timb-machine

#!/bin/sh

OLDNAME="${1}"
NEWNAME="${2}"

grep -r "${OLDNAME}" . | cut -f 1 -d : | sort | uniq | while read filename
do
	cp "${filename}" "${filename}.old"
	cat "${filename}.old" | sed "s/${OLDNAME}/${NEWNAME}/g" > "${filename}"
	rm "${filename}.old"

timb-machine

<//15006>;ct=0;obs,<//15001>;ct=0;obs,<//15004>;ct=0;obs,<//15004/add>;ct=0,<//15004/remove>;ct=0,<//15010>;ct=0;obs,<//15005>;ct=0;obs,<//15011/15012>;ct=0;obs,<//15011/9034>;ct=0,<//15011/9030>;ct=0,<//15011/9031>;ct=0,<//15011/9094>;ct=0;obs,<//15011/9095>;ct=0;obs,<//15011/9104>;ct=0;obs,<//15011/9063>;ct=0

timb-machine

15006
[]
15001
[]
15004
[]
15004/add
4.05
15004/remove
4.05

timb-machine

#!/bin/sh
# Not to be confused with https://labs.portcullis.co.uk/tools/unix-socket-scanner/ which does more detailed enumeration but doesn't do permission checks

netstat -an | grep stream | awk '{print $9}' | sort | uniq | egrep -v "vms\/|^$" | while read socketname
do
	if [ -n "$(printf "${socketname}" | grep "^/")" ]
	then
		printf "==\n"
		ls -la "${socketname}"
		if [ -n "$(ls -la "${socketname}" | grep "s.......w. ")" ]

timb-machine

#!/usr/bin/perl

use Cwd;
use MIME::Base64;

$start = getcwd();
$maxnewpath = 1024;
while (sysread(STDIN, $byte, 1) != 0) {
	$maxpath = 100;
	$string = $byte;

timb-machine

Zoom client application chat Giphy arbitrary file write
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1055
8.5 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Tims-MacBook-Air:~ timb$ ./cvss-to-kill-chain-phase.pl CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Delivery
0.6
Weaponisation
0.3
Command & Control

timb-machine

#!/usr/bin/perl -w

use strict;
use Data::Dumper;

my %killchainmodel;
my $cvssmetric;
my $metricname;
my $metricscore;
my $phasename;

timb-machine

// Taken from https://urlscan.io/result/ce20fb52-b4d9-45dd-8034-fb9eae99350e#transactions:
// Request 1 for loadtxt.php:
// Blob 2 from response decoded with base64decode.org:

<!DOCTYPE html>
<html>
<head>
	<title></title>
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
</head>

timb-machine

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

timb-machine

Twitter Official Consumer Key

Twitter for Android

type:            PIN
Consumer key:    3nVuSoBZnx6U4vzUxf5w
Consumer secret: Bcs59EFbbsdF6Sl9Ng71smgStWEGwXXKSjYvPVt7qys

Twitter for iPhone

type:            PIN

Consumer key: IQKbtAYlXLripLGPWd0HUA