Maria Devenish: as nomral price other sell for it Maria Devenish: was looking for 6 usd per 1k Maria Devenish: i was needing 40k, but i get paid tommorow Maria Devenish: buy apex sell for gold 1k = 9.5 usd čegal Maria Devenish: stock and what server and price ? Hi live:lechris292, I'd like to add you as a contact.
For this usage, we can use the Osintcombine tool, first to understand what we collected so far.*** Maria Devenish would like to add you on Skype So we collecting a lot of results, this is good but how can we understand which keyword collecting more results, how effective we collect API keys or screenshot from an internal system, or even open the screenshot from few keywords and see what is going on there. So we found many interesting things, Users and passwords for servers, accounts, credit cards, passports, internal systems and so many more, but this could be a nightmare to pass one by one from CSV file, understand what is going on there, and delete or tag result by sensitivity rate. “Shotlooter tool is developed to find sensitive data inside the screenshots which are uploaded to (via the LightShot software) by applying OCR and image processing methods.”įirst, we will provide an id to the tool, The image will download to our machine, then the tool will apply OCR to extract text from the image, compare the output to our wordlist and if there is any match he will save it in an output CSV file Image -> OCR -> Comparing output to wordlist -> if match -> save Hands-on TIMEĪfter we git clone the tool to our machine by installation guide we can start to get results, edit the wordlist.txt as you wish and the magic will start.ĭon't upload your screenshot when you are in a governments website This tool called shotlooter and this is his description: Luckily, we have a very talented developer who has already developed a tool that does most of the work for us: utkusen. So lest move to the attacker point of view, we are known that many people upload sensitive information to the light shot cloud, we know we can guess the id number of the pictures, we need a simple process that will run over the ID, check if this picture contains something we can define as sensitive- if there is something there - we want to save the picture, the URL and of course the keyword. Who has enough time to collect all the pictures, take a look one by one, and decide what to use or which one contains sensitive information? Offensive perspective The main problem is as always - we are, Many people take screenshots of many things like documents, passwords for services or social accounts, internal systems, and many many more, A lot of people just assumed if they got a “random” id which contains letters and numbers, they are safe enough and no one will see it.
Lightshot - good solution but we need to be more aware with screenshots So where is the problem?
0 kommentar(er)
