β β β Uππ»βΊπ«Δπ¬πβ β β β
π§ DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π§ DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
crontab -e#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅XSS vulnerability exists in Tongda OA Government Affairs Edition:
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition
Forwarded from DailyCVE
π΅Weaveworks Weave Net security vulnerabilities: (DC: 253-2021)
https://dailycve.com/weaveworks-weave-net-security-vulnerabilities
https://dailycve.com/weaveworks-weave-net-security-vulnerabilities
Dailycve
Weaveworks Weave Net security vulnerabilities | CVE
Details:
Weaveworks Weave Net is a British Weaveworks cloud network toolkit. Weave Net has a safety flaw that an attacker may use to gain control of any host in the cluster.
Code & Source:
https://github.com/weaveworks/weave/security/advisories/GHSAβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Hong Kongers flee the popular Russian messenger en masse from WhatsApp. This isn't a telegram.
#Updates
#Updates
Forwarded from DailyCVE
π΅ImageMagick: Multiple vulnerabilities:
(DC: 254-2021)
https://dailycve.com/imagemagick-multiple-vulnerabilities
(DC: 254-2021)
https://dailycve.com/imagemagick-multiple-vulnerabilities
Dailycve
ImageMagick: Multiple vulnerabilities | CVE
Forwarded from DailyCVE
π΅Unpatched SQL injection vulnerability exists in SMJS/jdjs framework:
(DC: 255-2021)
https://dailycve.com/unpatched-sql-injection-vulnerability-exists-smjsjdjs-framework
(DC: 255-2021)
https://dailycve.com/unpatched-sql-injection-vulnerability-exists-smjsjdjs-framework
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
π¦How to Bypass HTTPS ? //free course β 4.6 rating :
https://www.udemy.com/tutorial/learn-python-and-ethical-hacking-from-scratch/how-to-bypass-https/
https://www.udemy.com/tutorial/learn-python-and-ethical-hacking-from-scratch/how-to-bypass-https/
Udemy
How to Bypass HTTPS | Free Video Tutorial | Udemy
Start from 0 & learn both topics simultaneously from scratch by writing 20+ hacking programs | Learn from instructors on any topic