Swezy

146 posts

Swezy

@Swezy_1337

🛡️ Cybersecurity | 🕵️ Pentesting & Ethical Hacking | 🔍 Reverse Engineering | ⚙️ Development | 🪙 Crypto ⚡Contact: https://t.co/x1gQ4a5oHv 🐈‍⬛GitHub: https://t.co/VO3osIw1pd

Germany Katılım Haziran 2022

349 Takip Edilen126 Takipçiler

Sabitlenmiş Tweet

Swezy@Swezy_1337·14 Ağu

Was Fun 🚀

Unpack Racoon 🦝@UNP4CK

🌐 How we destroyed a turkish card operation, a thread: 🔷This morning I was casually scrolling through Telegram when I stumbled across a link dropping a "suspicious file"... 🔎Out of curiosity, I grabbed the file and sent it through triage (tria.ge/250429-s17btat… | 📸 Screen 1) for analysis. A few minutes later, the verdict came back: #XWorm. 📞I pinged my guy @Swezy_1337 — time to have some fun. ➡ For some context, Swezy developped a tool to RCE the malwares C2, so we can access the RDP pretty easily... (📸 Screen 2) 💣So we started reversing the binary and quickly noticed a shitty implementation in the C2 communication (146[.]103[.]25[.]63). 💢With this, we could easily use the tool from Swezy, and of course, get access to the RDP, thanks to some black magic👀 💻Once inside the VPS, we discovered what this "hacker" was up to. The dude was targeting hotel management systems, using the RAT to steal credit card details, booking records, and personal info from customers, for this, he use 2 tool (📸 Screen 3): 1️⃣ "#Nullpoint", a free Opensource #infostealer (available on github) 2️⃣and of course, XWorm V5.6, cracked... 📜Logs were full of stolen data (from stealers), some screenshots, clipboard dumps and databases dump. All routed back to a little CNC hosted on a Windows RDP in 🇱🇹 Lithuania by Space Hosting (AS15440). 👍 We wiped everything (and have a bit of fun with it). (📸Screen 4) ➡All the stolen victim data? Gone (womp womp). ➡RAT C2? Deleted. ➡Logs? Burned. ➡We even left a nice little note (you will see in screenshot below ahah). ➡And of course, we completely nuked the server — RIP the boot sector 😿 ⏲ An hours later, the "hacker" — a underage Turkish skid — started DMing us on Telegram, panicking. He had no clue what happened. We had his full name, email, server IPs, Telegram handle... 💤This idiot, in a way to appear strong and powerful, talked a little too much, and told us more about his rat method. In fact, he's having fun sending PDFs containing the malware via WhatsApp to quickly and easily infect hotels, of which we've only detected 2 so far: - 🏨Black Lotus Hotel İzmir - 🏨Luxus Grand Hotel 💥You don’t get to rat hotels and harvest cards while hiding behind your little obfuscated stub and think you’re safe. ➡You play dirty, you get reversed, pwned, and humiliated.😭 🔥It was fun.😀 👋cc/@abuse_ch @banthisguy9349 @redrabytes @swezy_1337

English

612

Swezy@Swezy_1337·2d

@SkinLand_market

GIF

QME

198

Skin.Land@SkinLand_market·3d

🟣SkinLand is temporarily unavailable due to technical maintenance. The site may be unavailable for the next few hours while we work on everything behind the scenes. We’ll be happy to see you back once the maintenance is complete. Thanks for your patience and understanding.

English

2.5K

Swezy retweetledi

lesh@lesh534·27 Mar

KYC'ed on Stake with an israeli passport and guess what, i have been getting bonuses non stop, my monthly and weekly is increased and im winning so much that i can't even believe it im going to try this with other casinoes as well and see how it goes.

English

1.7K

221.3K

Swezy retweetledi

tye@alieviation·25 Mar

Discord we need you

English

272

3.8K

128.5K

Swezy retweetledi

KOOBI@MadeByKOOBI·25 Mar

Discord down so we out here playing r6 in a google meet 😭

English

1.2K

26.1K

536.4K

Swezy retweetledi

Wild Videos@FightStorage·25 Mar

Kai Cenat’s streams really the modern day iCarly 😂

English

174

3.7K

31.4K

6.6M

Swezy retweetledi

狩野英孝@kano9x·2 Eyl

大阪へやってきました(^_^)v久しぶりにジャルジャルさんと仕事です(#^_^#)

日本語

6.1K

47.5K

302.9K

Swezy retweetledi

Maxime Lescure@FR_MaximeDev·19 Mar

Si vous utilisez @dougscompta pour votre compta, j'ai construit une API non-officielle pour l'automatiser! SDK TypeScript CLI Go Serveur MCP (intégration directe dans Claude) Open source github.com/netvolo/dougs-…

Français

Swezy@Swezy_1337·12 Mar

@Ledger =

GIF

Ledger@Ledger·12 Mar

= ?

ZXX

114

11K

Swezy@Swezy_1337·9 Mar

@GiFShitpost i know a word is missing but i can’t proof it

GIF

English

1.1K

GIFs Shitpost ⚡️@GiFShitpost·9 Mar

ZXX

16.1K

233.3K

Swezy retweetledi

IT Guy@T3chFalcon·28 Şub

A private bus for locals only.

English

170

2.7K

33.6K

637.8K

Swezy retweetledi

vx-underground@vxunderground·18 Şub

> be nerds > look into persona (used by discord) > kyc (know your customer) service > used for age verification > search on internet (shodan) > find weird server > image 1 > openai-watchlistdb.withpersona > openai-watchlistdb-testing.withpersona > lolwtf > look inside > supposed to be behind cloudflare to hide ip > openai messed up > not behind cloudflare > real ip shown > using google cloud > lookup cert history > 2023-11-16 created > 2024-02-28 gets cert > 2024-03-04 prod goes live > google stuff > openai and persona partners > partner around timeline of certs > back to searching stuff > find withpersona-gov > look inside > okta (image 2) > lolwtf > look inside > website accidentally leaking stuff > fedramp-private-backend-api > look inside > api .js accidentally exposed > look inside > wtf "SARInstructionsCard" > wtf "app.onyx.withpersona-gov" > wtf "FINTRAC" > wtf "PrivatePartnershipProjectNameCodes" > image 3 > wtf "AsyncSelfie" > look inside > openai, persona, send data to us gov > feds map face to financial records > map face using AI > map face to ICE stuff > api stores data for lots of stuff > image 4 tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly

English

318

8.3K

45.9K

2.6M

Swezy retweetledi

koerner_23@koerner_23·19 Şub

Prioritäten der CDU.

Deutsch

435

4.1K

43.3K

Maxime Lescure@FR_MaximeDev·19 Şub

On vient de mettre en production l’IA agent dans le livechat Netvolo ! Elle a accès au compte et exécute vraiment les actions pour toi (pas juste répondre) : reboot, start/stop du VPS, ouverture console VNC, check monitoring CPU… @netvolo