mirror of
https://github.com/jakejarvis/jarv.is.git
synced 2025-07-03 16:46:39 -04:00
upgrade Hugo to v0.60.1 (new markdown parser)
This commit is contained in:
@ -33,7 +33,7 @@ But how do I know who I know, you might ask? BERN's [FAQ page](https://app.berni
|
||||
>
|
||||
> - Go through your phone book or, if you use Facebook, your Facebook friend list.
|
||||
> - Who would you invite to your birthday party or wedding? Where have you lived throughout your life? Who did you know in each of the places you have lived?
|
||||
|
||||
>
|
||||
> **Which people can I add to my contact list the BERN app?** *[sic]*
|
||||
> We use the word “friend” very broadly: You can add anyone you have met and known in your life to the app.
|
||||
|
||||
|
||||
@ -77,23 +77,23 @@ Since you have this luxury of time, it becomes ***extremely important*** that yo
|
||||
|
||||
|
||||
> I have found three subdomains of ********.com vulnerable to takeovers via unclaimed endpoints at [Azure's Traffic Manager](https://azure.microsoft.com/en-us/services/traffic-manager/). I have claimed these endpoints and redirected them to a blank page to prevent a bad actor from doing so in the meantime, and hosted a POC file at obscure URLs. These are the following domains I discovered and the outdated endpoints on Azure to which they point:
|
||||
|
||||
>
|
||||
> xxxx.********.com --> aaa.trafficmanager.net
|
||||
|
||||
>
|
||||
> yyyy.********.com --> bbb.trafficmanager.net
|
||||
|
||||
>
|
||||
> zzzz.********.com --> ccc.trafficmanager.net
|
||||
|
||||
>
|
||||
> ...and the proof-of-concept files are at the following locations:
|
||||
|
||||
>
|
||||
> [http://xxxx.********.com/poc-d4ca9e8ceb.html](#)
|
||||
|
||||
>
|
||||
> [http://yyyy.********.com/poc-d4ca9e8ceb.html](#)
|
||||
|
||||
>
|
||||
> [http://zzzz.********.com/poc-d4ca9e8ceb.html](#)
|
||||
|
||||
>
|
||||
> I have not hosted any other file nor attempted any other vector of attack. You're probably familiar with takeovers like this by now, but through this vulnerability, it would be possible for an attacker to obtain cookies and other sensitive information from your users via phishing, cookie hijacking, or XSS. It is also possible to obtain SSL certificates for ********.com subdomains from CAs that only require domain validation such as [Let's Encrypt](https://letsencrypt.org/how-it-works/), but I have not attempted to do so. More info on possible attack vectors [can be found here](https://0xpatrik.com/subdomain-takeover/).
|
||||
|
||||
>
|
||||
> Please let me know when you've received this report and I'll delete the endpoints from my personal Azure account, so you can either reclaim them or remove the subdomains entirely from your DNS records. Thanks!
|
||||
|
||||
|
||||
|
||||
@ -47,7 +47,7 @@ The world and its devices are quickly becoming more connected through the shiny
|
||||
|
||||
|
||||
|
||||
# Industrial Control Systems:
|
||||
# Industrial Control Systems: {#industrial-control-systems}
|
||||
|
||||
|
||||
### Samsung Electronic Billboards [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Prismview+Player%22)
|
||||
@ -219,7 +219,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
||||
|
||||
|
||||
|
||||
# Remote Desktop:
|
||||
# Remote Desktop: {#remote-desktop}
|
||||
|
||||
|
||||
### Unprotected VNC [🔎 →](https://www.shodan.io/search?query=%22authentication+disabled%22+%22RFB+003.008%22)
|
||||
@ -247,7 +247,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
||||
|
||||
|
||||
|
||||
# Network Infrastructure:
|
||||
# Network Infrastructure: {#network-infrastructure}
|
||||
|
||||
|
||||
### MongoDB [🔎 →](https://www.shodan.io/search?query=product%3AMongoDB+-authentication)
|
||||
@ -419,7 +419,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
||||
|
||||
|
||||
|
||||
# Network Attached Storage (NAS):
|
||||
# Network Attached Storage (NAS): {#network-attached-storage-nas}
|
||||
|
||||
|
||||
### SMB (Samba) File Shares [🔎 →](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+port%3A445)
|
||||
@ -492,7 +492,7 @@ Redirecting sencha port:9000
|
||||
|
||||
|
||||
|
||||
# Webcams:
|
||||
# Webcams: {#webcams}
|
||||
|
||||
Example images not necessary. 🤦
|
||||
|
||||
@ -529,7 +529,7 @@ html:"DVR_H264 ActiveX"
|
||||
|
||||
|
||||
|
||||
# Printers & Copiers:
|
||||
# Printers & Copiers: {#printers-copiers}
|
||||
|
||||
|
||||
### HP Printers [🔎 →](https://www.shodan.io/search?query=%22Serial+Number%3A%22+%22Built%3A%22+%22Server%3A+HP+HTTP%22)
|
||||
@ -581,7 +581,7 @@ ssl:"Xerox Generic Root"
|
||||
|
||||
|
||||
|
||||
# Home Devices:
|
||||
# Home Devices: {#home-devices}
|
||||
|
||||
|
||||
### Yamaha Stereos [🔎 →](https://www.shodan.io/search?query=%22Server%3A+AV_Receiver%22+%22HTTP%2F1.1+406%22)
|
||||
@ -620,7 +620,7 @@ Apple TVs, HomePods, etc.
|
||||
|
||||
|
||||
|
||||
# Random Stuff:
|
||||
# Random Stuff: {#random-stuff}
|
||||
|
||||
|
||||
### OctoPrint 3D Printer Controllers [🔎 →](https://www.shodan.io/search?query=title%3A%22OctoPrint%22+-title%3A%22Login%22+http.favicon.hash%3A1307375944)
|
||||
|
||||
Reference in New Issue
Block a user