a date with data
play

A Date with Data Botnet Command and Control Through Tinder A Date - PowerPoint PPT Presentation

Apr 02, 2023 •266 likes •500 views

A Date with Data Botnet Command and Control Through Tinder A Date with Data Botnet Command and Control Through Tinder (Almost) $whoami Nathaniel Beckstead Interests Blue team Homelab Network Security Find Me github.com/becksteadn

  1. A Date with Data Botnet Command and Control Through Tinder

  2. A Date with Data Botnet Command and Control Through Tinder (Almost)

  3. $whoami Nathaniel Beckstead Interests Blue team Homelab Network Security Find Me github.com/becksteadn scriptingis.life

  4. Intercept Requests

  5. Certificate Pinning Provides relative certainty of the host’s (server’s) identity App has a list of certificates it trusts. Does not establish a connection if the certificate is not in the pinset.

  6. Certificate Pinning Tinder: Are you Buzz Lightyear? Burp Suite: Yeah, I’m Buzz Lightyear. Tinder:

  7. Cert Pinning Bypass

  8. Decompile, Alter, Recompile Thank you Chaim and Anders. Sadly outdated. Code is now obfuscated.

  9. Decompile, Alter, Recompile

  10. Decompile, Alter, Recompile Search files for functions using X509TrustManager. Add ‘return-void’ to the top and bottom.

  11. Cert Pinning Bypass Bypass

  12. The API All the hard work is done. Translate to Python requests module. Use Postman to test. https://github.com/fbessez/Tinder

  13. The API All the hard work is done. https://github.com/fbessez/Tinder Translate to Python requests module. Use Postman to test https://github.com/fbessez/Tinder

  14. The API fb_auth_token.py - Uses robobrowser to log in using username/password and gets FB token and UID. tinder_api.py - Authenticates to Tinder using FB token and UID and returns token. https://github.com/fbessez/Tinder

  15. The API Host: api.gotinder.com X-Auth-Token: User-Agent: Tinder/7.5.3 (iPhone; iOS 10.3.2; Scale/2.00) https://github.com/fbessez/Tinder

  16. Command and Control

  17. Command and Control Description Data Method Endpoint /like/_id Like someone a.k.a GET swipe right /user/matches/_id Send message to _id {"message": TEXT POST GOES HERE} /user/_id Get a user's profile GET data https://github.com/fbessez/Tinder

  18. Facebook Security

  19. Facebook and Bots

  20. Facebook and Bots

  21. Facebook and Bots

  22. Up Next: Workplace?

Recommend

9 7 layers of data testing hell Clients Name | Country | Title of this presentation | Date 0

9 7 layers of data testing hell Clients Name | Country | Title of this presentation | Date 0

Da Data s Inf Inferno 9 7 layers of data testing hell Clients Name | Country | Title of this presentation | Date 0 Who are we? Globally active bank, based in Amsterdam, Big Data and Data Science Consultancy, the Netherlands

814 views • 32 slides
June 13, 2018 Disclaimer - Estimates are considered accurate based on data as of the date of

June 13, 2018 Disclaimer - Estimates are considered accurate based on data as of the date of

1 SOUTH WHIDBEY SCHOOL DISTRICT NO. 206 Revenue June 13, 2018 Disclaimer - Estimates are considered accurate based on data as of the date of publication. Final adjustments/modifications may be made up to the board certification date (July

1.12k views • 75 slides
Existing Elevation Data Sets Out of Date: Most > 40 yrs old Data range from 15 yrs old to

Existing Elevation Data Sets Out of Date: Most > 40 yrs old Data range from 15 yrs old to

Existing Elevation Data Sets Out of Date: Most > 40 yrs old Data range from 15 yrs old to > 70 yrs old Spatial Resolution: 33 ft (10 m), 98 ft (30 m) Vertical Accuracy: 3.3 6.6 ft (1 2 m) to 36 131 ft (11 40 m)

298 views • 18 slides
MTN-020 Data Communiqu #13 November 18, 2014 AE Outcome Date when treatment is indicated

MTN-020 Data Communiqu #13 November 18, 2014 AE Outcome Date when treatment is indicated

MTN-020 Data Communiqu #13 November 18, 2014 AE Outcome Date when treatment is indicated For AEs requiring treatment, the outcome date should reflect when all associated symptoms have resolved (or returned to baseline severity) or the

417 views • 12 slides
First Nations Health Data Linkage PRESENTER: SABA KHAN , DATA PARTNERSHIPS PROJECT MANAGER DATE:

First Nations Health Data Linkage PRESENTER: SABA KHAN , DATA PARTNERSHIPS PROJECT MANAGER DATE:

First Nations Health Data Linkage PRESENTER: SABA KHAN , DATA PARTNERSHIPS PROJECT MANAGER DATE: NOVEMBER 6, 2014 ACKNOWLEDGEMENTS TRACY ANTONE, CARMEN JONES CHIEFS OF ONTARIO DAVID HENRY, JENNIFER WALKER ICES Institute for Clinical

438 views • 5 slides
How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time

How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time

MANIPULATING TIME SERIES DATA IN PYTHON How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time Series Functionality At the root: data types for date & time information Objects for points in

279 views • 25 slides
MTN-020 Data Communiqu #6 February 25, 2013 Concomitant Medications Log Frequency and

MTN-020 Data Communiqu #6 February 25, 2013 Concomitant Medications Log Frequency and

MTN-020 Data Communiqu #6 February 25, 2013 Concomitant Medications Log Frequency and Route If once is marked for a medications frequency, both a Date Started and a Date Stopped must be present, and be the same date. When

514 views • 5 slides
Page: 1 of 11 Effective Date: 12/95 Previous Review Date: 7/17 Current Review Date: 5/18 Revision

Page: 1 of 11 Effective Date: 12/95 Previous Review Date: 7/17 Current Review Date: 5/18 Revision

Page: 1 of 11 Effective Date: 12/95 Previous Review Date: 7/17 Current Review Date: 5/18 Revision Date: 5/18 SCHNECK MEDICAL CENTER Seymour, Indiana ORGANIZATION WIDE FUNCTION: Management of Information CREDIT AND COLLECTION POLICY PURPOSE : To

280 views • 12 slides
Transmission of resistant HIV in patients with a known date of infection Data from the HIV-1

Transmission of resistant HIV in patients with a known date of infection Data from the HIV-1

Transmission of resistant HIV in patients with a known date of infection Data from the HIV-1 Seroconverter Cohort Bartmeyer B., Kuecherer C., Werning J., Hamouda O. for the German Seroconverter Study Group 1 Robert Koch-Institute, Berlin,

390 views • 34 slides
Hur on We binar Se r ie s: Data Migr ation Date s, Re vise d Doc ume nts for Ne w

Hur on We binar Se r ie s: Data Migr ation Date s, Re vise d Doc ume nts for Ne w

Hur on We binar Se r ie s: Data Migr ation Date s, Re vise d Doc ume nts for Ne w Submissions, and Othe r Ne ws! Se pte mb e r 12, 2019 Da ta Mig ra tio n Da te s T opic s to I mpo rta nc e o f Ne w T e mpla te s Cove r Ne w Pro

293 views • 14 slides
15-381: Artificial Intelligence Introduction and Overview Course data All up-to-date info is

15-381: Artificial Intelligence Introduction and Overview Course data All up-to-date info is

15-381: Artificial Intelligence Introduction and Overview Course data All up-to-date info is on the course web page: - http://www.cs.cmu.edu/afs/cs.cmu.edu/academic/class/15381-s07/www/ Instructors: - Martial Hebert - Mike Lewicki TAs:

435 views • 25 slides
OFFICE OF MEDICAID POLICY AND PLANNING END OF THERAPY DATA COLLECTION DEFINITION End of therapy

OFFICE OF MEDICAID POLICY AND PLANNING END OF THERAPY DATA COLLECTION DEFINITION End of therapy

OFFICE OF MEDICAID POLICY AND PLANNING END OF THERAPY DATA COLLECTION DEFINITION End of therapy date (EOT) End of therapy date means the date the therapy regimen ended for physical therapy, occupational therapy, and speech-language

789 views • 27 slides
DataCamp Data Types for Data Science DataCamp Data Types for Data Science Data Set Overview

DataCamp Data Types for Data Science DataCamp Data Types for Data Science Data Set Overview

DataCamp Data Types for Data Science DataCamp Data Types for Data Science Data Set Overview Date,Block,Primary Type,Description, Location Description,Arrest,Domestic, District 05/23/2016 05:35:00 PM,024XX W DIVISION ST,ASSAULT,SIMPLE,

431 views • 13 slides
Data Abstraction Programmers Compound values combine other values together All A date: a

Data Abstraction Programmers Compound values combine other values together All A date: a

Data Abstraction Programmers Compound values combine other values together All A date: a year, a month, and a day A geographic position: latitude and longitude Data abstraction lets us manipulate compound values as units

170 views • 14 slides
Agenda 7. Key insights learned to date What is the data 1. Our purpose Today and beyond

Agenda 7. Key insights learned to date What is the data 1. Our purpose Today and beyond

6/22/2018 Esopus Master Plan: Emerging Goals and Strategies June 21, 2018 Agenda 7. Key insights learned to date What is the data 1. Our purpose Today and beyond telling us? 2. Possible outcomes and funding of projects a. Our Waterfront

537 views • 27 slides
Leveraging AI for Industrial IoT Chetan Gupta, Ph.D. Chief Data Scientist, Big Data Lab, Hitachi

Leveraging AI for Industrial IoT Chetan Gupta, Ph.D. Chief Data Scientist, Big Data Lab, Hitachi

Leveraging AI for Industrial IoT Chetan Gupta, Ph.D. Chief Data Scientist, Big Data Lab, Hitachi America Ltd. Date: Sept. 19 th , 2017 AI Level Set Machine Learning Data Outcomes & Artificial Intelligence Data Sensor Data Human

484 views • 27 slides
Unit 10: Contract Administration: Loss and Expense D39PZ: Procurement and Contracts 2 2 Claims

Unit 10: Contract Administration: Loss and Expense D39PZ: Procurement and Contracts 2 2 Claims

...last week (or things you should now understand) the difference between the Date for Completion and the Completion Date the SBC/Q process by which the Date for Completion / Completion Date can be changed (i.e. Adjustment of the

540 views • 31 slides
Billerica Memorial High School MSBA Data Entry Sheet Date 6/16/2020 Period Ending: 5/31/2020

Billerica Memorial High School MSBA Data Entry Sheet Date 6/16/2020 Period Ending: 5/31/2020

Billerica Memorial High School MSBA Data Entry Sheet Date 6/16/2020 Period Ending: 5/31/2020 MSBA Reimbursement Package #: 68 Included GC/CM Requisition: 51 Invoice # Invoice Date Vendor Cost Code Eligible Ineligible 51 5/31/2020

267 views • 14 slides
Advisory Data Conferences 6th and 7th Grade Date: 11/9/2016 Why are Classroom Conferences

Advisory Data Conferences 6th and 7th Grade Date: 11/9/2016 Why are Classroom Conferences

Advisory Data Conferences 6th and 7th Grade Date: 11/9/2016 Why are Classroom Conferences important for parents and teachers? 1. Because student success is a shared responsibility. 2. Because when parents provide a learning environment at home

519 views • 27 slides
12309.2014 Date: Work Activities Performed 1. Creation of Master data in SAP ie vendor,

12309.2014 Date: Work Activities Performed 1. Creation of Master data in SAP ie vendor,

, , zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA to Date: 30.09.2014 NO.C!DCO/SE(HQ}/2014/1 zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Sub: Information required for preparation of presentation on existing staff position Ref:

610 views • 8 slides
Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 1 Oct Wed

Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 1 Oct Wed

Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 1 Oct Wed 9 Equivalent Circuits 3.6 2 Oct Thu 3 Oct Fri Recitation HW 4 4 Oct Sat 5 Oct Sun 6 Oct Mon 10 Energy Storage 3.7, 4.1 NO LAB 7

847 views • 51 slides
Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 27 Oct Mon

Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 27 Oct Mon

Schedule Date Day Class Title Chapters HW Lab Exam No. Due date Due date 27 Oct Mon 16 Sinusoidal Frequency 6.1 Response LAB 5 28 Oct Tue 8.1 8.2 29 Oct Wed 17 Operational Amplifiers 30 Oct Thu 31 Oct Fri

726 views • 45 slides
Deliverable 11.2 Project Presentation Due date of delivery: January 31 st , 2017 Actual submission

Deliverable 11.2 Project Presentation Due date of delivery: January 31 st , 2017 Actual submission

D11.2 Project Presentation MHMD - H2020-ICT-2016 (732907) Call identifier: H2020-ICT-2016 - Grant agreement no : 732907 Topic : ICT-18-2016 - Big data PPP: privacy-preserving big data technologies Deliverable 11.2 Project Presentation Due date of

433 views • 14 slides
Reading date and time data in Pandas W ORK IN G W ITH DATES AN D TIMES IN P YTH ON Max Shron

Reading date and time data in Pandas W ORK IN G W ITH DATES AN D TIMES IN P YTH ON Max Shron

Reading date and time data in Pandas W ORK IN G W ITH DATES AN D TIMES IN P YTH ON Max Shron Data Scientist and Author A simple Pandas example # Load Pandas import pandas as pd # Import W20529's rides in Q4 2017 rides =

656 views • 34 slides

More recommend