@incognitjoe

21 Followers
31 Following
35 Posts
https://incognitjoe.github.io/
incognitjoeDec 5, 2017
Wilhelm FitzpatrickDec 4, 2017
If you've ever pulled an old webpage out the Wayback Machine, or made use of their copious collections of old audio, music and film, drop by https://archive.org/ and give them a few $$ during their fundraising drive. Keep the history of the web alive!
Internet Archive: Digital Library of Free & Borrowable Texts, Movies, Music & Wayback Machine

incognitjoeDec 4, 2017
slipstream/RoL‮⚡‭Dec 4, 2017

So, there's a Chinese botnet package known as "Destroyer" (破坏者).

It, ironically, can itself be destroyed, thanks to a stack buffer overflow.

I wasn't able to get full RCE, but a jump to "call ExitProcess" should be enough, no? It can be triggered directly after "start DDoS", for even more lulz.

Here's the exploit: https://gist.github.com/Wack0/d0aa7f56d5d044fb918056207d2149b1

And here's a bot sample hash: b17535de8061dce3d6630e92d601ebe1ebac44ed52b3a04a8bb72f6661f23d44

Let's #destroythedestroyer :)

#infosec #botnet #exploit

Kill a "破坏者Lv5.0" / "Destroyer Lv5.0" C2 server

Kill a "破坏者Lv5.0" / "Destroyer Lv5.0" C2 server

incognitjoeApr 13, 2017
spent my day testing for RCEs in my work stuff, and had a couple of colleagues get completely confused over how i was using reverse shells to figure out when a command actually fired, so i wrote an introductory guide https://incognitjoe.github.io/reverse-shells-for-dummies.html
incognitjoeApr 11, 2017
Colin MitchellApr 6, 2017
It is a truth universally acknowledged, that a newly booted web server must be in want of a bot constantly attacking /wp-login.php
incognitjoeApr 10, 2017
da_667✅Apr 10, 2017
Man am I glad that Snowden isn't here, shitting this place up too.
incognitjoeApr 9, 2017
Show threadRPW 🥑Apr 9, 2017
@HalvarFlake @charlyblack There's WikiDevi, that I heavily perused for Broadcom stuff: https://wikidevi.com/wiki/Broadcom. Not complete, but a good start.
incognitjoeApr 8, 2017
drekApr 8, 2017
Ah, the lovely part where I finish (part of) a thing and get to close 20 tabs.
incognitjoeApr 8, 2017
cynicalsecurity ->@bsd.networkApr 7, 2017

Brilliant <thing on other network we don't talk about> by @Mudge:

https://twitter.com/dotmudge/status/850385568148140033

"This is a brilliant tactic. There are so many others like this because the AV community keeps thinking this is a one-move game... Kudos!"

That definition of the strategy of the AV community is absolutely perfect. Depth: zero.

incognitjoeApr 8, 2017
da_667✅Apr 7, 2017
frog tips needs to come to mastodon.
incognitjoeApr 8, 2017
sarah jeongApr 7, 2017

Twitter sued Customs and Border Protection for trying to unmask one of their pseudonymous alt agency accounts. Within 24 hours of Twitter filing the lawsuit, the government withdrew its subpoena. What happened here?

I explain it all: https://motherboard.vice.com/en_us/article/alt-twitter-account-trump-customs-lawsuit