Saturday, March 23, 2019

Recover Your Files From A Ransomware Attack Without Paying Anybody

Don't Pay The Ransom

No More Ransomware

https://www.nomoreransom.org/en/index.html

Crypto Sheriff

https://www.nomoreransom.org/crypto-sheriff.php?lang=en

Watchpoint Data

https://www.watchpointdata.com/ransomware-decryptors/

Scan A Suspicious File

https://www.virustotal.com/#/home/upload

Decrypting Excel Files

https://www.blackhillsinfosec.com/crack-passwords-password-protected-ms-office-documents/?fbclid=IwAR1IU2RXzvcGZuX-ji8dg2-5nvNorTLCNH1bPUzGIt0lVfZfrfwpz3XJfMM

Cracking Microsoft Office (97-03, 2007, 2010, 2013) password hashes with Hashcat


http://pentestcorner.com/cracking-microsoft-office-97-03-2007-2010-2013-password-hashes-with-hashcat/

Exploit Database

https://www.exploit-db.com/exploits/37977

Muhstik Ransomware Passwords Blog Post

A victim fights back and hacks the hackers back, and produces recovery keys for all of the victims. Read more here.

The STOP Ransomware Decryptor is now Free

Get the Emsisoft Decryptor for STOP Djvu here.

Brought to You By

This Tech Tidbit was brought to you by your Data Recovery and Security Experts at Eleven Dimensions Computer Technologies. See the new 11D website at:

See Our Partner Websites:

Bare Wire Networks:     http://www.barewirenetworks.com
CTI Solutions:   http://www.cti-solutions.com

Many Thanks to Our Partner companies

Sending JSON via POST in PHP and CURL usage

Sometimes, you’ll come across web services and APIs that will require you to send JSON via a POST request. The php code that you need:


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<?php
//API Url
$url = 'http://example.com/api/JSON/create';
//Initiate cURL.
$ch = curl_init($url);
//The JSON data.
$jsonData = array(
    'username' => 'MyUsername',
    'password' => 'MyPassword'
);

//Encode the array into JSON.
$jsonDataEncoded = json_encode($jsonData);
//Tell cURL that we want to send a POST request.

curl_setopt($ch, CURLOPT_POST, 1);
//Attach our encoded JSON string to the POST fields.
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);

//Set the content type to application/json
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json')); 

//Execute the request
$result = curl_exec($ch);
stolen from:  http://thisinterestsme.com/sending-json-via-post-php/

More Useful CURL tidbits of info.
https://gist.github.com/subfuzion/08c5d85437d5d4f00e58

curl usage to send POST 

For sending data with POST and PUT requests, these are common curl options:
  • request type
    • -X POST
    • -X PUT
  • content type header
  • -H "Content-Type: application/x-www-form-urlencoded"
  • -H "Content-Type: application/json"
  • data
    • form urlencoded: -d "param1=value1&param2=value2" or -d @data.txt
    • json: -d '{"key1":"value1", "key2":"value2"}' or -d @data.json


Saturday, March 2, 2019

Remove and Replace non-alphanumeric Characters from Form Inputs with regex

Remove and Clean up Form inputs on POST and GET

For your contact us forms, you do not want bad people to inject malware into your email, so you need to scrub and slug the posts with regex to remove any html code, and non-alphas that can be used to do nasty things to end users.

Shared on GIST


Example: (on ssh console)
$ php slug.php
<HELLO@HELLO.COM>
DIRTY:<Joe_Johnson_1234@gmail.com><?>
CLEAN:joe_johnson_1234@gmail.com
DIRTY:Hello Mr. O'Leary, I am calling to ask your help with releasing $10000<br/> in lost cash from nigeria. Click Here: <a href="http://www.getavirus.com">Free Virus</a> You gotta "trust" \'me\'
CLEAN:hello mr. o-leary, i am calling to ask your help with releasing $10000br in lost cash from nigeria. click here a href-httpwww.getavirus.com-free virusa you gotta -trust- -me