▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🐧 DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🐧 DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
crontab -e#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from DailyCVE
🔵XSS vulnerability exists in Tongda OA Government Affairs Edition:
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition
Forwarded from DailyCVE
🔵Weaveworks Weave Net security vulnerabilities: (DC: 253-2021)
https://dailycve.com/weaveworks-weave-net-security-vulnerabilities
https://dailycve.com/weaveworks-weave-net-security-vulnerabilities
Dailycve
Weaveworks Weave Net security vulnerabilities | CVE
Details:
Weaveworks Weave Net is a British Weaveworks cloud network toolkit. Weave Net has a safety flaw that an attacker may use to gain control of any host in the cluster.
Code & Source:
https://github.com/weaveworks/weave/security/advisories/GHSA…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Hong Kongers flee the popular Russian messenger en masse from WhatsApp. This isn't a telegram.
#Updates
#Updates
Forwarded from DailyCVE
🔵ImageMagick: Multiple vulnerabilities:
(DC: 254-2021)
https://dailycve.com/imagemagick-multiple-vulnerabilities
(DC: 254-2021)
https://dailycve.com/imagemagick-multiple-vulnerabilities
Dailycve
ImageMagick: Multiple vulnerabilities | CVE
Forwarded from DailyCVE
🔵Unpatched SQL injection vulnerability exists in SMJS/jdjs framework:
(DC: 255-2021)
https://dailycve.com/unpatched-sql-injection-vulnerability-exists-smjsjdjs-framework
(DC: 255-2021)
https://dailycve.com/unpatched-sql-injection-vulnerability-exists-smjsjdjs-framework
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
🦑How to Bypass HTTPS ? //free course — 4.6 rating :
https://www.udemy.com/tutorial/learn-python-and-ethical-hacking-from-scratch/how-to-bypass-https/
https://www.udemy.com/tutorial/learn-python-and-ethical-hacking-from-scratch/how-to-bypass-https/
Udemy
How to Bypass HTTPS | Free Video Tutorial | Udemy
Start from 0 & learn both topics simultaneously from scratch by writing 20+ hacking programs | Learn from instructors on any topic
Forwarded from DailyCVE
🔵Revive Adserver cross-site scripting vulnerability:
(DC: 256-2021)
https://dailycve.com/revive-adserver-cross-site-scripting-vulnerability
(DC: 256-2021)
https://dailycve.com/revive-adserver-cross-site-scripting-vulnerability
Dailycve
Revive Adserver cross-site scripting vulnerability | CVE
Details:
Revive Adserver is the Revive Adserver team's open source advertisement management system. The framework offers services such as publicity positioning, room ads and data statistics. Revive versions of Adserver previous to 5.1.0 are vulnerable…
Forwarded from UNDERCODE NEWS
It reveals the global deception of laptop makers. They mask the capabilities of video cards and mislead customers.
#International
#International
Forwarded from UNDERCODE NEWS
Google's Hazard Monitoring Division finds a massive social innovation camp directed at protection experts in vulnerability research and development.
#CyberAttacks
#CyberAttacks
v▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Imei & tracking :
What is the IMEI Number?
IMEI (International Mobile Equipment Identity) is a 15 unique number found in every mobile phone and serves as an identity certificate for your phone which can never be changed.
Whenever you buy a new phone, check behind the battery and you will find its IMEI number. It is very important to do this and keep the number safe as it could come in handy if your phone ever gets lost.
If your phone gets stolen, make sure you contact your service provider as quickly as possible and ask them to block your IMEI number.
1. Type *#06#
This is the easiest method. All you have to do is dial *#06# and the IMEI information on the phone will pop up.
2. Check Your Device Settings
Image for post
Go to settings>General> About. Scroll down to find the IMEI number.
3. On the Device
Image for post
The 14 digit IMEI number can also be located at the back of the device and on the SIM tray.
4. Apple ID account
Log in to the Apple ID account of the phone whose IMEI you need. Scroll to the section “Devices” and select that device. You will see the IMEI number pop up on your screen.
Also Read: How Spymaster pro track your kids’ activities?
How to track a lost phone with the IMEI tracker app?
Once you know the IMEI number of your stolen phone, it is easy to track it for free with an IMEI phone tracker app which you can find online.
Step 1: Go to your play store app and search for “IMEI phone tracker”. Download “IMEI tracker-Find my device” on any smartphones.
5. why we can't track by imei easly ?
you need a third party app installed on the victime phone or you need a access to sim company, or may a phone vulnerable with sim hijacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Imei & tracking :
What is the IMEI Number?
IMEI (International Mobile Equipment Identity) is a 15 unique number found in every mobile phone and serves as an identity certificate for your phone which can never be changed.
Whenever you buy a new phone, check behind the battery and you will find its IMEI number. It is very important to do this and keep the number safe as it could come in handy if your phone ever gets lost.
If your phone gets stolen, make sure you contact your service provider as quickly as possible and ask them to block your IMEI number.
1. Type *#06#
This is the easiest method. All you have to do is dial *#06# and the IMEI information on the phone will pop up.
2. Check Your Device Settings
Image for post
Go to settings>General> About. Scroll down to find the IMEI number.
3. On the Device
Image for post
The 14 digit IMEI number can also be located at the back of the device and on the SIM tray.
4. Apple ID account
Log in to the Apple ID account of the phone whose IMEI you need. Scroll to the section “Devices” and select that device. You will see the IMEI number pop up on your screen.
Also Read: How Spymaster pro track your kids’ activities?
How to track a lost phone with the IMEI tracker app?
Once you know the IMEI number of your stolen phone, it is easy to track it for free with an IMEI phone tracker app which you can find online.
Step 1: Go to your play store app and search for “IMEI phone tracker”. Download “IMEI tracker-Find my device” on any smartphones.
5. why we can't track by imei easly ?
you need a third party app installed on the victime phone or you need a access to sim company, or may a phone vulnerable with sim hijacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from UNDERCODE NEWS
Bobruisk’s hacker stole half a million dollars, but was left with nothing. The money had been taken over by the security forces.
#CyberAttacks
#CyberAttacks
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
🔵Red Hat Undertow input validation error vulnerability
(DC:257-2021)
https://dailycve.com/red-hat-undertow-input-validation-error-vulnerability
(DC:257-2021)
https://dailycve.com/red-hat-undertow-input-validation-error-vulnerability
Dailycve
Red Hat Undertow input validation error vulnerability | CVE
Details:
The Java-based Red Hat Undertow is a Red Hat (Red Hat) web server, the default Wildfly web server (Java application server). The security weakness of Red Hat Undertow. This vulnerability can be used by attackers to cause a fatal error by querying…