Have a look at clickclickclick.click to see what can be seen and have some dude narrate your site experience. Quite disconcerting.
Posts by Wayneh_nz
13 publicly visible posts • joined 20 Feb 2017
Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address
Stop us if you've heard this one before: Exchange Server zero-days actively exploited
Saturday 1st October 2022 02:58 GMT
Exploitable?
If you want to test if your exchange server is vulnerable edit this. If you see an auth window you are. If you get denied you are not.
https://owa.contoso.com/Autodiscover/autodiscover.json@PowerShell
To mitigate it you can follow these steps
Import-Module WebAdministration
Invoke-WebRequest -UseBasicParsing -Uri 'https://download.microsoft.com/download/1/2/8/128E2E22-C1B9-44A4-BE2A-5859ED1D4592/rewrite\_amd64\_en-US.msi' -OutFile "$env:windir\temp\rewrite.msi"
Start-Process -FilePath "$env:windir\system32\msiexec.exe" -ArgumentList '/i', "$env:windir\temp\rewrite.msi", '/qn'
Start-Sleep -Seconds 15
$name = 'Block AutoDiscover 0-Day'
$inbound = '.*autodiscover\.json.*\@.*Powershell.*'
$site = 'IIS:\Sites\Default Web Site\Autodiscover'
$root = 'system.webServer/rewrite/rules'
$filter = "{0}/rule[@name='{1}']" -f $root, $name
Add-WebConfigurationProperty -PSPath $site -filter $root -name '.' -value @{name = $name; patternSyntax = 'Regular Expressions'; stopProcessing = 'False' }
Set-WebConfigurationProperty -PSPath $site -filter "$filter/match" -name 'url' -value $inbound
Set-WebConfigurationProperty -PSPath $site -filter "$filter/action" -name 'type' -value 'CustomResponse'
Set-WebConfigurationProperty -PSPath $site -filter "$filter/action" -name 'statusCode' -value 403
Set-WebConfigurationProperty -PSPath $site -filter "$filter/action" -name 'statusReason' -value 'Forbidden'
QR-code based contact-tracing app brings 'defining moment' for UK’s 'world beating' test and trace system
Monday 14th September 2020 04:57 GMT
Here in New Zealand, our QR code contact tracing app, provided by the government does a couple of things differently, the data is stored on your device, the QR Code is registered to the physical location, the app sends the business name and user name to the contact tracing provider, once there has been a notification that the contact tracing needs to contact some one that has been to that location, they then get the app to notify the contact tracing of the day and time that a particular user has been, if it does not correspond with the timeline requested, the data is purged, and the people that match get a phone call, and told to take a test and isolate.
All public transport has a card, (like an oystercard in the UK) and all vehicles have a unique code, so we can trace individual travel,
and like Scott26 above, we have gotten good enough, that I have seen someone scanned someones else's phone, while they were scanning the code at the door.
Support whizz 'fixes' screeching laptop with a single click... by closing 'malware-y' browser tab
DBA drifts into legend after inventive server convo leaves colleagues fearing for their lives
Wednesday 7th November 2018 02:38 GMT
Re: My boss was demonstrating the instrusion sensors on our building
Expanding foam in the sirens dulls the sound a bit. Spraying a little cooking oil into the sirens stops the expanding foam from sticking, as demonstrated by the burglars that broke into my neighbors house and got expanding foam all over themselves, trying to quieten down the siren.
Biting the hand that feeds IT
