There is a program that some law enforcement agencies have given to families across the country It is called ComputerCOP. The EFF (Electronic Frontier Foundation) has reviewed and analyzed the program, and unfortunately it consists of a keylogger and transmits data unencrypted across the Internet. if someone enters a credit card or password username combinations, then … Read more
Use commands to test remote sites: curl -A “() { ignored; }; echo Content-Type: text/plain ; echo ; echo ; /usr/bin/id” $URL I did it to my website (www.fixvirus.com) obviously use the test website instead of $URL. Contact Me as i develop more tests for remote bash exploit tests… With us to get more information that is topical like this.
how to test for vulnerable Bash shell: Execute the following: $ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” on the command line, if it comes back with this is a test then the system is vulnerable If the system returns: bash: warning: x: ignoring function definition attempt bash: error … Read more
Perl discussion at lsexperts.de has a data Dumper vulnerability – review your Perl scripts to : Applications written in Perl should ensure that a sanity check on data serialized by Data::Dumper is performed. WordPress vulnerabilities page which was recently set up. Andreas Kurtz found malicious iOS apps after iOS 8 was released. The issue … Read more
This Shellshock issue has now spawned 6 CVE’s CVE = Common Vulnerabilities and Exposures Threat level Yellow at Internet Storm Center This is a complex vulnerability first CVE got patched almost immediately CVE-2014-6271 The second CVE now has a patch as of Friday). CVE-2014-7169 The 3rd and 4th CVE CVE-2014-7186, CVE-2014-7187 not patched … Read more
