How to patch Sudo

Gunnard/ January 28, 2021/ Devops, Security/ 0 comments

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) made itself known over the past few days and admins everywhere are rushing to patch it. Ill skip the analysis, watch the video below for that, and get right to patching.

JetBrains software Teamcity possibly used in Solarwinds hack

Gunnard/ January 7, 2021/ Development, hacking, PHP, Security/ 0 comments

In a New York Times article released on January 6, 2021, JetBrains and their Continuous Integration / Continuous Deployment (CI/C) application Teamcity were confirmed to be used by recently hacked software company SolarWinds.

Cryptocurrency Users Targeted in Cross-Platform ElectroRAT Malware

Gunnard/ January 6, 2021/ Cryptocurrency, hacking, Security/ 0 comments

Using Pastebin unique visitor counts for tracking, over 6,500 victims are estimated to be affected after detection of this malware in December. These numbers may be off and definatly will grow in the coming days. Called ElectroRAT by Intezer, the RAT is written from ground-up in Golang and designed to target multiple operating systems such as Windows, Linux, and macOS. “Cybersecurity

Read More

Stop spammers commenting on WordPress media files

Gunnard/ January 5, 2021/ Security/ 0 comments

A website I worked on last year, recently had a wave of media spam comments hit my inbox. There is no easy way within WordPress to turn off commenting for media items, especially if you have >100 items and just want it DONE! The solution I found was a quick SQL query:

British court rejects extradition to U.S. of Julian Assange

Gunnard/ January 4, 2021/ Security/ 0 comments

The U.S. government has been waiting the British court’s ruling for some time now and on Monday (1/4/21) the court made their announcement. No extradition for Julian Assange on charges pertaining to illegally obtaining and sharing classified material related to national security.

Linux One-liners

Gunnard/ November 12, 2020/ Fun, Linux/ 0 comments

Who doesn’t love a good Linux one-liner? To me they are the epitome of skill. They represent the ability to not only know what command needs to happen but how to initiate this in a very efficient way. For example one of my favorite commands I am telling people all of the time is sudo !! or “sudo bang bang”.

Read More

How can I prevent SQL injection in PHP?

Gunnard/ November 4, 2020/ Development, hacking, PHP, Security/ 0 comments

Preventing SQL injections is a popular topic. #1 on stackoverflow (for php) and also listed on the OWASP top 10. So what is an SQL Injection? The first part “SQL” refers to Sequential Query Language which is used in querying databases like Mysql, Postgres SQL or mariaDB. The term is meant to be used as a generalization for any database

Read More

Twitter Alternatives

Gunnard/ October 30, 2020/ Fun, hacking, Security/ 0 comments

Believe it or not, Twitter is not the only way to share your thoughts on the internet. Well, in light of recent behavior we’ve come to understand that Twitter is the adult and we all are the teenagers living under their roof. But just like a teenager, there are ways to get away from these rules. Enter Mastadon. No, not

Read More

Free PHP Malware and Security scanners [Part 1]

Gunnard/ October 8, 2020/ Development, Devops, PHP, Security/ 0 comments

Exakat Exakat is a tool for analyzing, reporting and assessing PHP code source efficiently and systematically. Exakat processes PHP 5.2 to 7.4 and 8.0 code, as well as reporting on security, performance, code quality, migration. –Exakat docs Static analysis of code is a great tool to use whether for unit testing or in this case security vulnerabilities and malware infestations.

Read More

Android on Linux

Gunnard/ October 5, 2020/ Development, Docker, Linux, Random/ 0 comments

ANDROID IN A BOX is here to bring any Android OS to your Linux box. Android in a box (Anbox) is a brand new player to the scene making use of containers instead of emulators to bring Android to Linux. Here’s a quick video of it in action. To get started with Anbox your system needs to first use snaps.

Read More