Script KiddieHiding your callback through HTTPS
https://anonsys.net/display/bf69967c-1868-fce9-5e30-613967945901
maschmiUsed #girsh today for the first time with a #HTB box. It is a listener for a reverse shell spawning a fully interactive shell automatically. Worked quite well. I must say, I do miss autocomplete if it is not available.
I did not do a code review of this tool as I was only using it on an isolated VM. Run at your own risk ;)
GripNews🌘 如何使用 netcat 與 GitHub Actions 進行互動式除錯
➤ 讓 GitHub Actions 在失敗時,也能任你 SSH 探索!
✤ https://jacobtomlinson.dev/posts/2021/how-to-interactively-debug-github-actions-with-netcat/
本文介紹一種實驗性的除錯方法,教你如何透過建立一個反向 Shell (reverse shell),使 GitHub Actions 工作流程在執行失敗時,能讓你從本地端連線至 CI 執行器,進行即時互動式除錯。作者詳細說明瞭如何利用 `netcat` 接收連線、`ngrok` 進行 port forwarding,以及如何在 GitHub Actions 工作流程中設定指令來建立此反向 Shell。文末也補充了作者後續發現更簡便的 `tmate` Action 作為替代方案。
+ 這個方法很有趣,雖然有安全疑慮,但對於需要快速診斷 CI 失敗原因的場景,絕對是一
##GitHubActions #除錯 #netcat #ReverseShell
➤ 讓 GitHub Actions 在失敗時,也能任你 SSH 探索!
✤ https://jacobtomlinson.dev/posts/2021/how-to-interactively-debug-github-actions-with-netcat/
本文介紹一種實驗性的除錯方法,教你如何透過建立一個反向 Shell (reverse shell),使 GitHub Actions 工作流程在執行失敗時,能讓你從本地端連線至 CI 執行器,進行即時互動式除錯。作者詳細說明瞭如何利用 `netcat` 接收連線、`ngrok` 進行 port forwarding,以及如何在 GitHub Actions 工作流程中設定指令來建立此反向 Shell。文末也補充了作者後續發現更簡便的 `tmate` Action 作為替代方案。
+ 這個方法很有趣,雖然有安全疑慮,但對於需要快速診斷 CI 失敗原因的場景,絕對是一
##GitHubActions #除錯 #netcat #ReverseShell
Rene RobichaudBPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
https://gbhackers.com/bpfdoor-malware/
#Infosec #Security #Cybersecurity #CeptBiro #BPFDoor #Malware #ReverseShell #CompromisedNetworks
Hacker NewsMalware found on NPM infecting local package with reverse shell
https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell
#HackerNews #Malware #NPM #ReverseShell #CyberSecurity #SoftwareDevelopment
ITSEC NewsHacker in Snowflake Extortions May Be a U.S. Soldier - Two men have been arrested for allegedly stealing data from and extorting dozens o... https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/ #connorrileymoucka #neer-do-wellnews #telekomterrorist #alittlesunshine #thecomingstorm #ddos-for-hire #johnerinbinns #cyb3rph4nt0m #kiberphant0m #reverseshell #ransomware #southkorea #buttholio #proman557 #snowflake #vars_secc #judische #shi-bot #verizon #boxfan
KrebsOnSecurity RSSHacker in Snowflake Extortions May Be a U.S. Soldier
https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/
#Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT
corbeaucryptoMon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. https://github.com/brightio/penelope
Highly recommend!
Teri RadichelChinese APT Abuses VSCode to Target Government in Asia
[TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2
https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/
Chinese APT Abuses VSCode to Target Government in Asia
A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage. A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage.
GilgwathWhy ara #poc for #vulnerability always #reverseshell ? I get that a reverse shell via RCE is a scary magic trick. But in practical #pentesting more often than not I'd rather have a single fire DNS lookup or HTTP request. It's much saver than dropping a shell into a customers environment and it does the job.