I was looking for proof of concept code for some IoT botnet stuff, and came across this.
-
I was looking for proof of concept code for some IoT botnet stuff, and came across this.
However, after looking at a couple of other pages in which they claim to have a hypothetical proof of concept code, I'm realizing that the "proof of concept" is a generic example, and not in any way related to the CVE in question.
All I'm gonna say is that if you're looking for a CVe and you see this shit website ameeba in your search results, mentally filter it immediately, and fuck these assholes for posting this slop.
-
R relay@relay.infosec.exchange shared this topic
-
I was looking for proof of concept code for some IoT botnet stuff, and came across this.
However, after looking at a couple of other pages in which they claim to have a hypothetical proof of concept code, I'm realizing that the "proof of concept" is a generic example, and not in any way related to the CVE in question.
All I'm gonna say is that if you're looking for a CVe and you see this shit website ameeba in your search results, mentally filter it immediately, and fuck these assholes for posting this slop.
I'm so fucking tired of websites that just take the slop generated from the NVD and regurgitate it like the worthless slop they are. But shit like this? where they just fucking make up a proof of concept? Nah. Get absolutely fucked.
-
I'm so fucking tired of websites that just take the slop generated from the NVD and regurgitate it like the worthless slop they are. But shit like this? where they just fucking make up a proof of concept? Nah. Get absolutely fucked.
@da_667
it's downright infuriating -
@da_667
it's downright infuriating@Dio9sys aqua security, ameeba, cyfirma, and a few others all just do this shit whereby they either just vomit the exact same description on cve.org, or they'll extrapolate on it with generic and/or sometimes incredibly WRONG advice, or shit a bunch of graphs on to the page that mean NOTHING. hell, one of these "helpful sites" output a "remediation" section that was blurred out. "Pay for remediation advice, nerd."
-
@Dio9sys aqua security, ameeba, cyfirma, and a few others all just do this shit whereby they either just vomit the exact same description on cve.org, or they'll extrapolate on it with generic and/or sometimes incredibly WRONG advice, or shit a bunch of graphs on to the page that mean NOTHING. hell, one of these "helpful sites" output a "remediation" section that was blurred out. "Pay for remediation advice, nerd."
@da_667
I hate it so so so bad. That and when dudes post "proof of concept" on github and it's just a markdown file with them guessing at how it might work. Feedly always thinks that those repos are the real mccoy -
@Dio9sys aqua security, ameeba, cyfirma, and a few others all just do this shit whereby they either just vomit the exact same description on cve.org, or they'll extrapolate on it with generic and/or sometimes incredibly WRONG advice, or shit a bunch of graphs on to the page that mean NOTHING. hell, one of these "helpful sites" output a "remediation" section that was blurred out. "Pay for remediation advice, nerd."
@Dio9sys this is probably something to put up on my blog to scream about. if only to shit-talk the massive number of orgs doing this.
-
@da_667
it's downright infuriating -
-
@rootwyrm @Dio9sys @da_667 i checked this specific CVE in @vulncheck and I'm happy to report that they report no PoCs for the vuln.
They are a paid service but I suspect 'you get what you pay for' is the name of the game. Free search results? full of slop, because it makes you keep searching.
I only hope they can keep up with all the slop that is incoming, without getting overwhelmed themselves.
Of course if you happen to find one that works, then they are wrong in the other direction ;-). So far though they have been pretty good for identifying vulns that have actual, functioning poc.
-
@rootwyrm @Dio9sys @da_667 i checked this specific CVE in @vulncheck and I'm happy to report that they report no PoCs for the vuln.
They are a paid service but I suspect 'you get what you pay for' is the name of the game. Free search results? full of slop, because it makes you keep searching.
I only hope they can keep up with all the slop that is incoming, without getting overwhelmed themselves.
Of course if you happen to find one that works, then they are wrong in the other direction ;-). So far though they have been pretty good for identifying vulns that have actual, functioning poc.
@reverseics @rootwyrm @Dio9sys @vulncheck do they actually archive public proof of concept code or something like that? because if they do... IoT exploits are fucking notorious for "I got my CVE number, time for me delete this entire github repo." bullshit.
-
@reverseics @rootwyrm @Dio9sys @vulncheck do they actually archive public proof of concept code or something like that? because if they do... IoT exploits are fucking notorious for "I got my CVE number, time for me delete this entire github repo." bullshit.
@da_667 @reverseics @Dio9sys I would straight up guarantee all of the ones sitting at the top of the DDG/Kagi/WTF-even-try results are doing no such thing.
I can spot them from a mile away because they're *ALL* the exact same obvious slop that is literally pure LLM regurgitation with no human review at all.
e.g. Ameeba doesn't even DO that shit, they're allegedly a 'private workspace for modern work' 'built on encrypted identity.' With LLMs and vibe-coding, of course.
-
@reverseics @rootwyrm @Dio9sys @vulncheck do they actually archive public proof of concept code or something like that? because if they do... IoT exploits are fucking notorious for "I got my CVE number, time for me delete this entire github repo." bullshit.
@reverseics @rootwyrm @Dio9sys @vulncheck which is part of why I wrote IoT_Hunter to have a function to submit reference urls for an exploit to the internet archive. Because I'm seriously tired of that shit.
-
@reverseics @rootwyrm @Dio9sys @vulncheck do they actually archive public proof of concept code or something like that? because if they do... IoT exploits are fucking notorious for "I got my CVE number, time for me delete this entire github repo." bullshit.
@da_667 @rootwyrm @Dio9sys @vulncheck they don't appear to store poc, but they do provide links. I'm not sure if they auto-submit links to archive.org or how often they verify that the links are live. interesting questions...
