Hi, I’m Holly Everygreen.
Oh that Bushy!
Sorry to vent, but that brother of mine did something strange.
The trigger to restart the Candy Striper is apparently an arcane HTTP call or 2.
I sometimes wonder if all IT folk do strange things with their home networks.
1- Recommended watch KringleCon - Chris Davis & Chris Elgee talk about HTTP2:
2- First let’s view
nginx.conf file in
/etc/nginx/ , write the command in terminal :
You will find the server is using
3- Let’s use curl tool to get the server response:
curl --http2-prior-knowledge http://localhost:8080/
You will find a hint from server response :
To turn the machine on, simply POST to this URL with parameter “status=on”
4- Let’s run our curl tool again and add “status=on” parameter to turn the machine on :
curl --http2-prior-knowledge -d “status=on” http://localhost:8080/
Unencrypted HTTP/2? What was he thinking? Oh well.
Have you ever used Bloodhound for testing Active Directory implementations?
It’s a merry little tool that can sniff AD and find paths to reaching privileged status on specific machines.
AD implementations can get so complicated that administrators may not even know what paths they’ve set up that attackers might exploit.
Have you seen anyone demo the tool before?