MoooonX – WindowsTechs.com

How are IoT botnets even a thing when the only write-able folder is /var or /tmp and both gets reset every restart?

Posted on August 22, 2022 by MoooonX

This "No Persistence" and having to re-infect again after every reboot seems so inefficient for IoT to be such pursued targets.
Also, most of the persistence methods I have seen tend to be model specific & rare.

Continue reading How are IoT botnets even a thing when the only write-able folder is /var or /tmp and both gets reset every restart?→

Why do routers manufacturer tend to encrypt the router config even though it would be helpful if customers could view and modify it on the go? [closed]

Posted on December 18, 2020 by MoooonX

If they are doing that to stop threat actors then they only halted the normal users …. and if they are doing that to hide secrets and hard coded passwords then they are only obstructing the pentesters and security researchers.
I can’t fi… Continue reading Why do routers manufacturer tend to encrypt the router config even though it would be helpful if customers could view and modify it on the go? [closed]→

How does karma attack work on multiple devices in the same time?

Posted on November 10, 2020 by MoooonX

Like when you open the network manager(the wifi list ) in the attacked devices while the attack is on, you see different fake networks on each device which is normal as it responds on the devices saved SSIDs probs…The thing is when you c… Continue reading How does karma attack work on multiple devices in the same time?→

is there a reason for FB messenger to request the captive portal page (evil twin testing)?

Posted on November 8, 2020 by MoooonX

while trying evil twin and monitoring the traffic log on my phone using http canary app … i noticed on the second the phone connects to the evil ap network .. facebook messenger requests the page .. while other apps requests normal pages… Continue reading is there a reason for FB messenger to request the captive portal page (evil twin testing)?→

Is it possible to DDos a http wan filterd router? [on hold]

Posted on August 20, 2019 by MoooonX

Like the service is there but it’s just filterd enabled for lan access only .. what will happen ?

Continue reading Is it possible to DDos a http wan filterd router? [on hold]→

is it possible to bypass cookie protection to perform a CSRF on HUAWEI HG531 v1 router?

Posted on July 29, 2019 by MoooonX

the AJAX login script

var xhr1 = new XMLHttpRequest();
xhr1.open(“post”, ‘https://192.168.1.1/index/login.cgi’, false);
xhr1.send(“Username=admin&Password=6836394be82df057e085fc344c6179d1b50b30224ad0SJ0GQrNWmpsXCSk5s… Continue reading is it possible to bypass cookie protection to perform a CSRF on HUAWEI HG531 v1 router?→

Is it possible to exfiltrate a router config file to server using csrf ajax?

Posted on July 18, 2019 by MoooonX

the curl commend used to download the file

curl “http://192.168.1.1/html/management/downloadconfigfile.conf?RequestFile=/html/management/cfgfile.asp” -H “Cookie: SessionID_R3=dsadwdwqdasdwasdawd” –data “csrf_token=saddasdwa… Continue reading Is it possible to exfiltrate a router config file to server using csrf ajax?→