<center>https://images.hive.blog/DQmTjA2YurzfHQnUi9Rc29hmVGe3zmJuhrAGezc32Cd9zRb/image.png <sub>[src](https://cdn.pixabay.com/photo/2020/08/13/16/55/hacker-5485843__340.png)</sub></center> In the past few weeks I found <a href="https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf#comments">some XSS vulnerabilities</a> in some Hive tools. After reporting them to witnesses and devs that maintained those apps, I decided it would be helpful to add to @keys-defender's list of weapons the ability to timely detect potential code injection attempts. This should mitigate the issue of attackers targeting the Hive ecosystem of apps and tools. <br>This bot now uses the following to try to detect potential malicious code published in blocks: ~300 fragments of code for <b>XSS (Cross Site Scripting)</b> ~50 fragments of code for <b>SQL injections</b> ~20 fragments of code for <b>CSRF (Cross Site Request Forgery)</b> ~ ... These dictionaries will grow in size and be adjusted based on false positives. <center><sub>Logs of the new code injection detection feature</sub>https://images.hive.blog/DQmW5po4MKUSEsMHiRCnPoGCs13KpBkEoc7b1oCmeuknyeB/image.png </center> <br> If the code injection is attempted in a post or comment (eg. this [test comment of mine](https://hiveblocks.com/x/@b0t5-testing/demo-xss-39533453)), the author will now receive an immediate reply from this bot:<center> <sub>Logs for code injection checks</sub> https://images.hive.blog/DQmSSnN5gxiHhoLCsFwy92ALsG4R3FiDL6xRAKWXScVuZVS/image.png</center> <center><sub><br>Example of @keys-defender's reply</sub> https://images.hive.blog/DQmUWWMhXSnmDdkWPRGXMecCeqhe3hdDLxgz8D1ozj4t9aY/image.png</center> <br>A notification is also immediately sent to my [Discord server](https://discord.gg/SXuwsH7) so that I or witnesses and volunteers in it can investigate and react accordingly to report and fix the targeted website or tool. Clearly if a bad actor was indeed trying to compromise a website, their account name would also been known because, as per the blockchain design, past blocks cannot be edited or deleted. <center> <sub>Discord notification example</sub> https://images.hive.blog/DQmVbGu83dSUaNBkHYcEgFKxTFpDeEd1AkSiakXsFnrkFwc/image.png</center> <br><br>A whitelist is also in use so that known Hive apps devs like @louis88 won't be bothered while testing dapps for vulnerabilities. <center><sub>My own code injection attempt ignored because I'm on the whitelist</sub> </sub>https://images.hive.blog/DQmV9DXk47xi8xJ3urs4BkZ1mukyhuf3RsijVurNFKa2TV4/image.png</center> <br>Stay tuned for more updates and please feel free to suggest new features and improvements! 😎 ----- ----- <div class="pull-left"> <sub><b>Keys protection main features:</b></sub> <br>- <sub><a href="https://hive.blog/steem/@gaottantacinque/the-keys-defender-bot-is-live-in-beta-mode">Introductory post for @keys-defender launch</a></sub> <br>- <sub><a href="https://hive.blog/steem/@keys-defender/successfullyprotected-1599725656390">Automatic-posts</a> on leak detection, <a href="https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275">weekly reports</a></sub> <sub><br><b>Other features:</b></sub> <i>-</i> <sub><a href="https://hive.blog/hive/@keys-defender/new-feature-phishing-detection-and-auto-reply">Phishing protection</a></sub> <i>-</i> <sub><a href="https://hive.blog/hivedev/@keys-defender/new-feature-added-to-keys-defender-plagiarism-detection">Re-posting detection</a></sub> </div> <div class="pull-right"> <sub><b>My past security disclosures (from most recent):</b></sub> <br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/xss-found-in-one-of-drako-s-websites-will-add-details-after-it-s-patched">XSS vulnerabilities in scribe.hivekings.com</a></sub> <br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/hiveblockexplorer-com-is-vulnerable-to-stored-xss">XSS vulnerabilities in hiveblockexplorer.com</a></sub> <br>- <sub><a href="https://hive.blog/steemit/@gaottantacinque/steemit-got-hacked">Malicious ads redirecting all Steemit iOS users to a phishing site</a></sub> <br>- <sub><a href="https://hive.blog/security/@gaottantacinque/steemit-chat-is-unsafe">Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page</a></sub> </div> ----- ----- <div class="pull-left"><h5>To support this bot..<br></h5> - <b><sub>Delegation links:</sub></b><br> <sub><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=10%20SP">10 HP</a> <a href="20 HP</a>https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=20%20SP">20 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=30%20SP">30 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=40%20SP">40 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=50%20SP">50 HP</a><br><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=100%20SP">100 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=200%20SP">200 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=500%20SP">500 HP</a> <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=1000%20SP">1000 HP</a></sub></div> <div class="pull-right"><br>- <b><sub>Curation trail</sub></b> <br><sub><sub>Follow @keys-defender's curation trail to upvote all its posts with a fixed vote weight. HOW: search "keys-defender" on Hive.Vote: https://hive.vote/dash.php?trail=keys-defender&i=1</sub></sub></div>
author | keys-defender |
---|---|
permlink | new-feature-code-injections-attempts-detection-xss-sql-injections-csrf |
category | hive-139531 |
json_metadata | "{"app":"hiveblog/0.1","format":"markdown","image":["https://images.hive.blog/DQmTjA2YurzfHQnUi9Rc29hmVGe3zmJuhrAGezc32Cd9zRb/image.png","https://images.hive.blog/DQmW5po4MKUSEsMHiRCnPoGCs13KpBkEoc7b1oCmeuknyeB/image.png","https://images.hive.blog/DQmSSnN5gxiHhoLCsFwy92ALsG4R3FiDL6xRAKWXScVuZVS/image.png","https://images.hive.blog/DQmUWWMhXSnmDdkWPRGXMecCeqhe3hdDLxgz8D1ozj4t9aY/image.png","https://images.hive.blog/DQmVbGu83dSUaNBkHYcEgFKxTFpDeEd1AkSiakXsFnrkFwc/image.png","https://images.hive.blog/DQmV9DXk47xi8xJ3urs4BkZ1mukyhuf3RsijVurNFKa2TV4/image.png"],"links":["https://cdn.pixabay.com/photo/2020/08/13/16/55/hacker-5485843__340.png","https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf#comments","https://hiveblocks.com/x/@b0t5-testing/demo-xss-39533453","https://discord.gg/SXuwsH7","https://hive.blog/steem/@gaottantacinque/the-keys-defender-bot-is-live-in-beta-mode","https://hive.blog/steem/@keys-defender/successfullyprotected-1599725656390","https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275","https://hive.blog/hive/@keys-defender/new-feature-phishing-detection-and-auto-reply","https://hive.blog/hivedev/@keys-defender/new-feature-added-to-keys-defender-plagiarism-detection","https://hive.blog/hive/@gaottantacinque/xss-found-in-one-of-drako-s-websites-will-add-details-after-it-s-patched","https://hive.blog/hive/@gaottantacinque/hiveblockexplorer-com-is-vulnerable-to-stored-xss","https://hive.blog/steemit/@gaottantacinque/steemit-got-hacked","https://hive.blog/security/@gaottantacinque/steemit-chat-is-unsafe","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=10%20SP","20 HP</a>https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=20%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=30%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=40%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=50%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=100%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=200%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=500%20SP","https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=1000%20SP","https://hive.vote/dash.php?trail=keys-defender&i=1"],"tags":["security","hacking","hivedev","introduceyourself","bot","neoxian","palnet"],"users":["keys-defender","louis88"]}" |
created | 2020-09-17 03:32:57 |
last_update | 2020-09-18 16:19:30 |
depth | 0 |
children | 12 |
last_payout | 2020-09-24 03:32:57 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 5.284 HBD |
curator_payout_value | 5.042 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 5,923 |
author_reputation | 89,741,592,852,263 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,669,033 |
net_rshares | 37,314,122,718,008 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
tombstone | 0 | 16,208,059,379 | 0.75% | ||
pfunk | 0 | 4,236,361,582,784 | 50% | ||
kenny-crane | 0 | 329,148,714,710 | 50% | ||
donatello | 0 | 2,096,476,011 | 3% | ||
arcange | 0 | 3,135,442,251,062 | 100% | ||
raphaelle | 0 | 2,802,362,392 | 3% | ||
frankbacon | 0 | 115,465,060,433 | 100% | ||
steevc | 0 | 689,394,468,833 | 46% | ||
titusfrost | 0 | 165,559,348,464 | 100% | ||
seckorama | 0 | 26,982,560,846 | 30% | ||
rishi556 | 0 | 30,040,206,253 | 100% | ||
vannour | 0 | 22,292,652,364 | 25% | ||
steemworld | 0 | 879,140,024 | 25% | ||
keuudeip | 0 | 2,132,196,190 | 12.5% | ||
edb | 0 | 29,521,779,484 | 23% | ||
pedir-museum | 0 | 542,070,398 | 25% | ||
steemitboard | 0 | 5,641,222,290 | 3% | ||
borislavzlatanov | 0 | 145,335,468,425 | 100% | ||
ocisly | 0 | 11,001,976,073 | 100% | ||
imperfect-one | 0 | 2,666,813,939 | 100% | ||
amberyooper | 0 | 113,432,395,673 | 50% | ||
kodaxx | 0 | 121,106,229,453 | 100% | ||
fredrikaa | 0 | 1,023,625,612,261 | 100% | ||
aditor | 0 | 5,541,936,421 | 100% | ||
drakos | 0 | 1,373,498,578,260 | 100% | ||
vallesleoruther | 0 | 88,306,073,703 | 100% | ||
nicniezgrublem | 0 | 4,311,993,563 | 100% | ||
themarkymark | 0 | 2,281,663,869,554 | 10% | ||
khalil319 | 0 | 1,216,582,706 | 50% | ||
spiceboyz | 0 | 51,522,038,489 | 30% | ||
tipu | 0 | 2,416,553,441,887 | 7% | ||
buildawhale | 0 | 7,442,255,092,658 | 10% | ||
joshman | 0 | 1,076,785,170,462 | 20% | ||
therealwolf | 0 | 694,925,110,114 | 2.5% | ||
jlsplatts | 0 | 93,101,331,524 | 10% | ||
makerhacks | 0 | 28,846,440,689 | 10% | ||
spacesheep | 0 | 4,704,320,106 | 100% | ||
liverpool-fan | 0 | 578,579,491 | 15% | ||
gianluccio | 0 | 28,511,151,135 | 18% | ||
ciuoto | 0 | 20,996,886,634 | 65% | ||
smartsteem | 0 | 141,541,900,576 | 2.5% | ||
nathen007 | 0 | 21,167,167,200 | 100% | ||
marcolino76 | 0 | 11,675,363,809 | 30% | ||
straykat | 0 | 7,781,951,518 | 15% | ||
fourfourfun | 0 | 7,222,000,908 | 25% | ||
upmyvote | 0 | 7,424,650,404 | 10% | ||
bartheek | 0 | 10,032,322,296 | 3.5% | ||
alequandro | 0 | 8,115,356,124 | 15% | ||
mirkon86 | 0 | 946,533,195 | 30% | ||
santarius | 0 | 2,043,166,742 | 100% | ||
acronyms | 0 | 1,502,617,092 | 100% | ||
knfitaly | 0 | 372,698,084,205 | 52.09% | ||
pab.ink | 0 | 9,902,706,140 | 15% | ||
philnewton | 0 | 1,373,626,491 | 18.75% | ||
tobias-g | 0 | 24,531,696,095 | 7.5% | ||
shmoogleosukami | 0 | 7,868,282,037 | 25% | ||
dirapa | 0 | 98,353,629,200 | 100% | ||
piumadoro | 0 | 4,196,400,052 | 15% | ||
happy-soul | 0 | 15,446,828,735 | 3.5% | ||
condeas | 0 | 1,997,069,818,992 | 100% | ||
movement19 | 0 | 3,294,519,863 | 2.5% | ||
mad-runner | 0 | 36,228,315,745 | 21% | ||
sbarandelli | 0 | 6,952,592,557 | 30% | ||
vittoriozuccala | 0 | 9,308,724,004 | 15% | ||
louis88 | 0 | 493,503,895,777 | 40% | ||
lycos | 0 | 1,171,273,689 | 15% | ||
spaghettiscience | 0 | 41,771,986,945 | 30% | ||
lorenzopistolesi | 0 | 47,377,390,389 | 30% | ||
payroll | 0 | 82,653,293,222 | 2% | ||
oscurity | 0 | 7,254,068,180 | 24% | ||
saboin | 0 | 482,050,175,131 | 50% | ||
bafi | 0 | 2,053,986,069 | 30% | ||
phage93 | 0 | 26,191,450,125 | 62% | ||
glodniwiedzy | 0 | 1,828,571,015 | 100% | ||
enforcer48 | 0 | 121,631,615,880 | 15% | ||
angatt | 0 | 3,217,493,024 | 50% | ||
cryptoandcoffee | 0 | 273,858,324,872 | 25% | ||
acquarius30 | 0 | 2,564,698,867 | 30% | ||
apshamilton | 0 | 325,934,650,518 | 100% | ||
gaottantacinque | 0 | 8,043,569,931 | 100% | ||
longer | 0 | 833,915,425 | 1.75% | ||
nattybongo | 0 | 11,947,071,053 | 3% | ||
cmplxty | 0 | 63,367,408,342 | 20% | ||
armandosodano | 0 | 96,923,637,392 | 21% | ||
lifeskills-tv | 0 | 43,982,147,146 | 100% | ||
pardinus | 0 | 55,444,562,556 | 51% | ||
hamismsf | 0 | 563,349,456,664 | 100% | ||
ilnegro | 0 | 56,444,268,375 | 15% | ||
yaelg | 0 | 46,245,826,712 | 90% | ||
tommasobusiello | 0 | 6,544,462,521 | 24% | ||
badpupper | 0 | 3,260,264,542 | 100% | ||
coccodema | 0 | 4,300,983,429 | 30% | ||
engrave | 0 | 1,789,349,303,295 | 100% | ||
foodfightfriday | 0 | 22,527,936,072 | 20% | ||
marcocasario | 0 | 326,970,917,142 | 100% | ||
laissez-faire | 0 | 112,079,965 | 100% | ||
javier.dejuan | 0 | 1,201,772,817 | 15% | ||
elyon | 0 | 1,302,804,597 | 15% | ||
kuku-splatts | 0 | 7,292,967,555 | 40% | ||
ibc | 0 | 5,098,558,844 | 100% | ||
itegoarcanadei | 0 | 880,227,370 | 30% | ||
merlin7 | 0 | 1,293,663,563,284 | 100% | ||
gameeit | 0 | 3,007,576,148 | 100% | ||
linuxbot | 0 | 692,413,652 | 100% | ||
middleearth | 0 | 1,203,384,433 | 30% | ||
adinapoli | 0 | 3,794,282,786 | 15% | ||
akireuna | 0 | 1,915,427,564 | 30% | ||
bgornicki | 0 | 1,166,378,356 | 100% | ||
discovery-it | 0 | 234,287,894,469 | 30% | ||
jaguar.force | 0 | 15,610,434,821 | 100% | ||
clifun | 0 | 500,403,841 | 100% | ||
jpbliberty | 0 | 495,840,808,075 | 100% | ||
bluerobo | 0 | 104,386,247,441 | 100% | ||
kork75 | 0 | 2,167,430,857 | 15% | ||
lallo | 0 | 4,949,271,166 | 30% | ||
hanke | 0 | 7,044,968,353 | 100% | ||
cooperfelix | 0 | 1,931,682,789 | 21% | ||
abbenay | 0 | 1,052,815,252 | 5% | ||
src3 | 0 | 8,113,989,031 | 12.5% | ||
kryptogames | 0 | 33,013,226,089 | 7% | ||
titti | 0 | 11,310,841,303 | 30% | ||
maryincryptoland | 0 | 7,098,366,659 | 30% | ||
epicdice | 0 | 5,534,910,050 | 0.75% | ||
stregamorgana | 0 | 2,204,019,061 | 30% | ||
meeplecomposer | 0 | 2,347,242,141 | 18% | ||
libertycrypto27 | 0 | 53,579,800,166 | 30% | ||
tinyhousecryptos | 0 | 528,949,273 | 5% | ||
maruskina | 0 | 9,184,799,196 | 15% | ||
claudietto | 0 | 2,551,652,017 | 15% | ||
omodei | 0 | 3,457,434,651 | 30% | ||
ilovecanada | 0 | 96,401,168 | 50% | ||
cryptogambit | 0 | 1,441,052,202 | 7.5% | ||
astil.codex | 0 | 345,981,140 | 70% | ||
golden.future | 0 | 25,178,948,938 | 20% | ||
ssiena | 0 | 3,306,581,609 | 20% | ||
condeas.pal | 0 | 838,232,582 | 90% | ||
ilias.fragment | 0 | 335,721,608 | 70% | ||
capitanonema | 0 | 3,710,411,046 | 30% | ||
damaskinus | 0 | 619,287,001 | 15% | ||
idig | 0 | 4,051,934,066 | 10% | ||
urtrailer | 0 | 194,538,058,535 | 40% | ||
bcm | 0 | 1,666,890,475 | 5.25% | ||
joshmania | 0 | 15,683,104,673 | 13.8% | ||
tonimontana.neo | 0 | 0 | 0.25% | ||
dappstats | 0 | 3,643,736,905 | 15% | ||
axel-blaze | 0 | 453,858,715,492 | 30% | ||
discovery-blog | 0 | 3,580,475,760 | 30% | ||
zacknorman97 | 0 | 23,866,412,147 | 30% | ||
riccc96 | 0 | 11,772,899,174 | 15% | ||
splatts | 0 | 36,058,140,592 | 40% | ||
delilhavores | 0 | 7,217,943,187 | 30% | ||
hjmarseille | 0 | 3,853,428,863 | 27% | ||
boomalex | 0 | 573,206,749 | 25.5% | ||
machete9595 | 0 | 557,069,520 | 25.5% | ||
mengene | 0 | 1,011,220,446 | 15% | ||
keys-defender | 0 | 29,834,821,644 | 100% | ||
romytokic | 0 | 938,074,122 | 15% | ||
stuntman.mike | 0 | 47,709,130,410 | 100% | ||
fengchao | 0 | 2,109,921,536 | 2% | ||
blue-witness | 0 | 2,274,419,001 | 100% | ||
peterpanpan | 0 | 29,212,059,221 | 30% | ||
quello | 0 | 32,076,973,949 | 7.5% | ||
meppij | 0 | 110,973,932,931 | 30% | ||
matteus57 | 0 | 1,152,507,734 | 30% | ||
hextech | 0 | 6,502,465,635 | 66% | ||
posterman | 0 | 0 | 100% | ||
wlslink | 0 | 3,952,943,978 | 100% | ||
raven.icu | 0 | 2,497,676,366 | 100% | ||
flewsplash | 0 | 4,859,103,006 | 30% | ||
w-splatts | 0 | 6,814,509,524 | 40% | ||
recoveryinc | 0 | 229,842,567,200 | 5% | ||
hive-108278 | 0 | 16,682,410,597 | 50% | ||
crazy-science | 0 | 580,619,787 | 50% |
I think this update might be getting false positives with Vimm Livestreams, just had a VoD replay post get a notification about malicious code from y'all. Edit: Devs whitelisted Vimm, all is good. Thanks, mates.
author | badpupper |
---|---|
permlink | re-keys-defender-qgscwi |
category | hive-139531 |
json_metadata | {"app":"hiveblog/0.1"} |
created | 2020-09-17 04:38:45 |
last_update | 2020-09-17 04:41:54 |
depth | 1 |
children | 1 |
last_payout | 2020-09-24 04:38:45 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 212 |
author_reputation | 70,670,640,025,038 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,669,656 |
net_rshares | 0 |
@badpupper I now whitelisted vimm.com. Thanks for notifying me and apologies for the disturbance. 🙂👍
author | keys-defender |
---|---|
permlink | qgsd13 |
category | hive-139531 |
json_metadata | {"users":["badpupper"],"app":"hiveblog/0.1"} |
created | 2020-09-17 04:41:27 |
last_update | 2020-09-17 04:41:27 |
depth | 2 |
children | 0 |
last_payout | 2020-09-24 04:41:27 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 102 |
author_reputation | 89,741,592,852,263 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,669,679 |
net_rshares | 3,131,487,611 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
badpupper | 0 | 3,131,487,611 | 100% |
<div class='pull-right'>https://files.peakd.com/file/peakd-hive/beerlover/yiuU6bdf-beerlover20gives20BEER.gif<p><sup><a href='https://hive-engine.com/?p=market&t=BEER'>View or trade </a> <code>BEER</code>.</sup></p></div><center><br> <p> Hey @keys-defender, here is a little bit of <code>BEER</code> from @steevc for you. Enjoy it!</p> <p>Learn how to <a href='https://peakd.com/beer/@beerlover/what-is-proof-of-stake-with-beer'>earn <b>FREE BEER</b> each day </a> by staking your <code>BEER</code>.</p> </center><div></div>
author | beerlover |
---|---|
permlink | re-new-feature-code-injections-attempts-detection-xss-sql-injections-csrf-20200917t091514z |
category | hive-139531 |
json_metadata | "{"app": "beem/0.23.11"}" |
created | 2020-09-17 09:15:15 |
last_update | 2020-09-17 09:15:15 |
depth | 1 |
children | 0 |
last_payout | 2020-09-24 09:15:15 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 524 |
author_reputation | 24,770,396,872,031 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,672,498 |
net_rshares | 0 |
<div class="pull-left">https://cdn.steemitimages.com/DQmTAn3c753LR7bHCLPo96g9UvRMaPFwaMYn8VQZa85xczC/discovery_logo_colore%20-%20Copia.png</div><br> This post was shared and voted inside the discord by the curators team of <a href="https://discord.gg/cMMp943"> discovery-it</a> <br>Join our community! <a href = "https://hive.blog/trending/hive-193212"> hive-193212</a><br>Discovery-it is also a Witness, vote for us <a href = "https://hivesigner.com/sign/account-witness-vote?witness=discovery-it&approve=true"> here</a> <br>Delegate to us for passive income. Check our <a href = "https://hive.blog/hive-193212/@discovery-it/delegations-program-80-fee-back"> 80% fee-back Program</a> <hr>
author | discovery-it |
---|---|
permlink | re-keys-defender-2jk41l36e9 |
category | hive-139531 |
json_metadata | "" |
created | 2020-09-17 07:36:21 |
last_update | 2020-09-17 07:36:21 |
depth | 1 |
children | 0 |
last_payout | 2020-09-24 07:36:21 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 689 |
author_reputation | 47,693,544,325,267 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,671,303 |
net_rshares | 0 |
Yesterday you downvoted a false positive. You say it's in investigation . Why triggering a downvote trail before beeing sure of your assumptions ? It's wrong as it downs people's reputation. Further more, you upvote your owncomments, which is not .... well seen by many ... Can you please update your bot to **ONLY DOWNVOTE** AFTER your verification and not before? My comment is 100% legit. I waited 24h before posting this. I hope you will react.
author | itharagaian |
---|---|
permlink | re-keys-defender-ryb2x9 |
category | hive-139531 |
json_metadata | {"tags":"hive-139531"} |
created | 2023-07-24 14:58:21 |
last_update | 2023-07-25 07:02:21 |
depth | 1 |
children | 1 |
last_payout | 2023-07-31 14:58:21 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 455 |
author_reputation | 93,155,864,581,563 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 125,600,666 |
net_rshares | 0 |
solve dnow. thx
author | itharagaian |
---|---|
permlink | re-itharagaian-rycbib |
category | hive-139531 |
json_metadata | {"tags":["hive-139531"],"app":"peakd/2023.7.1"} |
created | 2023-07-25 07:01:24 |
last_update | 2023-07-25 07:01:24 |
depth | 2 |
children | 0 |
last_payout | 2023-08-01 07:01:24 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 15 |
author_reputation | 93,155,864,581,563 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 125,624,063 |
net_rshares | 0 |
!discovery 30
author | phage93 |
---|---|
permlink | qgsl45 |
category | hive-139531 |
json_metadata | {"app":"hiveblog/0.1"} |
created | 2020-09-17 07:36:06 |
last_update | 2020-09-17 07:36:06 |
depth | 1 |
children | 0 |
last_payout | 2020-09-24 07:36:06 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 13 |
author_reputation | 71,295,879,444,986 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,671,296 |
net_rshares | 0 |
If feeling_nasty then do_bad_stuff_and_steal_keys Will it pick that up :) This is good work as there will be bad actors out there. I would hope people are using things like Keychain to reduce the exposure of their keys, but many will not. Thanks and have a !BEER
author | steevc |
---|---|
permlink | qgspoy |
category | hive-139531 |
json_metadata | {"app":"hiveblog/0.1"} |
created | 2020-09-17 09:15:00 |
last_update | 2020-09-17 09:15:00 |
depth | 1 |
children | 2 |
last_payout | 2020-09-24 09:15:00 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.028 HBD |
curator_payout_value | 0.028 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 267 |
author_reputation | 1,047,093,469,345,700 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,672,497 |
net_rshares | 349,027,943,042 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
marcocasario | 0 | 322,804,838,340 | 100% | ||
keys-defender | 0 | 26,223,104,702 | 100% |
@steevc Well it looks like it didn't, you gotta be one of the good guys then 😉 It's not only about the keys this time. The purpose of this feature is to detect early attackers targeting websites and Apps in the Hive ecosystem trying to inject malicious code in blocks to see if it executes in the platform under test. It's a preventive measure that will allow us to know in a timely matter if someone is trying something funky and hopefully even discourage them too as their account name will immediately be known.
author | keys-defender |
---|---|
permlink | qgu7nw |
category | hive-139531 |
json_metadata | {"users":["steevc"],"app":"hiveblog/0.1"} |
created | 2020-09-18 04:40:45 |
last_update | 2020-09-18 04:41:33 |
depth | 2 |
children | 1 |
last_payout | 2020-09-25 04:40:45 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.025 HBD |
curator_payout_value | 0.025 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 515 |
author_reputation | 89,741,592,852,263 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,688,145 |
net_rshares | 327,247,646,813 |
author_curate_reward | "" |
voter | weight | wgt% | rshares | pct | time |
---|---|---|---|---|---|
steevc | 0 | 327,247,646,813 | 21% |
We have to be vigilant. With so much money at stake there are bound to be attacks. Thanks.
author | steevc |
---|---|
permlink | re-keys-defender-qguhn0 |
category | hive-139531 |
json_metadata | {"tags":["hive-139531"],"app":"peakd/2020.09.4"} |
created | 2020-09-18 08:16:12 |
last_update | 2020-09-18 08:16:12 |
depth | 3 |
children | 0 |
last_payout | 2020-09-25 08:16:12 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 90 |
author_reputation | 1,047,093,469,345,700 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,690,477 |
net_rshares | 0 |
Hmm is there even any reported case of using json metadata to steal keys?
author | tngflx |
---|---|
permlink | re-keys-defender-qgu6mp |
category | hive-139531 |
json_metadata | {"tags":["hive-139531"],"app":"peakd/2020.09.4"} |
created | 2020-09-18 04:18:24 |
last_update | 2020-09-18 04:18:24 |
depth | 1 |
children | 1 |
last_payout | 2020-09-25 04:18:24 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 74 |
author_reputation | 17,396,455,988,713 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,687,946 |
net_rshares | 0 |
@tngflx No, I'm not sure if anyone ever compromised a site/app in that way but I've seen people testing those attributes too, yes. Eg. See louis88 (dev, good guy) testing various fields (in several frontends) including communities names and tags: hive.blog/@louis.random And bear in mind that this bot scans every single type of operation published into Hive, not only the json metadata of posts and comments. I check for leaked keys and potential malicious code in: <i>comment, transfer, custom_json, vote, account_create, account_witness_vote</i>, .. you name it. When I did find an active key in an <i>account_update</i> operation it taught me that some human errors will surprise you. The highest values of saved accounts that leaked their ACTIVE keys so far are: $ ~28,000, $8,000, $1,000. :)
author | keys-defender |
---|---|
permlink | qgu7db |
category | hive-139531 |
json_metadata | {"users":["tngflx"],"app":"hiveblog/0.1"} |
created | 2020-09-18 04:34:24 |
last_update | 2020-09-18 04:42:57 |
depth | 2 |
children | 0 |
last_payout | 2020-09-25 04:34:24 |
cashout_time | 1969-12-31 23:59:59 |
total_payout_value | 0.000 HBD |
curator_payout_value | 0.000 HBD |
pending_payout_value | 0.000 HBD |
promoted | 0.000 HBD |
body_length | 808 |
author_reputation | 89,741,592,852,263 |
root_title | "New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]" |
beneficiaries | [] |
max_accepted_payout | 1,000,000.000 HBD |
percent_hbd | 10,000 |
post_id | 99,688,095 |
net_rshares | 0 |