| Welcome, Guest |
You have to register before you can post on our site.
|
| Forum Statistics |
» Members: 155
» Latest member: milicke
» Forum threads: 1,948
» Forum posts: 5,007
Full Statistics
|
| Latest Threads |
Kompromitovan zarkons.edu...
Forum: Kompromitovani resursi
Last Post: VincaSec
06-24-2025, 02:53 PM
» Replies: 0
» Views: 118
|
Pošta i kurirske službe -...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
06-23-2025, 02:16 PM
» Replies: 134
» Views: 99,157
|
WhatsApp Scam - ponuda za...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
06-23-2025, 02:07 PM
» Replies: 27
» Views: 18,535
|
Otvorena javna rasprava o...
Forum: Vesti, zanimljivosti i razno
Last Post: milos_rs
06-23-2025, 11:36 AM
» Replies: 9
» Views: 8,073
|
gsp.rs - JKP GSP Beograd ...
Forum: Neadekvatno zaštićeni resursi
Last Post: milos_rs
06-23-2025, 11:10 AM
» Replies: 1
» Views: 191
|
OKE Green piramidalna šem...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
06-23-2025, 11:02 AM
» Replies: 4
» Views: 1,005
|
CVE‑2024‑24919: Ranjivost...
Forum: Neadekvatno zaštićeni resursi
Last Post: VincaSec
06-20-2025, 08:57 PM
» Replies: 0
» Views: 160
|
Potencijalno ranjivi Roun...
Forum: Neadekvatno zaštićeni resursi
Last Post: VincaSec
06-20-2025, 08:51 PM
» Replies: 0
» Views: 173
|
Mnogi "mediji" kao "vest"...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
06-19-2025, 10:22 PM
» Replies: 0
» Views: 146
|
Sveopšte phishing/SPAM ka...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
06-19-2025, 11:09 AM
» Replies: 15
» Views: 4,062
|
|
|
| tirsova.rs spread malware |
|
Posted by: maxxa - 09-19-2022, 09:55 AM - Forum: Kompromitovani resursi
- Replies (8)
|
 |
Detektovan Malware.JS/Malscript.G13
Inficirani fajlovi:
Quote:hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/LayerSlider/js/jquery-easing-1[.]3[.]js?ver=1[.]3[.]0
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/LayerSlider/js/jquerytransit[.]js?ver=0[.]9[.]9
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/LayerSlider/js/layerslider[.]kreaturamedia[.]jquery[.]js?ver=4[.]6[.]3
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/LayerSlider/js/layerslider[.]transitions[.]js?ver=4[.]6[.]3
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/contact-form-7/includes/js/jquery[.]form[.]min[.]js?ver=3[.]51[.]0-2014[.]06[.]20
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/contact-form-7/includes/js/scripts[.]js?ver=4[.]4[.]1
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/custom-facebook-feed/js/cff-scripts[.]js?ver=2[.]4[.]6
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts[.]js?ver=1[.]2[.]7
hxxp[:]//tirsova[.]rs/lat/wp-content/plugins/instagram-feed/js/sb-instagram[.]min[.]js?ver=1[.]5
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/bootstrap[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/custom[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/fancy/jquery[.]fancybox-buttons[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/fancy/jquery[.]fancybox-media[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/fancy/jquery[.]fancybox-thumbs[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/fancy/jquery[.]fancybox[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/html5shiv[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]mixitup[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]mousewheel[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]prettyLoader[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]prettyPhoto[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]roundabout[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/jquery[.]touchSwipe[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/modernizr[.]custom[.]46884[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/owl[.]carousel[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/script[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-content/themes/tirsova-lat/js/wishlist-functions[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/comment-reply[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/jquery/jquery-migrate[.]min[.]js?ver=1[.]2[.]1
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/jquery/jquery[.]js?ver=1[.]11[.]3
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/jquery/ui/effect-blind[.]min[.]js?ver=1[.]11[.]4
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/jquery/ui/effect[.]min[.]js?ver=1[.]11[.]4
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/wp-embed[.]min[.]js?ver=4[.]4[.]27
hxxp[:]//tirsova[.]rs/lat/wp-includes/js/wp-emoji-release[.]min[.]js?ver=4[.]4[.]27
Report sa urlquery
Nikada updateovani WordPress 4.4.28
Obaveštena klinika na zvanični email sa sajta, kao i nacionalni CERT.
|
|
|
| Shodan results from IP list |
|
Posted by: y0d4 - 09-19-2022, 07:57 AM - Forum: Alati, servisi i tutorijali
- No Replies
|
 |
Ovo je "dirty" bash script koji mi sluzi za quick lookup shodan baze.
Preko ovog url-a nema limita i ne treba nalog, tako da je samo potrebno napraviti file sa nazivom list.txt i natrpati ga sa IP adresama i okinuti skriptu.
1. nano/vi script.sh
2. c/p code-a
3. create list.txt (fill up with IP address, per line)
4. chmod +x script.sh
5. ./script.sh
kada zavrsi:
6. cat vuln_list
Code: #!/bin/bash
FILENAME="list.txt"
LINES=$(cat $FILENAME)
for LINE in $LINES; do curl "https://internetdb.shodan.io/"$LINE >> vuln_list && echo >> vuln_list ; done
|
|
|
|
| Honeypot za balkanske IP adrese |
|
Posted by: y0d4 - 09-19-2022, 07:50 AM - Forum: Honeypots
- Replies (29)
|
|
Zdravo svima, pala mi ideja da pocnemo da pratimo nase IP adrese koje su maliciozne?
Konkretno, podigao bih honeypot na kom bi namesito da samo IP adrese sa balkana mogu da mu pristupe i time bi dobijali info na kojim IP adresama su zarazeni servisi i napadaci...
Sto posle mozemo i da automatizujemo da se salje email na abuse@ od IP adrese koja je ukljucena u malicioznu aktivnost...
|
|
|
|
|
![[Image: image.png]](https://i.postimg.cc/MTCnF6n6/image.png)
