Author Topic: Tests and other Media topics  (Read 206847 times)

0 Members and 1 Guest are viewing this topic.

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35602
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #631 on: November 03, 2018, 01:28:39 PM »
Whenever javascript error hunting is your thingie, this YouTube video is just for you: https://www.youtube.com/watch?v=0dgmeTy7X3I
Very illustrative and instructing presentation.

It is interesting how security mechanisms within core-packages still can be circumvented by respresenting code in some other form, for instance via type manipulation. Just think about the sheer number of some 375.000 packages for node.js alone, where such insecurities may lure around the corner!

Also consider how these packages could impact each other. How they could kick up insecurity through the  eco-system. Think of angular.js via %2e/%2e/etc. & alert(1) to circumvent inbuilt safety code.

Is code being skimmed and screened for such errors and insecurity, because we cannot do this automatically? Always a pair of eyes are needed to do this properly.

Fine presentation via the Snyk platform and various vulnerabilities presented for json javascript libraries and ways to compromise ready-made. Read: https://snyk.io/ One could also test code there online.

Example in apis.google.com/js/plusone.js with errors detected in undefined function $ and a Syntax error, see: https://gist.github.com/ashumeow/34c11dcff0f7b2920364 -> Try to open this inside codepad, Undeminished plusone.js has 377 lines of code,  (info source credits go to luntrus).

enjoy, my friends, enjoy,

polonus
« Last Edit: November 03, 2018, 01:32:16 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #632 on: November 04, 2018, 12:31:13 AM »
As I found the dom-xss online scanner now almost constantly producing a "503 Over Quota",
Hey, Google, give that site another swing?!?

So I looked for an alternative.

Another test site full of tests here: https://find-xss.net/tests/?test_id=1&l=en
Also to test your score of xss vulnerability patterns.
Just for training and protection purposes.

(Do not use these info for evil purposes, as that will put you in trouble with authorities)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!


Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #634 on: November 09, 2018, 11:21:26 PM »
Scanner has come to end of lifetime: (was started in 2011)
https://www.troyhunt.com/its-end-of-life-for-asafaweb/

Still there are other valuable scanners online, for instance:
https://codebeautify.org/jsvalidate

polonus
« Last Edit: November 09, 2018, 11:28:19 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #635 on: November 11, 2018, 11:05:47 PM »
You own a website that runs Word Press CMS Content Management Software),
Just check it from time to time,
using the following online scan engines:

https://urlquery.net/
https://sitecheck.sucuri.net
https://hackertarget.com/wordpress-security-scan/
https://retire.insecurity.today/#
https://webhint.io/scanner/
https://aw-snap.info/file-viewer/
https://observatory.mozilla.org/?

Follow up the recommendations found there or inform your web-admin/hoster of security issues detected.

Always use last versions of core-software, theme-software and plug-in software.
Update en Patch continuously , also mind to update PHP.
Retire vulnerable JQuery script(s).

Whenever in doubt post in the "virus and worms" section, and wait for a reaction.

Stay safe and secure,

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #636 on: November 17, 2018, 05:11:25 PM »
Relations from searching for a malicious IP address.
We started out here: https://www.maltiverse.com/dashboards/newioc
and found this malicious Toolbar.Conduit executable: https://www.maltiverse.com/sample/b2c78409224552a0522cd218f08b9aea18b47f2accaff3b6068c20519c5d63c2
From that hash we stumbled upon: https://www.virustotal.com/pl/file/b2c78409224552a0522cd218f08b9aea18b47f2accaff3b6068c20519c5d63c2/analysis/
and also searched at urlquery dot net: https://urlquery.net/report/a2dbd597-f2a8-4536-bffa-4c69afa4c14e
which delivered a bad request alert for us.
This while we also had these resources: https://www.malwareurl.com/ip_listing.php?ASN=AS22822
and  https://www.threatcrowd.org/domain.php?domain=s.delvenetworks.com
or: https://packettotal.com/app/analysis?id=c1a3a5f6393a42e9015251c23cc58c56&name=http
and https://www.threatminer.org/ssl.php?q=66fbc4c6f3788d27a2218571055d8076ef1297e8

IP and hash searches really make sense to find out what malware or suspicious activity lies behind a certain IP address or a specific hash stands for, like:
Quote
SHA256:   b2c78409224552a0522cd218f08b9aea18b47f2accaff3b6068c20519c5d63c2
Nazwa pliku:   uTorrent.exe
Współczynnik wykrycia:   6 / 67
Data analizy:   2018-10-23 06:59:10 UTC ( 3 tygodnie, 4 dni temu )

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #637 on: November 22, 2018, 11:08:15 PM »
To enable security passed between two parties via JSON Web Tokens.

Editing JSON Web Tokens at jwt.io -Example > eyJhbGciOiJIUzI1NiJ9.e30.FXibJVNHsvJ6Ff-N9XtTTom9cGExRqsldHbrhAOqRUg
HEADER:ALGORITHM & TOKEN TYPE


{
  "alg": "HS256"
}
PAYLOAD:DATA


{}
VERIFY SIGNATURE

HMACSHA256(
  base64UrlEncode(header) + "." +
  base64UrlEncode(payload),
 
your-256-bit-secret

) secret base64 encoded
 Signature Verified
Libraries for Token Signing/VerificationFILTER BY
Warning: Critical vulnerabilities in JSON Web Token libraries with asymmetric keys. Learn more
Then follow the checks..

Securely implement authentication with JWTs using Auth0 on any stack and any device in less than 10 minutes.

TOKENS CREATED
Supported byMissing something?Send a Pull Request-License

Enjoy, my good folks, enjoy,

polonus
« Last Edit: November 22, 2018, 11:10:19 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #638 on: November 24, 2018, 10:32:03 PM »
Website scan sites come and go.

We lost asafaweb scan, which has reached End of Life.
Interesting website scanner is UpGuard Cloud Scanner: https://webscan.upguard.com/#/
Website Health Check: https://webscan.foregenix.com/
WebScan: https://www.htbridge.com/websec/

Some things lost, some things gained,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #639 on: November 24, 2018, 11:35:19 PM »
Just to present you with the results of above mentioned scanners for and on this next website
->  https://urlquery.net/report/ea1db0cd-562a-43f3-811a-15464bac12f9
We will see various issues on security check-ups here: https://webscan.upguard.com/#/http://passmcsa.com
Bad security headers in Word Press detected: https://webscan.foregenix.com/webscan_results.html?scanid=e65cd8d6_06cb_4230_80f0_5d258de9d5ef
F-grade test result: https://www.htbridge.com/websec/?id=DZMx7uMz
Of course we have to add specific Word Press check results": user enumeration not disabled and directory listing not disabled via
https://hackertarget.com/wordpress-security-scan/ 
and 1 vuln. jQuery library to be retired -> https://retire.insecurity.today/#!/scan/7ee81e4693c6039d7b6b0debe1cc68c908ddd9a7c36e7a014a22b3a68a12a52d

Interesting on website is that we found that the bootstrap code was altered (there were recent bug errors),
at a final note this scan qualifying the website as clean: https://quttera.com/detailed_report/passmcsa.com
but what's that verdict worth in the light of all security recommendations web admins had better heed,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #641 on: December 05, 2018, 05:08:31 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #642 on: December 16, 2018, 04:01:35 PM »
Several checks on websites being malicious:
https://keystonesolutions.io/solutions/lookup-potentially-malicious-websites/

Interesting background information: https://www.securityskeptic.com/malware/

Malware prevention: http://malwaredomains.lehigh.edu/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Re: Tests and other Media topics
« Reply #643 on: December 16, 2018, 04:53:43 PM »
Checking on malware information (for security researchers only):

Queried because of : https://urlquery.net/report/7e9093e0-7fae-40c8-9f42-014f156fca2d
report here: https://www.malwareurl.com/listing.php?domain=addictive.de
http://www.urlvir.com/search-host/addictive.de/
Also consider the informative scan results here: https://www.htbridge.com/websec/?id=4yPpdRiU

polonus
« Last Edit: December 16, 2018, 09:20:40 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31304
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!