The post GhostGPT is out – Write your own Malicious Code appeared first on Information Security Newspaper | Hacking News.
]]>GhostGPT is not the only AI being used for illegal activities. Similar tools like WormGPT are also on the rise, offering criminals ways to bypass security controls that are present in ethical AI models like ChatGPT, Google Gemini, Claude, and Microsoft Copilot. These unethical AI models are designed to assist in writing malicious code and carrying out cyberattacks, posing a major risk to businesses and individuals.The rise of cracked AI models—which are modified versions of legitimate AI tools—has made it easier for hackers to gain access to powerful AI systems without restrictions. Security experts have been tracking the rise of these tools since late 2024 and report an increase in their usage for cybercrime. This development is alarming for the tech industry and security professionals because AI was meant to help people and businesses, not be used as a weapon. If these malicious AI models continue to grow, companies and individuals could face more sophisticated cyberattacks, making cybersecurity more challenging. The need for stronger regulations and better security measures to prevent AI abuse is now more critical than ever.
The post GhostGPT is out – Write your own Malicious Code appeared first on Information Security Newspaper | Hacking News.
]]>The post WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus appeared first on Information Security Newspaper | Hacking News.
]]>The ZIP file format, a widely used method for data compression, organizes and bundles multiple files into a single archive, making it ideal for efficient file transfers. However, the structure of ZIP files introduces potential vulnerabilities, which attackers can exploit for evasion purposes. Here’s a breakdown of the key structural components that are critical for both functionality and security:
Together, these components are crucial for enabling ZIP files to function as compact, easily accessible archives. However, the flexibility in this structure also presents potential vulnerabilities, which threat actors exploit through techniques like concatenation. By understanding these components, we gain insight into how attackers use ZIP files to evade detection and hide malicious content.
Understanding ZIP Concatenation and the Attack Technique: ZIP files, widely used for data compression, consist of structural elements like the Central Directory and EOCD (End of Central Directory) to organize file entries efficiently. However, attackers exploit these structural elements by concatenating multiple ZIP files into a single archive, creating multiple central directories. This tactic lets them hide malicious files from detection tools or programs that only read the first directory, ensuring that the Trojan is only visible in select tools like WinRAR.
Imagine you have a ZIP file named documents.zip
containing two text files:
invoice.txt
contract.txt
In a typical ZIP file structure:
invoice.txt
and contract.txt
) is stored with metadata such as the file name, size, and modification date.documents.zip
, the ZIP reader consults the central directory to quickly locate and display the two files.Attackers can exploit this structure through concatenation by appending a second ZIP archive to documents.zip
. Here’s how:
malware.zip
, containing a hidden executable file named virus.exe
.malware.zip
to the end of documents.zip
, creating a combined file that appears to be a single archive but actually has two central directories (one for documents.zip
and one for malware.zip
).Example in Command Line:
zip documents.zip invoice.txt contract.txt # Create initial ZIP with harmless files
zip malware.zip virus.exe # Create malicious ZIP with a hidden file
cat documents.zip malware.zip > combined.zip # Concatenate both into a single ZIP
Now, let’s see what happens when different programs open combined.zip
:
combined.zip
with 7zip, only the first ZIP’s central directory (documents.zip
) is read, so 7zip displays only invoice.txt
and contract.txt
. A minor warning might appear, but the hidden virus.exe
file is not displayed.malware.zip
) and reveals virus.exe
alongside the original files. This makes WinRAR a tool that could potentially expose the hidden threat.combined.zip
. It may only show virus.exe
if it detects the second archive, but it sometimes fails to open concatenated ZIPs altogether, making it unreliable in security scenarios.The discrepancy in how ZIP readers interpret concatenated archives allows attackers to disguise malware in ZIP files. Security tools relying on ZIP readers like 7zip might miss the hidden virus.exe
, allowing the malware to bypass initial detection and later infect the system if opened in a program like WinRAR.
Cybercriminals often use sophisticated techniques to bypass security systems and conceal their malicious payloads. One of these techniques, ZIP concatenation, takes advantage of the structural flexibility of ZIP files to hide malware from detection tools. Here’s how threat actors exploit this technique:
.rar
or .pdf
to appear as legitimate documents or compressed files in emails.malware.exe
, to bypass detection if the archive is opened in ZIP readers that miss the second directory.This method is particularly effective because it exploits fundamental inconsistencies in ZIP file interpretation across different readers and tools. By strategically placing malicious payloads in parts of the archive that some ZIP readers cannot access, attackers bypass standard detection methods and target users more likely to overlook the hidden threat.
To combat this technique, security researchers are now developing recursive unpacking algorithms that fully parse concatenated ZIP files by examining each layer independently. This approach helps detect deeply hidden threats, reducing the chances of evasion.
In summary, ZIP concatenation is an effective evasion technique, enabling threat actors to bypass standard detection tools and deliver malware hidden within seemingly innocuous files.
Recursive Unpacker: A Solution to Unmask Evasive Malware
As attackers increasingly use techniques like ZIP concatenation to evade detection, security researchers have developed recursive unpacking technology to thoroughly analyze complex, multi-layered archives. Recursive unpacking systematically dissects concatenated or deeply nested files to reveal hidden malicious payloads that traditional detection tools may miss. Here’s how the Recursive Unpacker functions and why it’s a powerful defense against evasive threats.
Imagine an attacker has sent a ZIP file with the following structure:
invoice.zip
containing:
document.pdf
(benign)hidden.zip
(a nested ZIP file)hidden.zip
containing:
malware.exe
(a malicious executable)data.txt
(benign text file)When a Recursive Unpacker analyzes invoice.zip
, it first extracts document.pdf
and hidden.zip
. Upon detecting that hidden.zip
is itself an archive, it unpacks this nested layer as well, revealing malware.exe
and data.txt
. Without recursive unpacking, security tools may have missed malware.exe
, which could contain the actual payload.
False Positives: Due to its thoroughness, Recursive Unpackers may flag benign nested files as suspicious, requiring further analysis to validate the findings.
Resource Intensity: Recursive unpacking can be resource-intensive, as it requires processing every layer of large files, which can be time-consuming.
For full details and a technical breakdown of the attack, read the original research here.
The post WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus appeared first on Information Security Newspaper | Hacking News.
]]>The post How to send phishing or malware to Teams users evading Teams security features appeared first on Information Security Newspaper | Hacking News.
]]>TeamsPhisher utilizes a number of other techniques, including some of Andrea Santese’s (@Medu554) older ones, in addition to this one.For the authentication component of the attack flow as well as other basic utility functions, it relies significantly on TeamsEnum, a brilliant piece of work that was developed by Bastian Kanbach (@bka) of SSE.
TeamsPhisher’s goal is to include the most useful aspects of the aforementioned projects in order to provide a method that is robust, fully adaptable, and highly effective for authorized Red Team operations to use Microsoft Teams for phishing in access-related circumstances.
You will need to provide TeamsPhisher with an attachment, a message, and a list of people to target. After that, it will go over the list of targets while simultaneously uploading the attachment to the sender’s Sharepoint.
First, TeamsPhisher will enumerate the target user and check to see whether that person really exists and is able to receive messages from the outside world. After that, it will initiate a new conversation with the person you choose. Note that this is technically a “group” conversation since TeamsPhisher contains the target’s email address twice; this is a clever hack from @Medu554 that will circumvent the “Someone outside your organization messaged you, are you sure you want to view it” splash screen that might offer our targets a reason to stop and think twice about viewing the message.
The user who was identified will get the message that was sent to them along with a link to the attachment that was stored in Sharepoint after a new thread has been established between our sender and the target.
After this first message has been sent, the newly established thread will be visible in the sender’s Teams GUI and may be engaged with manually, if necessary, on a case-by-case basis. Users of TeamsPhisher are required to have a Microsoft Business account (as opposed to a personal one such as @hotmail, @outlook, etc.) that is licensed for both Teams and Sharepoint in order to utilize the software.
This indicates that you will require an AAD tenant as well as at least one user who has a license that corresponds to it. At the time of publishing, the AAD licensing center does have some free trial licenses available for download that are capable of meeting all of the prerequisites for using this product.
Before you may utilize the account with TeamsPhisher, you will have to ensure that you have at least once successfully logged into the personal Sharepoint site of the user with whom you will be exchanging messages. This should be something along the lines of tenantname-my.sharepoint.com/personal/myusername_mytenantname_onmicrosoft.com or tenantname-my.sharepoint.com/personal/myusername_mytenantname_mycustomdomain_tld. Alternatively, you could also use tenantname-my.sharepoint.com/personal/myusername_mytenantname_onmicrosoft.com.
In terms of the needs of the local community, We strongly advise upgrading to the most recent version of Python3. You will also require the authentication library developed by Microsoft:
To upload the file to a Sharepoint site, you will need to manually give the site’s name. This would most likely be required in the event if the sender’s tenant makes use of a unique domain name (for example, one that does not adhere to the xxx.onmicrosoft.com norm). Just the singular name should be used; for instance, if your SharePoint site is located at mytest.sharepoint.com, you should use the –sharepoint mytest option.
Replace TeamPhisher’s standard greeting (“Hi,”) with a personalized greeting that will be appended to the message that is supplied by the –message option. For instance, “Good afternoon,” or “Sales team,” are examples.
By default, the Sharepoint link that is provided to targets may be accessed by anybody who has the link; to restrict access to the Sharepoint file so that it can only be viewed by the target who got it, use the –securelink option. It’s possible that this will help shield your virus from the blue team.
TeamsPhisher will make an effort to determine the first name of each person it is targeting and will use that name in the welcome it sends to them. For instance, tom.jones@targettenant.onmicrosoft.com would get an email with the greeting “Hi Tom, ” as the first line of the message. This is not ideal and is dependant on the format of the emails that are being targeted; use the –preview option to see whether or not this is a suitable match for the list of emails that you are targeting.
The preview version of TeamsPhisher will be executed. This will NOT send any messages to the target users; instead, the “friendly” name that would be used by the –personalize option will be shown. In addition, a sample message that is indicative of what targets would receive with the current settings will be delivered to the sender’s Teams. You may log in to check how your message appears and make any required adjustments to it.
You may choose to have a delay of x seconds between each message sent to targets. Can be of assistance with rate-limiting concerns that may arise.
TeamsPhisher will determine which accounts are unable to receive messages from third-party organizations, which accounts do not exist, and which accounts have subscription plans that are incompatible with the attack vectors.
TeamsPhisher now enables login with sender accounts using multifactor authentication (MFA), thanks to code contributed by the TeamsEnum project.
If you use the –securelink flag, the recipients of the message will see a popup asking them to verify themselves before they can view the attachment in Sharepoint. You have the ability to determine if this adds an excessive number of additional steps or whether it adds ‘legitimacy’ by sending them via the actual Microsoft login feature.
Mitigation
By changing the choices associated with external access, which can be found in the Microsoft Teams admin center under Users > External access, companies may reduce the risk that is provided by the vulnerability that has been discovered.
Organizations are provided with the freedom to pick the optimal rights to match their requirements by Microsoft, including the ability to whitelist just particular external tenants for communications and a global block that prevents any communications from occurring.
The post How to send phishing or malware to Teams users evading Teams security features appeared first on Information Security Newspaper | Hacking News.
]]>The post How AitM attack was used to breach 10000 Organizations appeared first on Information Security Newspaper | Hacking News.
]]>The attackers then used the stolen credentials and session cookies to access the affected users’ mailboxes and carry out e-mail “spoofing” campaigns on their targets.
The intrusions involved the creation of adversary-in-the-middle(AitM) phishing sites, in which the attacker deploys a proxy server between a potential victim and the target website so that recipients of a phishing email are redirected to similar pages designed to capture credentials and MFA information.In AiTM phishing, an attacker attempts to obtain a target user’s session cookie so they can skip the whole authentication process and act on the latter’s behalf.
To do this, the attacker deploys a webserver that proxies HTTP packets from the user that visits the phishing site to the target server the attacker wishes to impersonate and the other way around. This way, the phishing site is visually identical to the original website (as every HTTP is proxied to and from the original website). The attacker also doesn’t need to craft their own phishing site like how it’s done in conventional phishing campaigns. The URL is the only visible difference between the phishing site and the actual one.
The phishing page has two different Transport Layer Security (TLS) sessions: one with the target and one with the actual website the target wants to access.
These sessions mean that the phishing page works almost like an AitM agent, intercepting the entire authentication process and extracting valuable data from HTTP requests, such as passwords and, more importantly, session cookies.
The phishing campaign detected by Microsoft was organized to identify Office 365 users by spoofing the Office online authentication page. The AiTM phishing process can currently be automated using open-source phishing toolkits and other online resources. Among the widely-used kits include Evilginx2, Modlishka, and Muraena. The actors used the Evilginx2 phishing kit to carry out the attacks.
The attacks did not end there, as the attackers abused their mailbox access for payment fraud using a technique called “email thread hijacking” to trick parties on the other end of the conversation into illicitly transferring funds to accounts under your control.
While AiTM phishing attempts to circumvent MFA, it’s important to underscore that MFA implementation remains an essential pillar in identity security. Defenders can also complement MFA with the following solutions and best practices to further protect their organizations from such types of attacks:
The post How AitM attack was used to breach 10000 Organizations appeared first on Information Security Newspaper | Hacking News.
]]>The post Are you getting spams? fast check for email address on online platforms appeared first on Information Security Newspaper | Hacking News.
]]>There are many cases on cyber bulling, stalking which shows that fake accounts are used. After the investigation, its normally found that fake accounts are the main reason for spreading rumors on any person or public figure to create an chaos among users. Most of the time Twitter becomes the main source for spreading fake news. Every news or chaos are found to be connected with any account. We will show you socialscan which is used to validate email addresses on social media accounts. Users can search by typing email addresses or using any bulk list of email addresses. Socialscan uses various social media platforms, api’s, svc-api’s. Below you can checkout the python script written by socialscan developer which clearly shows instagram, twitter, tumblr or emails, usernames are used to check the availability of email addresses.
root@kali:/home/iicybersecurity/Downloads/socialscan# pip3 --version
pip 18.1 from /usr/lib/python3/dist-packages/pip (python 3.7)
root@kali:/home/iicybersecurity/Downloads/socialscan# pip3 install socialscan
Requirement already satisfied: socialscan in /usr/local/lib/python3.7/dist-packages/socialscan-1.1.5-py3.7.egg (1.1.5)
Requirement already satisfied: aiohttp>=3.5.0 in /usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg (from socialscan) (4.0.0a1)
Requirement already satisfied: colorama in /usr/lib/python3/dist-packages (from socialscan) (0.3.7)
Requirement already satisfied: tqdm>=4.31.0 in /usr/local/lib/python3.7/dist-packages (from socialscan) (4.31.1)
Requirement already satisfied: async-timeout<4.0,>=3.0 in /usr/local/lib/python3.7/dist-packages/async_timeout-3.0.1-py3.7.egg (from aiohttp>=3.5.0->socialscan) (3.0.1)
Requirement already satisfied: attrs>=17.3.0 in /usr/local/lib/python3.7/dist-packages (from aiohttp>=3.5.0->socialscan) (19.1.0)
Requirement already satisfied: chardet<4.0,>=2.0 in /usr/lib/python3/dist-packages (from aiohttp>=3.5.0->socialscan) (3.0.4)
Requirement already satisfied: multidict<5.0,>=4.5 in /usr/local/lib/python3.7/dist-packages (from aiohttp>=3.5.0->socialscan) (4.5.2)
Requirement already satisfied: typing-extensions>=3.6.5 in /usr/local/lib/python3.7/dist-packages/typing_extensions-3.7.4.1-py3.7.egg (from aiohttp>=3.5.0->socialscan) (3.7.4.1)
Requirement already satisfied: yarl<2.0,>=1.0 in /usr/local/lib/python3.7/dist-packages (from aiohttp>=3.5.0->socialscan) (1.3.0)
Requirement already satisfied: idna>=2.0 in /usr/lib/python3/dist-packages (from yarl<2.0,>=1.0->aiohttp>=3.5.0->socialscan) (2.6)
root@kali:/home/iicybersecurity/Downloads/socialscan# python3 setup.py install
running install
running bdist_egg
running egg_info
writing socialscan.egg-info/PKG-INFO
writing dependency_links to socialscan.egg-info/dependency_links.txt
writing entry points to socialscan.egg-info/entry_points.txt
writing requirements to socialscan.egg-info/requires.txt
writing top-level names to socialscan.egg-info/top_level.txt
reading manifest file 'socialscan.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'socialscan.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_py
creating build/bdist.linux-x86_64/egg
creating build/bdist.linux-x86_64/egg/socialscan
copying build/lib/socialscan/__init__.py -> build/bdist.linux-x86_64/egg/socialscan
copying build/lib/socialscan/util.py -> build/bdist.linux-x86_64/egg/socialscan
copying build/lib/socialscan/platforms.py -> build/bdist.linux-x86_64/egg/socialscan
copying build/lib/socialscan/__main__.py -> build/bdist.linux-x86_64/egg/socialscan
copying build/lib/socialscan/cli.py -> build/bdist.linux-x86_64/egg/socialscan
byte-compiling build/bdist.linux-x86_64/egg/socialscan/__init__.py to __init__.cpython-37.pyc
byte-compiling build/bdist.linux-x86_64/egg/socialscan/util.py to util.cpython-37.pyc
byte-compiling build/bdist.linux-x86_64/egg/socialscan/platforms.py to platforms.cpython-37.pyc
byte-compiling build/bdist.linux-x86_64/egg/socialscan/__main__.py to __main__.cpython-37.pyc
byte-compiling build/bdist.linux-x86_64/egg/socialscan/cli.py to cli.cpython-37.pyc
creating build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/entry_points.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying socialscan.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
zip_safe flag not set; analyzing archive contents...
creating 'dist/socialscan-1.1.5-py3.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing socialscan-1.1.5-py3.7.egg
Removing /usr/local/lib/python3.7/dist-packages/socialscan-1.1.5-py3.7.egg
Copying socialscan-1.1.5-py3.7.egg to /usr/local/lib/python3.7/dist-packages
socialscan 1.1.5 is already the active version in easy-install.pth
Installing socialscan script to /usr/local/bin
Installed /usr/local/lib/python3.7/dist-packages/socialscan-1.1.5-py3.7.egg
Processing dependencies for socialscan==1.1.5
Searching for tqdm==4.31.1
Best match: tqdm 4.31.1
Adding tqdm 4.31.1 to easy-install.pth file
Installing tqdm script to /usr/local/bin
Using /usr/local/lib/python3.7/dist-packages
Searching for colorama==0.3.7
Best match: colorama 0.3.7
Adding colorama 0.3.7 to easy-install.pth file
Using /usr/lib/python3/dist-packages
Searching for aiohttp==4.0.0a1
Best match: aiohttp 4.0.0a1
Processing aiohttp-4.0.0a1-py3.7-linux-x86_64.egg
aiohttp 4.0.0a1 is already the active version in easy-install.pth
Using /usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg
Searching for yarl==1.3.0
Best match: yarl 1.3.0
Adding yarl 1.3.0 to easy-install.pth file
Using /usr/local/lib/python3.7/dist-packages
Searching for typing-extensions==3.7.4.1
Best match: typing-extensions 3.7.4.1
Processing typing_extensions-3.7.4.1-py3.7.egg
typing-extensions 3.7.4.1 is already the active version in easy-install.pth
Using /usr/local/lib/python3.7/dist-packages/typing_extensions-3.7.4.1-py3.7.egg
Searching for multidict==4.5.2
Best match: multidict 4.5.2
Adding multidict 4.5.2 to easy-install.pth file
Using /usr/local/lib/python3.7/dist-packages
Searching for chardet==3.0.4
Best match: chardet 3.0.4
Adding chardet 3.0.4 to easy-install.pth file
Installing chardetect script to /usr/local/bin
Using /usr/lib/python3/dist-packages
Searching for attrs==19.1.0
Best match: attrs 19.1.0
Adding attrs 19.1.0 to easy-install.pth file
Using /usr/local/lib/python3.7/dist-packages
Searching for async-timeout==3.0.1
Best match: async-timeout 3.0.1
Processing async_timeout-3.0.1-py3.7.egg
async-timeout 3.0.1 is already the active version in easy-install.pth
Using /usr/local/lib/python3.7/dist-packages/async_timeout-3.0.1-py3.7.egg
Searching for idna==2.6
Best match: idna 2.6
Adding idna 2.6 to easy-install.pth file
Using /usr/lib/python3/dist-packages
Finished processing dependencies for socialscan==1.1.5
root@kali:/home/iicybersecurity/Downloads/socialscan# socialscan --help
usage: socialscan [-h] [--platforms [platform [platform ...]]]
[--view-by {platform,query}] [--available-only]
[--cache-tokens] [--input input.txt]
[--proxy-list proxy_list.txt] [--verbose] [--version]
[query [query ...]]
Command-line interface for checking email address and username usage on online
platforms: GitHub, GitLab, Instagram, Lastfm, Pastebin, Pinterest, Reddit,
Snapchat, Spotify, Twitter, Tumblr, Yahoo
positional arguments:
query one or more usernames/email addresses to query (email
addresses are automatically be queried if they match
the format)
optional arguments:
-h, --help show this help message and exit
--platforms [platform [platform ...]], -p [platform [platform ...]]
list of platforms to query (default: all platforms)
--view-by {platform,query}
view results sorted by platform or by query (default:
query)
--available-only, -a only print usernames/email addresses that are
available and not in use
--cache-tokens, -c cache tokens for platforms requiring more than one
HTTP request (Snapchat, GitHub, Instagram. Lastfm,
Tumblr & Yahoo), reducing total number of requests
sent
--input input.txt, -i input.txt
file containg list of queries to execute
--proxy-list proxy_list.txt
file containing list of HTTP proxy servers to execute
queries with
--verbose, -v show query responses as they are received
--version show program's version number and exit
root@kali:/home/iicybersecurity/Downloads/socialscan# socialscan #######a######@gmail.com
0%| | 0/12 [0.00s]/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:977: RuntimeWarning: coroutine 'noop' was never awaited
self._resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
50%|███████████████▌ | 6/12 [0.88s]/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:518: RuntimeWarning: coroutine 'noop' was never awaited
resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:541: RuntimeWarning: coroutine 'noop' was never awaited
resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
75%|███████████████████████▎ | 9/12 [1.22s]Future exception was never retrieved
future: <Future finished exception=SSLError(1, '[SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)')>
Traceback (most recent call last):
File "/usr/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
ssldata, appdata = self._sslpipe.feed_ssldata(data)
File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
self._sslobj.unwrap()
File "/usr/lib/python3.7/ssl.py", line 778, in unwrap
return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)
Future exception was never retrieved
future: <Future finished exception=SSLError(1, '[SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)')>
Traceback (most recent call last):
File "/usr/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
ssldata, appdata = self._sslpipe.feed_ssldata(data)
File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
self._sslobj.unwrap()
File "/usr/lib/python3.7/ssl.py", line 778, in unwrap
return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)
----------------------------------------
#######a######@gmail.com
----------------------------------------
Instagram
Lastfm
Pastebin
Twitter
GitHub
Pinterest
Spotify
Tumblr
root@kali:/home/iicybersecurity/Downloads/socialscan# socialscan ja#####ep#####ki@gmail.com
0%| | 0/12 [0.00s]/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:977: RuntimeWarning: coroutine 'noop' was never awaited
self._resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
58%|██████████████████ | 7/12 [0.69s]Future exception was never retrieved
future: <Future finished exception=SSLError(1, '[SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)')>
Traceback (most recent call last):
File "/usr/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
ssldata, appdata = self._sslpipe.feed_ssldata(data)
File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
self._sslobj.unwrap()
File "/usr/lib/python3.7/ssl.py", line 778, in unwrap
return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)
75%|███████████████████████▎ | 9/12 [0.83s]/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:518: RuntimeWarning: coroutine 'noop' was never awaited
resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:541: RuntimeWarning: coroutine 'noop' was never awaited
resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
83%|█████████████████████████ | 10/12 [1.43s]Future exception was never retrieved
future: <Future finished exception=SSLError(1, '[SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)')>
Traceback (most recent call last):
File "/usr/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
ssldata, appdata = self._sslpipe.feed_ssldata(data)
File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
self._sslobj.unwrap()
File "/usr/lib/python3.7/ssl.py", line 778, in unwrap
return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)
----------------------------------------
ja#####ep#####ki@gmail.com
----------------------------------------
GitHub
Lastfm
Pastebin
Instagram
Pinterest
Spotify
Tumblr
Twitter
root@kali:/home/iicybersecurity/Downloads/socialscan# socialscan --platform instagram --input list2.txt
0%| | 0/37 [0.00s]/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:518: RuntimeWarning: coroutine 'noop' was never awaited
resp.release()
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
/usr/local/lib/python3.7/dist-packages/aiohttp-4.0.0a1-py3.7-linux-x86_64.egg/aiohttp/client.py:541: RuntimeWarning: coroutine 'noop' was never awaited
----------------------------------------
kkne########3@gmail.com
----------------------------------------
Instagram
----------------------------------------
slo#######en@gmail.com
----------------------------------------
Instagram
----------------------------------------
jame##########ki@yahoo.com
----------------------------------------
Instagram
----------------------------------------
Ky#########ps@hotmail.com
----------------------------------------
Instagram
----------------------------------------
gia#########ris@gmail.com
----------------------------------------
Instagram
----------------------------------------
big##########@gmail.com
----------------------------------------
Instagram
----------------------------------------
th##########erjwo@yahoo.com
----------------------------------------
Instagram
----------------------------------------
chu##############her@yahoo.com
----------------------------------------
Instagram
----------------------------------------
kin#########94@gmail.com
----------------------------------------
Instagram
----------------------------------------
con#########17@gmail.com
----------------------------------------
Instagram
----------------------------------------
car########g@gmail.com
----------------------------------------
----------------------------------------
sir#########lker@gmail.com
----------------------------------------
Instagram
Available, Taken/Reserved, Invalid, Error
Completed 12 queries in 4.38s
The post Are you getting spams? fast check for email address on online platforms appeared first on Information Security Newspaper | Hacking News.
]]>