Starting at the URL http://web200.gosec.net:7721, we can see a login page for a dating site.
It is possible to identify that the user admin
exists because we get two distinct error messages.
Invalid user:
#!/usr/bin/python | |
# | |
# | |
# Decompling something being loaded in through powershell | |
# | |
# | |
# diff <[email protected]> | |
# | |
# |
#!/usr/bin/env python | |
"""script used to discover C&C's of Chinad botnet | |
(more: https://blog.malwarebytes.org/intelligence/2015/06/unusual-exploit-kit-targets-chinese-users-part-2/) | |
""" | |
import sys | |
import argparse | |
import urllib2 | |
url_bgn = "http://" |
Starting at the URL http://web200.gosec.net:7721, we can see a login page for a dating site.
It is possible to identify that the user admin
exists because we get two distinct error messages.
Invalid user:
// Determine linux distribution and version | |
cat /etc/issue | |
cat /etc/*-release | |
cat /etc/lsb-release | |
cat /etc/redhat-release | |
// Determine kernel version - 32 or 64-bit? | |
cat /proc/version | |
uname -a | |
uname -mrs |
#!/bin/bash | |
# As the "bufferbloat" folks have recently re-discovered and/or more widely | |
# publicized, congestion avoidance algorithms (such as those found in TCP) do | |
# a great job of allowing network endpoints to negotiate transfer rates that | |
# maximize a link's bandwidth usage without unduly penalizing any particular | |
# stream. This allows bulk transfer streams to use the maximum available | |
# bandwidth without affecting the latency of non-bulk (e.g. interactive) | |
# streams. |