Trolling InfoSec

 Below is an Archive of the Message as it was posted you can see the full story and you can so see the information at the following link

In this blog-post, Zepherfish and TJnull go in depth into a project we worked on which Zerpherfish developed a Fake Proof of Concept for CVE-2020-1350, and we turned it into a Honeypot by installing multiple different CanaryTokens into the code.

What turned out was amazing, we had discovered Insider Threats to companies, had mapped internal company networks, got IP ranges belonging to places we didn’t even know existed and in the end of it all, we brought awareness to many in the cyber security community…. DON’T JUST RUN CODE BLINDLY… or jump to the best first to report as we had seen in multiple cases *cough Automated Intelligence Feeds cough*

 

https://blog.zsec.uk/cve-2020-1350-honeypoc/