Found requests in my web logs for "/Deadcode1975xxxxxxxxxxxxxxxxxxxxxxxxxxxx.php%20=%20%3e%3e%20shell%20no%20work" and… is that some #ScriptKiddy dumping their status output back into their web requests? 😆

(The end is "= >> shell no work")

#SysAdmin

When have a f•cking freaking cool image of an #hacker (actually supposed-to-be hacker) and when you zoom in, you find out, that the hacker is #lua #scriptkiddy. 😂

http://lua-users.org/wiki/ClassesAndMethodsExample

Image from Photo by Nahel Abdul Hadi https://unsplash.com/photos/flha0KwRrRc

It's the festive season alright. The scriptkiddies are busy again. Please don't interact with nonsense like these kind of messages. #smishing #infosec #scriptkiddy ecruiting  Assistant - Can be done without affecting your current job - Flexible time , only 2~3 hours per day - Daily payroll  (Earn up to £300-£500 per day) - No experience required to start, one-on-one guidance If you are interested, please contact Via Whatsapp WhatsApp: wa.me/447721537891 WhatsApp: +447721537891

A few weeks, I noticed a bug in AREDN mesh V3.22.6.0 when I wanted to change some settings from the "Port Forwarding, DHCP, and Services" section. Reverting to V3.22.1.0 made everything functional again.

It took sometimes to figure out was exactly was the bug. When I narrowed it to the port ranges inside the port forwarding section, it has been indicated inside the original ticket.

Time past and it was causing more and more troubles to our setup. So this morning I took an hour to look at the code. Not being a LUA dev, I wanted this bug fixed and if I may be of any help, better help out!

Starting at V3.22.1.0 to understand the logic behind the scene, I found out how it works. I took time to concentrate on the validate_port_range function.

Between V3.22.1.0 and V3.22.6.0, the code has been rewritten in LUA, so I got the intuition that this rewrite might a brought in some problems.

Moving to main branch (V3.22.12.0 (Latest)) , to ensure not working on obsolete code, I found out the validate_port_range function and read the code. So I found out a first mistake while evaluation if the range is properly indicated (ex: 1000-2000 = Valid / 2000-1000 = Invalid). Simple and easy to fix.

Made the changes on my lab device and still no joy! So what is the worst thing (IMHO) to convert from one language to another... ? REGEX! So I made a quick search to 'learn' how REGEX are working in LUA to get some answer. Opened up a JDoodle tab and started to play with the REGEX line until the various tests with valid and invalid ranges returns proper results.

Pushed the new REGEX in the lab device and Bingo! It is now working properly.

Arranged a PR (First PR on the project), submitted it and now waiting for it to be reviewed and merged. In the hope I didn't break something else!

Once included into nightly, our 2 gateways requiring port ranges will be back to normal operations and so will be our VoIP servers behind them!

#AmateurRadio #AREDN #AREDNMesh #LUA #Bugs #VoIP #Scriptkiddy #OpenSource #FirstPullRequest

#trojaner #spyhunk #gehackt #scriptkiddy #bullshit
Hab mal wieder so eine nette E-Mail bekommen von Spy Hunk:
Betreff: Ihr System wurde mit einem Trojaner gehackt, Ihre Daten kopiert.
---------------
Hallo,
Ihr System wurde mit einem Trojaner-Virus gehackt. Es ist über
von Ihnen besuchte Portale für Erwachsene in Ihr Gerät
eingedrungen.
Einige scharfe Videos enthalten den sofort nach dem Einschalten
aktivierten Schadcode. Alle Daten wurden bereits auf meinen
Server kopiert.
...

Somebody on #infosec Twitter, I think it was @H3KTLC , said that the imposter syndrome kicks in pretty hard when we use #redteam tools created by other specialists and I am pondering this.

Am I not a real #hacker if I use a premade tool vs making my own? Or can we apply the philosophy that one need not understand an internal combustion engine in order to operate a vehicle? Am I just a #scriptkiddy ?