New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]
In the past few weeks I found some XSS vulnerabilities in some Hive tools.
After reporting them to witnesses and devs that maintained those apps, I decided it would be helpful to add to 's list of weapons the ability to timely detect potential code injection attempts. This should mitigate the issue of attackers targeting the Hive ecosystem of apps and tools.
This bot now uses the following to try to detect potential malicious code published in blocks:
~300 fragments of code for XSS (Cross Site Scripting)
~50 fragments of code for SQL injections
~20 fragments of code for CSRF (Cross Site Request Forgery) ...These dictionaries will grow in size and be adjusted based on false positives.
Logs of the new code injection detection feature
If the code injection is attempted in a post or comment (eg. this test comment of mine), the author will now receive an immediate reply from this bot:
Logs for code injection checks
A notification is also immediately sent to my Discord server so that I or witnesses and volunteers in it can investigate and react accordingly to report and fix the targeted website or tool.
Clearly if a bad actor was indeed trying to compromise a website, their account name would also been known because, as per the blockchain design, past blocks cannot be edited or deleted.
Discord notification example
A whitelist is also in use so that known Hive apps devs like won't be bothered while testing dapps for vulnerabilities.
Stay tuned for more updates and please feel free to suggest new features and improvements! 😎
- Introductory post for @keys-defender launch
- Automatic-posts on leak detection, weekly reports
Other features:
- Phishing protection
- Re-posting detection
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Leave New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF] to:
Read more #security posts
Best Posts From Keys Defender
We have not curated any of keys-defender's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From Keys Defender
- Looking for info about domains marked as phishing
- Hive App subject to multiple security vulnerabilities
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised MEMO key successfully detected
- Leak -- Compromised OWNER key successfully protected [$ 131]
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised MEMO key successfully detected
- HIVESURVEY.vercel.app = NOT Phishing. But Stay vigilant.
- Leak -- Compromised POSTING key successfully protected
- HIVESURVEY.vercel.app = NOT Phishing. But Stay vigilant.
- HIVESURVEY.vercel.app = NOT Phishing. But Stay vigilant.
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised MEMO key successfully detected
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised POSTING key successfully protected
- Join Hive at BREATHE! Las Vegas September 13-15, 2023: A Future Tech Web3 Convention
- Leak -- Compromised POSTING key successfully protected
- Leak -- Compromised POSTING key successfully protected