[# Systematic Destruction (Hacking the Scammers pt. 2)

Taking on the “Smishing Triad”](https://blog.smithsecurity.biz/systematic-destruction-hacking-the-scammers-pt.-2) g

His blog on the topic if you don’t want the wired summary.

A brief technical summary from iMAP reveals what happens when users attempt to access sites using Cloudflare and Google DNS.

• On Maxis, DNS queries to Google Public DNS (8.8.8.8) servers are being automatically redirected to Maxis ISP DNS Servers;

**

• On Time, DNS queries to both Google Public DNS (8.8.8.8) and Cloudflare Public DNS (1.1.1.1) are being automatically redirected to Time ISP DNS servers.

“Instead of the intended Google and Cloudflare servers, users are being served results from ISP DNS servers. In addition to MCMC blocked websites, other addresses returned from ISP DNS servers can also differ from those returned by Google and Cloudflare,” iMAP warns.

…

"Users that are affected, can configure their browser settings to enable DNS over HTTPS to secure their DNS lookups by using direct encrypted connection to private or public trusted DNS servers. This will also bypass transparent DNS proxy interference and provide warning of interference,” iMAP concludes.

Essentially Malaysia law required ISP to drop DNS entries for some sites, local users started using public DNS. ISP started redirecting public DNS requests, and local users started using DNS over HTTPS.

The pirate wars continue in their arms races.

Should have remembered they do an English version. Thanks!

It was noted that more than half of the KN-23 missiles lost their programmed flight trajectory during flight and likely exploded in the air, as the launches of these missiles were recorded, but their debris was not found.

Translated sources beyond Google?

I’m all for the enthusiasm I’m seeing with Harris, but am happy to see someone like Axelrod pointing out the polling. He’s absolutely right in that it will take work to win, and mistakes to lose. Fortunately Harris seem to be working and Trump seems to be making mistakes for now. Let’s hope it doesn’t flip soon.

Alternative link https://archive.ph/Upz8j

“Harris immediately framed her candidacy with a specific false reference to this case as a contest of ‘prosecutor vs. convicted felon,’” Trump’s filing says.

Harris’ framing is an “inaccurate attack,” it adds, without describing an inaccuracy. Harris is a former district attorney for San Francisco and attorney general for California; in May, Trump became the first former president convicted of a felony.

…

In brief response papers filed Friday, prosecutors called Trump’s latest recusal effort “vexations and frivolous.”

Trump’s “regurgitated” complaints about Loren Merchan’s work with Harris have already failed twice, including at the appellate level, and amount to little more than “overheated, hyperbolic rhetoric,” prosecutors added.

…

The letter alleges that Authentic Campaigns earned “over $7 million in compensation” for its work on campaigns involving Harris. The letter doesn’t allege that Authentic Campaigns’ work for Harris ever overlapped with her father presiding over the hush-money case.

In May of 2023, the New York Advisory Committee on Judicial Ethics found that Merchan wasn’t compromised by his daughter’s political activities, writing, “A relative’s independent political activities do not provide a reasonable basis to question the judge’s impartiality.”

This feels like an article on two unrelated topics, but it’s Trump so I should not be surprised.

Take Simon with a grain of salt, but this Warographics on What a war might look like along side the context of RealLifeLore background on US, Iran relations might give some further understanding if you are after some short intros.

Based some of the revealed history of some of these agencies, I feel like Hollywood is both closer and much further off than the reality of what happens. Closer in that history is stranger then fiction, and much further off in that these agencies are not monolithic decision makers and the hydraheaded nature of a political/bureaucracy makes for some strange decision.

Alternative link

In 2021, Trump’s running mate, Sen. JD Vance of Ohio, denounced women for leaving abusive husbands. The same year, he also decried allowing rape victims to abort their pregnancies, claiming all pregnancies should be forced to term, “even though the circumstances of that child’s birth are somehow inconvenient.” Former Fox News host Tucker Carlson also spoke. In the past, he has argued that raping underage girls is less bad if the rapists marry them first, and complained about rape shield laws that protect the identity of victims.

This is part of the Trump campaign’s strategy of shoring up support among younger men by appealing directly to the Joe Rogan and Jordan Peterson fanboys. The tactic runs the risk of backfire. If female swing voters learn how much the GOP is built on apologia for sexual violence, focus group information suggests it will turn them away from Trump. With Biden as the nominee, there was a real chance this issue would stay on the back burner. Even though he was the author of the Violence Against Women Act in the 90s, Biden has proved incapable of making Trump’s sexual violence a defining issue. He’s tried, even using the word “rape” to describe Trump’s behavior. But Biden’s overall problems communicating got in the way of this message.

Harris, however, is not hobbled by the issues with talking that plagued Biden in the end. More than that, sexual violence is an issue that she can speak about with a level of authority that Biden — really, most male politicians — never could achieve. Her gender is only part of it. As she often discusses on the campaign trail, Harris got her start in criminal law by working in the sex crimes division of Alameda County. She spent years talking about these hard issues in a court setting, and it shows in the way she strikes a deft balance between sensitivity and frankness when speaking about sexual violence. I recommend watching this co-interview she did on MSNBC with Hadley Duvall, a child sex abuse survivor who has been speaking out about abortion rights. Harris tells the story of her high school friend who told her that her stepfather was molesting her. “I said to her: ‘you have to come live with us. I called my mother and my mother said, ‘of course she has to come stay with us.’”

It’s going to be a much better race.

What in the world are they digging for?

Feasible if you found one at a junk yard, but copper tubing is $20-30 and some fittings makes a tubing idea sub-$100 probably. An AC is about $300, a new radiator without fittings starts at $70 and are built for cars not box fans so it might be more challenging to get to work.

With that being said, environmental, energy, and other contextual concerns might out weigh the cost. A mini-split heat pump is probably the most sane thing to actually install, but that’s a big ask.

As a kid I used tubes, a box fan, a cooler, and bucket with a siphon to cool me down.

You could easily set that up with just the water from a sink and some hardware store parts.

Search for ‘diy fan cooling tub copper coils’ as a start.

As an example: Homemade AC - The “Copper Coil” Air Cooler! - (Simple "Box Fan …

Copper coils have the best thermal efficiency, but plastic tubing would also work.

So don’t bring your submarines into the area. Brilliant!

Non-paywall link https://archive.ph/ySJDe

Potato Achieved!

I did a quick search and they don’t make it easy. Peter Lowe’s ad and tracking server blocklist is the only one I found. EasyList doesn’t seem to have a donation link, nor Dan Pollock at someonewhocares.org. Also worth noting that UBO doesn’t take donations. You could always subscribe to AdGuard, but that’s mixed.

https://archive.ph/w58Yk Alternative link unpaywalled

If this request worked, it meant that I could use an “encryptedValue” parameter in the API that didn’t have to have a matching account ID.

I sent the request and saw the exact same HTTP response as above! This confirmed that we didn’t need any extra parameters, we could just query any hardware device arbitrarily by just knowing the MAC address (something that we could retrieve by querying a customer by name, fetching their account UUID, then fetching all of their connected devices via their UUID). We now had essentially a full kill chain.

I formed the following HTTP request to update my own device MAC addresses SSID as a proof of concept to update my own hardware:

…

Did it work? It had only given me a blank 200 OK response. I tried re-sending the HTTP request, but the request timed out. My network was offline. The update request must’ve reset my device.

About 5 minutes later, my network rebooted. The SSID name had been updated to “Curry”. I could write and read from anyone’s device using this exploit.

This demonstrated that the API calls to update the device configuration worked. This meant that an attacker could’ve accessed this API to overwrite configuration settings, access the router, and execute commands on the device. At this point, we had a similar set of permissions as the ISP tech support and could’ve used this access to exploit any of the millions of Cox devices that were accessible through these APIs.

Blows me a away that an unauthenticated API with sensitive controls and data was publicly facing. Corporations these days want all your data but wonder why some customers are worry about how it is protected, it let alone if it’s being sold. Why should I allow you to control my hardware when you can’t protect yourself.