Vinni
Администратор
Всего сообщений: 2136 Рейтинг пользователя: 22 СсылкаДата регистрации на форуме: 5 июня 2009
|
Профиль | ИгнорироватьNEW! Сообщение отправлено: 5 апреля 2013 14:15
_ttp://raidersec.blogspot.ru/2013/03/introducing-dumpmon-twitter-bot-that.html [q] ... Paste-sites such as Pastebin, Pastie, Slexy, and many others offer users (often anonymously) the ability to upload raw text of their choice. This is helpful in many scenarios, such as sending a crash report to someone or pasting temporary code. However, in addition to some people not being careful with what they upload (leaving passwords and other sensitive data in the text), attackers have been starting to use these sites to share post-compromise data, including user account data, database dumps, URLs of compromised sites, and more.
Since there are so many users uploading text to these sites, it's often difficult to find these interesting files manually. While techniques such as Google Alerts can be applied, the results are often a day or two old and are sometimes deleted. This prompted me to create a tool which monitors these sites in "real-time" (less than a minute of delay for the slowest sites) for specific expressions, and then automatically rank, aggregate, and post these results to Twitter for further analysis. I call this tool DumpMon. ... Currently, dumpmon supports the following paste-types:
Account/Database dumps Google API Keys Cisco Configuration Files (Juniper to be added soon) Honeypot Log Dumps
Dumpmon also supports the following paste-sites:
Pastie.org Pastebin.com Slexy.org ...
[/q] |
| |