZG0AAAAkR09VRXNHUXdpekdWSFptRWhFcnZQcVFaV3ZsWE1UV1F2Q1hsbQAAAAJobGQAA25pbG0AAAACcmR0AAAABGQACl9fc3RydWN0X19kABhFbGl4aXIuVGRleC5Sb3RhdGlvbkRhdGFkAA5jbGlja2VkX29mZmVyc3QAAAAAZAAIbGFuZGluZ3NsAAAAAWIAAAZ7amQAC3NlZW5fb2ZmZXJzbAAAAAFiAABPQGptAAAABXN1Yl8xZAADbmlsbQAAAAVzdWJfMmQAA25pbG0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxYbmhyQmRtcmxxc20.XZnyU-49Qn1pYk8vC6TQUzgU17fLo9Xwsbi1f7Y94zQ; uord=7a34e4b715635466bc5f46dbf117ad70 When I Base64 decrypt it looks like a referral tracker, but there are still a bunch of unreadable characters. Can someone help me make sense of this? There must be some sort of character substitution or extra encoding going on. (It could be a totally normal click tracker, but I'm sure this spam will be trying to do more than that).
  4. Has anyone done the HolidayHackChallenge? I just started. I can't event get the first bit done. (Getting Alibasters password and getting root on the l2s server). It's still a bit of fun.
  5. I totally agree. However, this was being pushed out to an app that kids use. I gathered some basic "publicly accessible" data and forwarded it to the FBI.
  6. Hi, I'm too shy to use my real name. Chose the pseudonym "enquire" because I'm generally curious about security. Also, I'm not game enough to say my favourite book, etc - seems too close to providing answers to security questions. ;) I've recently loaded a metasploitable vm to learn a few basic skills.
  7. I have a Alpha AWUS036NHA wireless adapter. Its fun having the extra power. But I'd like to mess around with with a directional antenna. Is there an easy way to convert the standard Alpha AWUS036NHA to be directional? Can I mount it in a Pringles can or something? I'd prefer not to damage the current unit in the process... if possible.
  8. I have an interesting real-life situation here. First of all, I don't want to do anything illegal here. So please don't suggest any aggressive hacks. There is some outfit that has been spamming Periscope with hard-core porn and trying to lure people back to their site (some sort of honey-trap scheme). They have various urls they use. These get redirected a few times and, as far as I can tell, eventually end up on the same landing page. I'm faily sure this site either collects credentials, loads malware, or does something else nefarious. I have reported this to periscope a number times but only recieve a "thankyou for contacting us" message. So, I want to confirm what this site does. If it is doing something bad I can report it to the FBI, CERT, or whoever investigates cybercrime. Can anyone give me some pointers on seeing what a site does in the background when you visit it? Is Burpsuite the way to go? Again, nothing illegal. I just want to view the way it interacts with me (the end user).
×
×
  • Create New...