@root_tanishq Seen it far too often. In fact I once tested an NHS trust. Found /sms. Turns out it was unauth page to sms logs. Typical used for patient booking conf but also OTP sms for staff.
Eurgh! 😒 it’s been days now!! When is that DB going to be fixed? Also please stop using Server 2008! It isn’t supported by MS. Don’t get breached. I hope you have an extended support contract with Microsoft. @PlacesLeisure
@PlacesLeisure Any ETA on when this might be back up? Also running on a web server no longer supported by Microsoft 😣 I hope it’s in an extended contract and regularly patched
BREAKING: Evilginx 2.4 "Gone Phishing" update is coming SOON! 🪝🐟
This will be a big one with lots of new features. I'll be posting more info about upcoming goodies in this thread!
Old dog is about to learn some new tricks.
All aboard the hype train! 🚂
New vulnerability disclosure on my blog! The Confused Mailman: Sending #SPF and #DMARC passing mail as any #Gmail or #GSuite customer https://t.co/2X9HQkmGpk #infosec
@GossiTheDog@UK_Daniel_Card He’s a skid that managed to get a PT job, popped a shell via ms17-10. Dumped the DA creds, set off alarms all over the network and everyone is praying he leaves quickly and quietly before more damage is done.
@UK_Daniel_Card Kid you not I was spraying an open NTLM dir the other month with statistically common usernames and hit a success. Checked the creds on an open RDP and the account was DA. 😑🤦. This was LARGE firm