So apparently, the web key certificate used for vanwanet.com/sys.8kun.top on my end is fake.
Opens up for possibilities like MITM attacks and opening my system up for exploitation.
I'm not sure if it's just happening to me, or if it's widespread. Careful out there anons.
Test for yourself:
https://www.ssllabs.com/ssltest/
It appears that root certs on my end are comped.
Which also means the possibility that websites, software/updates, etc are comped. I've had strange habbenings with OS fuckery and strange timing with updates as well.
Either way I'm still here. As long as I have a means, I always will be.
Vanwanet.com uses a certificate that doesn't match. It doesn't even us SNI. A root cert in the chain that is self signed. On my end.
No, I ran from sys.8kun.top.
Certificate #2 which is vanwanet.com.
DST Root CA X3 Self-signed.
I've tried different DNS servers.
My guess is I'm getting dns poisioning and trust store of root certs swapped out with comp'd ones.
I think it goes a bit deeper than that.
A chain of vulnerabilities are being used. DNS poisoning is just a step in this chain.
It doesn't just habben here on 8kun. It's happening to every website I go to.
sys.8kun.top does not resolve to any of those IPs. However I believe it's being executed through remote hosts that act as malicious web shells. Everything is routed to somewhere else before I get to a final destination. Even whois quarries are comped when used.
@USNavy
We've got the night shift
Forward-deployed USS America (LHA 6) and @31stMeu
conduct night time #FltOps in the Philippine Sea to support a #FreeAndOpenIndoPacific #MondayMotivation
: Jonathan D. Berlier
https://twitter.com/USNavy/status/1430154212361621512
night shift eh?
Hmm, maybe those root CAs are the foot in the door. By way of internet infrastructure, it's insecure by default. Wasn't DARPA the ones who created internet infrastructure?