spamversand

Recently on a firewall log: 1 million deny entries PER DAY from china ..

Every day .. ~ 1 million deny entries with source in China.

Can’t we just ban them from the internet?

Via twitter i was directed to

https://www.linkedin.com/pulse/rsa-beginning-end-william-buchanan

(Thanks @Andrea for retweeting)

and saw a really fascinating approach to break RSA by pre-calculated prime factors.

Here is an online RSA-cracker:

http://asecuritysite.com/encryption/crackrsa?n=89%2C070%2C570%2C720%2C149%2C060%2C561%2C995%2C361%2C437%2C269%2C869%2C694%2C609%2C685%2C454%2C824%2C674%2C559

(cracking N=8907057072014906056199536143726986969460968545482 )

Wondering what will come next..

Recently I wanted to check, if and what kind of webpages are available in a specific ip-address range. So I decided to scan the ips and make screenshots of the found services. Not as professional as archive.org or similar .. just a short look to get an idea. Problem was, that there was no tool which I just could fire up. So I started frickling some scripts ..

Step 1: scan the ip-range. I used nmap (what else) and logged the results in a file.

 nmap --open -p80,443 --host-timeout 3 --max-retries 2 172.16.0.0/16 > ll

That went quite fast.. Took only a few minutes. After that I started a small script for cleaning the result:

#!/bin/bash

grep -i "skipping" *ll > sl
awk '{ print $4}' < sl | sed s/\(// | sed s/\)// > sl2

grep "report for" *ll > l
awk '{ print $NF}' < l | sed s/\(// | sed s/\)// > l2
for i in ` cat sl2`
do
 grep -v $i l2 > xx
 mv xx l2
done
 
./l.sh
./i.sh

Okay .. here is the l.sh and i.sh:
l.sh: (start TOR first .. don’t want to annoy someone..)

for i in `cat l2`
do
torsocks wget –convert-links -B http://$i –no-check-certificate -t 1 -T 2 -O $i.html $i ; xvfb-run — wkhtmltopdf $i.html $i.pdf
torsocks wget –convert-links -B https://$i –no-check-certificate -t 1 -T 2 -O $i-443.html https://$i ; xvfb-run — wkhtmltopdf $i-443.html $i-443.pdf
done

Needed some tries with wget until I had an acceptable result. Played around with “-p” and “-r -l 1” and “-E” and  “-K” .. that one with just the -B worked best for me. So had the html-files.. but I wanted to have a quick look at them and did not want to start browsing local files. Therefore I transformed the html-files to pdf, and then (in the next step) I used convert to get png – files. (Did not find any html-to-png tools)

i.sh :

for i in `ls *pdf`
do
  convert $i `basename -s .pdf $i`.png 
done

(After that: copy the png-files to a place of your choice.., generate thumbnails..scroll around…)

There are some commcial vendors for services like this with much better quality (including zoomable thumbnails, galeries..you name it) but I wanted to have a quick’n dirty solution for free..

Though I am pretty sure that there are much better tools and hundred better solutions this worked for me.

..is the title of an article a user named “th3j35t3r” published on pastebin.

Here is the Link to the interesting article

Now here is a funny movie what happens in an office when nerds get attacked..

https://t.co/JIBMlNs4ei

A posting in german about my experiences with bodyscanners at the cologne airport can be found at

http://verzaell.uss.koeln/?p=67

Merry Christmas everyone!

Did not take too long this time.. Silk Road 3.0 is on its way..

2. — SilkRoad3.0 —
3. http://reloadedudjtjvxr.onion
5. —SilkRoad3.0 Forums —
6. http://b6bubdh43n6l6p72.onion

 http://pastebin.com/rJTmzwvM

A lot of the hidden services I mentioned in previous posts have been closed
by Law Enforcement yesterday and today. The famous “silk road 2.0” just like
other marketplaces:

• Silk Road
• Silk Road Forum
• Cloud9
• BlueSky
• TheHub
• Hydra
• Onionshop
• Alpaca
• Pandora

Under Codename “Onymous” several Law Enforcement Agencies (FBI/Europol) the operator of
Silk Road 2.0 Blake Benthall (Defcon) has been arrested in San Francisco yesterday.

Looks like the FBI had an undercover agent in SR 2.0 right from the start

The complete story:

https://pdf.yt/d/RpyX9_xmapTkhmkb

If you ever wanted to use Facebook via TOR you you are no longer forced to use an exit node from TOR. Facebook is now present as a hidden service in TOR at the

URL: https://facebookcorewwwi.onion (only reachable with a TOR-enabled browser of course)
and http://facebookcorewwwi.onion/

They even use a SSL-Cert for the server..
Here is what Roger Dingledine (from the TOR-project) says about the finding of the new URL:

https://lists.torproject.org/pipermail/tor-talk/2014-October/035412.html

..and while we are at it; A kill from a contract killer can be ordered for 6500$ in US/Canada and

7000$ in Europe.  I wonder if additional costs like travelling is included 🙂 Probably a big fake..