John Doe – Page 6 – WindowsTechs.com

Suspicious Port Scan [on hold]

Posted on May 23, 2019 by John Doe

Yesterday i got a Bitdefender Notification that a Port Scan has been Detected and Blocked from the Private IP-Address “192.168.2.21”. I have never seen that Notification and scanned my Network with nmap to see what device tha… Continue reading Suspicious Port Scan [on hold]→

Server under attack [on hold]

Posted on April 23, 2019 by John Doe

I’m currently being DDOSED. How do I resolve this in a Varnish, Nginx, Apache setup? I tried renaming the downloader folder to _downloader, but no effect….

Ip’s are all random and seem to come from a host in Bangladesh… … Continue reading Server under attack [on hold]→

Subdomain scanner without brute-force attack? [duplicate]

Posted on April 17, 2019 by John Doe

This question already has an answer here:

How can I find subdomains of a site?

8 answers

It is possible to scan subdomain… Continue reading Subdomain scanner without brute-force attack? [duplicate]→

Can I inject a shell command here in PHP?

Posted on February 25, 2019 by John Doe

During source code examination for a client, I found this code. It gets unsanitized parameter from GET, sanitizes it and does shell_exec()

$arg = $_GET[‘arg’];

// sanitization, I suppose…
if(preg_match(“/[#\&\\+\-%@=\… Continue reading Can I inject a shell command here in PHP?→

How shodan takes screenshots?

Posted on February 10, 2019 by John Doe

How Shodan takes screenshots from some webcam even if this webcam (IP adress) requires login?

And how can I protect this? I can’t have some thing on LAN network, because I need to join to it from far away location.

Continue reading How shodan takes screenshots?→

BlackEnergy2 vs. BlackEnergy3: Which one targeted HMIs?

Posted on December 27, 2018 by John Doe

Various reports have been published that analyze BlackEnergy2 and BlackEnergy3 in-depth. However, there seems to be discrepancies regarding the malware delivery phase, i.e., initial exploitation.

The CrashOverride report pub… Continue reading BlackEnergy2 vs. BlackEnergy3: Which one targeted HMIs?→

What does this PHP malware do?

Posted on December 6, 2018 by John Doe

Somebody hacked my site and uploaded this script (rootfunctions.php) to my webroot and its content is:

PHP Code: https://pastebin.com/raw/a889iG0V

Hopefully, I have removed this malware from my compromised website. But I am… Continue reading What does this PHP malware do?→

Hiding the identitiy of an author

Posted on October 27, 2018 by John Doe

I would like to share some sensitive information in a PDF document that I created, but I’m afraid that my identity can be traced back.
I installed a trial Microsoft Word on a Windows 7 (guest OS on VirtualBox, without any per… Continue reading Hiding the identitiy of an author→

Server protection measures from authorities

Posted on September 4, 2018 by John Doe

I am on a project which is illegal in my nation but is not illegal anywhere in the world. In order not to get a 100yr sentence I should be prepared for seizures and forensics.

I am running a server with ESXi 6.7 hypervisor and has three C… Continue reading Server protection measures from authorities→

What makes Random Number Generators so fragile?

Posted on July 29, 2018 by John Doe

It seems to me that a hardware component which generates random numbers is extremely simple – just measure tiny vibrations in the hardware with a sensor, right? Maybe I’m wrong but it seems like if you measured vibrations with very high pr… Continue reading What makes Random Number Generators so fragile?→