 | Jeroen Wiert Pluimer… on Does Odido (the old T-Mobile N… |
 | Lars Fosdal on Security alarm provider Woonve… |
 | Thomas Mueller on Question got closed in May 202… |
 | Thaddy de Koning on Formulier voor bewindvoerders… |
| Thaddy de Koning on Formulier voor bewindvoerders… |
Posted by jpluimers on 2024/12/12
Simple (but fully working) code for
NPLogonNotify(). The function obtains logon data, including cleartext password.
[Wayback/Archive] PSBits/PasswordStealing/NPPSpy at master · gtworek/PSBits has been used in the wild since about 2022 (the code is from 2020).
The code is a ~100 line C file resulting in a DLL exporting the NPGetCaps() and NPLogonNotify() functions.
Background/related:
Posted in .NET, Blue team, C, CommandLine, Development, Power User, PowerShell, PowerShell, Red team, Scripting, Security, Software Development, Windows Development | Tagged: NPPSPY | 1 Comment »
Posted by jpluimers on 2024/11/27
I wrote about programs and scripts doing IPv4 subnet calculation, but sometimes it is easier to have a table at hand, so here is the one I found at [Wayback/Archive] OccupytheWeb on Twitter: “Network Basics for Hackers: Subnetting, Subnet Masks and CIDR Notation #networks #networkbasics #subnetting #infosec #networks4hackers #cyberwarrior #cyberwarrior #networkbasics #networkbasics subnet”
Notes:
Posted in Development, Hardware, Internet, IPv4, Network-and-equipment, Power User, Scripting, Software Development | Tagged: cyberwarrior, infosec, networkbasics, networks, networks4hackers, subnetting | Leave a Comment »
Posted by jpluimers on 2024/11/22
Somehow this post missed the schedule and for a long time I forgot to properly checked for “missed schedule” posts.
Back in 2021, suddenly systems with speedtest-cli threw a [Wayback/Archive] ValueError: invalid literal for int() with base 10: ” by tzwickl · Pull Request #768 · sivel/speedtest-cli after accessing the speedtest.net servers.
Around 7-8 April, 2021 the speedtest.net/speedtest-config.php XML configuration suddenly had changed the value for the XPath expression /settings/server-config/@ignoreids from being a list of integers into empty, see the archived files below.
Posted in Development, JavaScript/ECMAScript, Python, Scripting, Software Development, XML/XSD, XPath | Tagged: 768, 769 | Leave a Comment »
Posted by jpluimers on 2024/11/21
Example URL: [Wayback/Archive] track.amazon.com/tracking/NL2017506177
Via: [Wayback/Archive] Amazon Shipping
Related: Read the rest of this entry »
Posted in Bookmarklet, Development, JavaScript/ECMAScript, Scripting, Software Development, Web Browsers | Leave a Comment »
Posted by jpluimers on 2024/11/20
A while ago, I needed to generate GUIDs on any Windows console so performed a [Wayback/Archive] generate guid windows terminal – Google Search, found [Wayback/Archive] Generate a GUID in Windows 10 (Globally Unique Identifier) and came up with this generate-guid.bat file:
powershell [guid]::NewGuid()
–jeroen
Posted in CommandLine, Console (command prompt window), Development, PowerShell, PowerShell, Scripting, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2024/11/05
Two stage bookmarklet idea (so if will be easier to create this in an agile fashion):
Hopefully these links will help me getting started:
Posted in Bookmarklet, Development, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »
Posted by jpluimers on 2024/10/10
A very interesting read, where it keeps me wondering how batch files like these are being generated (making them by hand feels very surreal): [Wayback/Archive] From Highly Obfuscated Batch File to XWorm and Redline – SANS Internet Storm Center
VirusTotal entry: [Wayback/Archive] VirusTotal – File – 453c017e02e6ce747d605081ad78bf210b3d0004a056d1f65dd1f21c9bf13a9a
The day after the article was written, only Kaspersky and ZoneAlarm detected it; in the past ZoneAlarm used the Kaspersky engine, but that stopped a while ago: [Wayback/Archive] ZoneAlarm Free Antivirus Review | PCMag.
The malware uses at least these technologies:
Posted in Antivirus, Batch-Files, Development, Power User, PowerShell, Python, Scripting, Security, Software Development, Windows Development | Leave a Comment »
Posted by jpluimers on 2024/10/09
Note that the below methods likely will cause security warnings if a Windows machine has been properly configured, but in most cases at least one of them works.
curl --url https://speed.hetzner.de/100MB.bin --output %TEMP%\100MB.bin
certutil | Microsoft Docs (at least Windows 7 and up; needs UAC elevation)certutil.exe -urlcache -split -f https://speed.hetzner.de/100MB.bin %TEMP%\100MB.bin
powershell.exe -Command (New-Object System.Net.WebClient).DownloadFile('https://speed.hetzner.de/100MB.bin','%TEMP%\100MB.bin')
I think it works for all versions of curl, certutil, and PowerShell though I did not have anything older than up-to-date Windows 7 (having PowerShell version 3) and recent to test on.
Posted in *nix, *nix-tools, .NET, Batch-Files, CommandLine, cURL, Development, Power User, PowerShell, PowerShell, Scripting, Software Development, Windows, Windows 10, Windows 11, Windows 7, Windows 8, Windows 8.1, Windows Development, Windows Vista | Leave a Comment »
Posted by jpluimers on 2024/10/08
Apparently I was living under a stone since the 2015 introduction of [Wayback/Archive] Paste to Markdown:
Paste to Markdown
Instructions
- Find the text to convert to Markdown (e.g., in another browser tab)
- Copy it to the clipboard (
Ctrl+C, or⌘+Con Mac)- Paste it into this window (
Ctrl+V, or⌘+Von Mac)- The converted Markdown will appear!
The conversion is carried out by to-markdown, a Markdown converter written in JavaScript and running locally in the browser.
The “to-markdown” I did already know (see A few HTML to Markdown converters written in javascript, Python, Ruby, PHP and C#) but has been renamed from [Wayback/Archive] GitHub – domchristie/to-markdown: An HTML to Markdown converter written in JavaScript into then “turndown” repository below.
More links:
Posted in Development, HTML, JavaScript/ECMAScript, Lightweight markup language, MarkDown, Scripting, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2024/10/01
A long time ago, I wrote about How to hide an entire drive from prying eyes on Windows 10 | Windows Central.
The easiest way is still to add/modify a NoDrives value in the Registry, but regrettably [WayBack] NT Drive Calculator – The ‘NoDrives’ Registry Key Value Calculator is down (it was a server-side solution, so the WayBack Machine link does display a page, but the calculator does not function).
My use case is that I have an existing NoDrives value that I want to update (as there have been one or more drive letters added/changed).
Posted in Development, HTML, HTML5, JavaScript/ECMAScript, Scripting, Software Development, Web Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 