Notes | Brutkey

:donor: :clippy:
@reverseics@infosec.exchange

Gonna write a /cgi-bin handler that gives the result of the 20th prior OS command injection in its response message, just to mess with hackers.

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

@cR0w@infosec.exchange that directory traversal exists in some (old) AV.

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

@cR0w@infosec.exchange

(like here:

https://security.snyk.io/vuln/SNYK-UNMANAGED-CLAMAV-2381227

or here: https://www.clouddefense.ai/cve/2019/CVE-2019-1785

or here:

https://www.exploit-db.com/exploits/40741

)

a coworker of mine was once testing AV engines. this was a long while back. he named a piece of malware %s%s%s%s.exe and the av scanning engine crashed completely. it didn't check the file, and stopping all livescanning.

we are all going to die on this rock.

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

@cR0w@infosec.exchange I read a peer-reviewed journal article that says installing antivirus is a cause of ../ism.

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

@cR0w@infosec.exchange (while kind of sarcastic and tongue in cheek, this is actually true, which is kind of funny but in a weird and slightly uncomfortable way)

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

If hacktivism was like phishing we'd have:

os command injectionivism
directory traversalism
default credentialivism
brute forcetivism
vncivism
modbusivism

K. Reid Wightman :verified: 🌻

:donor: :clippy:
@reverseics@infosec.exchange

Well this sucks: I worked with MS-ISAC quite a bit a few years ago, tracking down owners of various internet-exposed systems. They were extremely helpful, without their support there would be a whole lot more driveby hacking of public school hvac/etc systems today...

(h/t @campuscodi@mastodon.social ):

https://statescoop.com/state-local-cyber-grant-msisac-2025/