Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ (๐๐ง๐ค๐ฉ๐ค๐๐ค๐ก ๐๐๐๐ )
What Happens When You Enter a URL in a Browser...
#Pentesting #CyberSecurityAwareness #infosec #ethicalhacking #web #bugbounty #bugbountytip
#Pentesting #CyberSecurityAwareness #infosec #ethicalhacking #web #bugbounty #bugbountytip
Forwarded from ๐๐ง๐ค๐ฉ๐ค๐๐ค๐ก ๐๐๐๐
#USEFUL SITES TO USE ON (Some Links Not Up To Date)
BROWSER FINGERPRINT TEST
https://panopticick.eff.org
https://whatleaks.com/
DRIVER LICENSE GENERATOR
https://www.elfqrin.com
http://www.highprogrammer.com/cgi-bin/uniqueid/dl
DROP/RESHIP
http://reship.com
https://www.myus.com
https://www.shipito.com
https://www.usunlocked.com/
https://virtualpostmail.com
DNS LEAK TEST
dnsleaktest.com
https://www.simplednscrypt.org/
VIRTUAL OFFICE
https://www.opusvirtualoffices.com/
https://www.regus.com/
https:cloudvo.com/
https://www.davincivirtual.com/fit-small-business
http://www.alliedoffices.com/
AREA PHONE CODES
https://www.allareacodes.com
SMS VERIFICATION
Smspool.net
https://app.truverifi.com/login
http://www.receive-sms-now.com
https://azersms.com/
http://www.textnow.com
https://www.blacktel.io/
SPOOF PHONE
https://www.spooftel.com
https://tracebust.com/
https://www.spoofcard.com
https:/ /securecall.club/login
USER AGENT CHECKER
http://whatsmyuseragent.com
FAX SENDER
https://portalpamfax.biz/PortalLogin/lnit/
FREE UDEMY COURSES
https://www.zapcourses.com
https://www.freshersgold.com
CUSTOM/FAKE RECEIPT MAKER
http://www.fakereceipt.us/sales_receipt.php
http://www.customreceipt.com/
SSN VALIDATOR
http://www.ssnvalidator.com
SSN DECODER
http://www.stevemorse.org/ssn/ssn.html
SOCKS CHECKER
https://fraud.cat/
https://xdedicvhnguh5s6k.onion/
https://www.ipqualityscore.com/
https://getipintel.net/index.php#web
EIN SEARCH
http://www.feinsearch.com
https://www.einfinder.com
htp://freerisa.benefitspro.com/
http://dor.wa.gov/content/doingbusiness/registermybusiness/BR
D/default.aspx
http://search.sunbiz.org/Inquiry/CorporationSearch/ByFeiNumber
RESIDENTIAL RDP ACCEPTING BITCOIN
https://www.resnetworking.com/
https://exavpn.com/
https:/ฤฑxdedicvhnguh5s6k.onion/
SSN/DOB SEARCH
https://ssndob.cc
https://robocheck.cm
MMN AUTOSEARCH
archives.com
ancestry.com
BACKGROUND CHECK
http://www.intelius.com
http://checkmate.com
http://equifax.com
http://thatsthem.com
https://www.mylife.com
https://t.me/tutorials_zone
https://www.peoplesmart.com
http://familytreenow.com
https://ogin.dicore.com/
https://www.tlo.com/
https://batchskiptracing.com/pricing/
CREDIT REPORT
https://www.quizzle.com
https://my.bankrate.com
freecreditreport.com
creditkarma.com/free-credit-report
โโโโโโโโโโ
BROWSER FINGERPRINT TEST
https://panopticick.eff.org
https://whatleaks.com/
DRIVER LICENSE GENERATOR
https://www.elfqrin.com
http://www.highprogrammer.com/cgi-bin/uniqueid/dl
DROP/RESHIP
http://reship.com
https://www.myus.com
https://www.shipito.com
https://www.usunlocked.com/
https://virtualpostmail.com
DNS LEAK TEST
dnsleaktest.com
https://www.simplednscrypt.org/
VIRTUAL OFFICE
https://www.opusvirtualoffices.com/
https://www.regus.com/
https:cloudvo.com/
https://www.davincivirtual.com/fit-small-business
http://www.alliedoffices.com/
AREA PHONE CODES
https://www.allareacodes.com
SMS VERIFICATION
Smspool.net
https://app.truverifi.com/login
http://www.receive-sms-now.com
https://azersms.com/
http://www.textnow.com
https://www.blacktel.io/
SPOOF PHONE
https://www.spooftel.com
https://tracebust.com/
https://www.spoofcard.com
https:/ /securecall.club/login
USER AGENT CHECKER
http://whatsmyuseragent.com
FAX SENDER
https://portalpamfax.biz/PortalLogin/lnit/
FREE UDEMY COURSES
https://www.zapcourses.com
https://www.freshersgold.com
CUSTOM/FAKE RECEIPT MAKER
http://www.fakereceipt.us/sales_receipt.php
http://www.customreceipt.com/
SSN VALIDATOR
http://www.ssnvalidator.com
SSN DECODER
http://www.stevemorse.org/ssn/ssn.html
SOCKS CHECKER
https://fraud.cat/
https://xdedicvhnguh5s6k.onion/
https://www.ipqualityscore.com/
https://getipintel.net/index.php#web
EIN SEARCH
http://www.feinsearch.com
https://www.einfinder.com
htp://freerisa.benefitspro.com/
http://dor.wa.gov/content/doingbusiness/registermybusiness/BR
D/default.aspx
http://search.sunbiz.org/Inquiry/CorporationSearch/ByFeiNumber
RESIDENTIAL RDP ACCEPTING BITCOIN
https://www.resnetworking.com/
https://exavpn.com/
https:/ฤฑxdedicvhnguh5s6k.onion/
SSN/DOB SEARCH
https://ssndob.cc
https://robocheck.cm
MMN AUTOSEARCH
archives.com
ancestry.com
BACKGROUND CHECK
http://www.intelius.com
http://checkmate.com
http://equifax.com
http://thatsthem.com
https://www.mylife.com
https://t.me/tutorials_zone
https://www.peoplesmart.com
http://familytreenow.com
https://ogin.dicore.com/
https://www.tlo.com/
https://batchskiptracing.com/pricing/
CREDIT REPORT
https://www.quizzle.com
https://my.bankrate.com
freecreditreport.com
creditkarma.com/free-credit-report
โโโโโโโโโโ
๐ฅNETGEAR Routers: A Playground for Hackers?
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
Content:
๐พ Summary
๐พ Advisories
๐พ Vulnerabilities
๐ฝ Telnet
๐ PSV-2023-0008 โ Telnet Default Account Privilege Escalation Breakout
๐ฝ Web Application
๐ PSV-2022-???? โ JSON Response Stack Data Leak
๐ฝ SOAP Service
๐ PSV-2023-0009 โ Write HTTP Response Stack Pointer Leak
๐ PSV-2022-???? โ SOAPAction Stack Buffer Overflow
๐ PSV-2023-0010 โ HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
๐ PSV-2023-0011 โ HTTP Protocol Stack Buffer Overflow
๐ PSV-2023-0012 โ SOAP Parameters Stack Buffer Overflow
๐พ Conclusion
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
strcpy
, strcat
, sprintf
, or from off-by-one errors. However, the majority of the binaries on the NETGEAR router were compiled with many protections in place, including stack canaries, non-executable stack (NX), position-independent code (PIE) and address layout randomization (ASLR) enabled. These protections made many of the vulnerabilities identified difficult to exploit on their own.Content:
๐พ Summary
๐พ Advisories
๐พ Vulnerabilities
๐ฝ Telnet
๐ PSV-2023-0008 โ Telnet Default Account Privilege Escalation Breakout
๐ฝ Web Application
๐ PSV-2022-???? โ JSON Response Stack Data Leak
๐ฝ SOAP Service
๐ PSV-2023-0009 โ Write HTTP Response Stack Pointer Leak
๐ PSV-2022-???? โ SOAPAction Stack Buffer Overflow
๐ PSV-2023-0010 โ HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
๐ PSV-2023-0011 โ HTTP Protocol Stack Buffer Overflow
๐ PSV-2023-0012 โ SOAP Parameters Stack Buffer Overflow
๐พ Conclusion
NCC Group Research Blog
NETGEAR Routers: A Playground for Hackers
A detailed analysis on multiple vulnerabilities which were identified on the NETGEAR Nighthawk WiFi 6 Router (RAX AX2400) and may exist on other NETGEAR router models.