[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vr / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / asp / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / qst / sci / soc / sp / tg / toy / trv / tv / vp / wsg / wsr / x] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology


Thread archived.
You cannot reply anymore.



Previous threads: [ https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/type/op/ ]
Last thread: [>>73080687]
- - - - - -
/cyb/erpunk
The alt.cyberpunk FAQ (V5.28) [ ftp://50.31.112.231/pub/Alt_Cyberpunk_FAQ_V5_preview28.htm ]
What is cyberpunk?: [ https://pastebin.com/pmn9vzWZ ]
Cyberpunk directory (Communities/IRC and other resources): [ https://pastebin.com/AJYry5NH ]
Cyberpunk media (Recommended cyberpunk fiction): [ https://pastebin.com/Dqfa6uXx ]
The cyberdeck: [ https://pastebin.com/7fE4BVBg ]
- - - - - -
/sec/urity
The /sec/ Career FAQ (V1.11) [ ftp://50.31.112.231/pub/sec_FAQ_V1_Preview11.htm ]
"Shit just got real": [ https://pastebin.com/rqrLK6X0 ]
Cybersecurity basics and armory: [ https://pastebin.com/v8Mr2k95 ]
Reference books (PW: ABD52oM8T1fghmY0): [ https://mega.nz/#F!YigVhZCZ!RznVxTiA0iN-N6Ps01pEJw ]
/sec/ PDFs: [ https://mega.nz/#F!zGJT1QQQ!O-8yiH845GN26ajAvkoLkA ]
Learning/News/CTFs: [ https://pastebin.com/WQhRYB59 ]
FTP Backup: ftp://50.31.112.231/pub
thegrugq OPSEC: [ https://grugq.github.io/ ]
#! sec guide [ https://pastebin.com/aPr5R1pj ]
EFF anti-surveillance [ https://ssd.eff.org/en ]
- - - - - -
Thread challenge: ride a Bird Scooter https://theappanalyst.com/bird.html.

NEW? Check the /sec/ Career FAQ and Cybersecurity basics links above. Learn to code, learn computer basics, learn networking THEN work on hacking. It's technical and hard, but fun. Want to hack now? Try Webgoat and use the cheats. Grab Penetration Testing A Hands On Introduction and see what you don't know enough about. Always use a virtual machine for reading PDFs.
Wanna be a punk? Read the What is cyberpunk? and start today!
>>
>>73094114
Good to be back.
Euro-nights keep being the thread killer. is there so little interest for this in the US?
>>
>>73094282
The only people that care are Russians, Jews, Syrians and Australians. The last one purely for shitposting potential. Truly the last boss of the internet.
>>
Internet is too slow to hack with the bf today
>>
>>73094923
>Jews
In that case we should not have had a problem, after all there are millions in the US.
https://en.wikipedia.org/wiki/American_Jews
We have had a few posters from Israel too but I don't know what the Cyberpunk scene is like there.
>>
What programming languages do security folks use? Im studying information security in school, but the only language I'm any good at is Ada. I wanna learn something that will have use in industry
>>
>>73095532
Whatever you want as long as you know how to use it
>>
ECSC (european cybersecurity contest) finals are taking place today and tomorrow in Bucharest, Romania.
https://europeancybersecuritychallenge.eu/
Participants are aged 16/25.
Austria is leading.https://i.4cdn.org/int/1570624005488.png
>>
redpill me on making a vpn with openvpn to scan networks securely(trying to learn the nmap framework)
>>
>>73095550
I always hear about Python and C being industry standard. Any truth to that?
>>
File: 7rxthjtu14k31.jpg (156 KB, 1033x1292)
156 KB
156 KB JPG
>>73095532
Python if you just want to pentest and automate things
JavaScript is going to be necessary if you do web app pentesting
C and Assembly if you want to reverse/analyze binaries
If you want to do application security, it depends on who hires you and what they use

We really use a shitload of languages in the tech industry
>>
File: 3mFieyN.jpg (196 KB, 1280x622)
196 KB
196 KB JPG
>>73095575
Why?

Just get a hackthebox account and scan their machines
>>
>>73095532
Also, bash is used a lot.
>>
>>73095603
>>73095585
Thank you!
>>
>>73095599
>why
Because i want to, i have a hard time finding boxes that arent ctfs, finding a real world aplicable box is kinda hard.
>>
File: 1567494678610.jpg (67 KB, 768x432)
67 KB
67 KB JPG
>>73095616
DESU No one's probably going to come knocking if you're just looking for open ports and running info gathering scripts.

Real-world boxes are usually more boring than CTF boxes. That's why we tell people to do CTFs so your skills end up above the industry norm.
>>
>>73095653
It really depends on the ctfs, most ctfs that i see some youtubers doing is inane fucking bullshit that doesnt even make sense.
Also, if i wanted fun i'd do ctfs, i prefer real world boxes because they can actually prepare me for what i can encounters out in the wild.
Anyways, is vpn>tor>vpn a meme?
The second vpn is to hide tor because many forums block tor.
>>
>>73095693
you don't need the second VPN

dunno why you'd scan + browse forums on the same connection. isolate that shit
>>
>>73095723
>dunno why you'd scan + browse forums on the same connection. isolate that shit
makes sense, thanks i will go with vpn>tor, what are some trustworthy vpns?
>>
>>73094114
Are the FTP servers down for anyone else?
>>
I was SSH'd into a box on HTB and I looked away for a minute and when I got back someone wrote hi in my SSH terminal. Am I going crazy? How would you go about doing this?
>>
>>73095693
Just use a bridge. Bridge > Tor is fine.
>>
>>73095754
I don't know of any that are trustworthy and allow stuff like scanning

If they take cryptocurrency and allow scanning/hacking/shady shit, you can't trust them to not log traffic or not do shady shit to you

The safest way I know of is rooting a host and using that as a proxy. They will know that machine scanned, but if you clean house well, they won't know who was controlling that machine
>>
>>73095943

No mate, you're not going crazy. HTB servers are shared.
>>
>>73095943
Probably the wall command.
>>
>>73095956
In my terminal on my VM the text was written. That terminal was in an SSH session. The text was written and not sent to the SSH.
>>
>>73095983
Damn that scared me
>>
>>73096034
Chill your boots, it's all just a bit of fun
>>
>>73095920
I just checked ftp://50.31.112.231/pub and it works just fine. The other, at CollectiveComputers, is still down.
>>
>>73096125
>CollectiveComputers
feels fucking bad
>>
>>73096187
I agree, it had many GB of really nice stuff. There is of course the AEL
>>>/t/874479
>>
Can someone explain to me what $ means in bash?
for example
ls | grep '.txt'

doesnt work, but
ls | grep '.txt$'

Does.
>>
more like /cringe/
>>
>>73096763
The $ means end of line, thus the last part of the string must be ".txt" in the latter case. Not sure why the first case does not work for you. Tried fgrep instead?
>>
>tfw no sec jobs in entire country
why live
>>
>>73095693
>is vpn>tor>vpn a meme
Yes the tunnels will take most of your bandwidth.
>>
>>73096937
Sounds like you could get away with targeting countrymen with cybercrime.
>>
File: RegExp_Ref.png (77 KB, 763x1037)
77 KB
77 KB PNG
>>73096763
This one is from the old FTP site.
>>
>>73096995
I most likely could pretty easily, I just have no idea how to make a decent profit off or it
>>
>>73097098
ngmi
>>
>>73097216
open to suggestions anon
le epic haxxing government websites just isn't fun when it's been done plenty of times before
>>
>>73096046
Nah it was cool. Didn't know about that command. So I learned something from it.
>>
>>73097259
Ransomware?
>>
>>73097259
if you got the assembly know hows you d make more money with patreon reverse engineering games
>>
>got OSCP
>still can't pass entry-level interviews
>no current job

I'm fucked
>>
>>73095585
well put
>>
>>73097392
>patreon reverse engineering games
people pay for this? What the fucky got any examples?
I was gonna start getting into RE
>>73097353
meh, I don't really expect them to pay
>>73097422
what are the interviews like
>>
>>73097422
What country?
>>
>>73097445
>what are the interviews like
Usually a vulnerable box as a technical screen. I'm at like 50% win rate with these. Then more technical interviews with whiteboarding and quizzes and knowledge tests.

>>73097447
USA
>>
>>73097422
is that your only cert or something? no CCNA?
>>
>>73097445
fitgirl literally makes fucking repacks
and she got donations and shit like that, and even cryptominers(if people wish to do so)
>>
>>73097485
oh, you're talking about cracks? Yea I guess that makes sense
I winder if MMO hacking and making money out of it is still as big, maybe mobiel games have taken that spotlight
>>
>>73097483
I moved from software dev to pentesting so no network certs. I know bits and pieces of networking.

Most of these interviews are appsec/web pentesting and I've seen very little network specific stuff. Someone asked about the recent VPN endpoint vulns and I knew about it so that's something I guess
>>
Crossposting here from /DPT/ since you guys might like it.
If you guys make it faster I want your tips.
It's a script to solve the blind SQLi challenge on Root-me, written in Go.
>>73096229
>>
>>73097512
>MMO hacking and making money out of it is still as big
Literally every mmo nowadays have bots, but many people make bots so your got to be good to get the cash.
>>
>>73097478
>USA
Perhaps a bit drastic but you could try the military.
>>
>>73095025
Where do you find a hacker bf?
Asking for a friend of course
>>
Is it possible to used regex with commands other than processing text?
like, am trying to use with find but it doesnt really work.
>>
>>73097894
The NSA keeps a list of hackers in their root directory.
The CIA keeps a list of phone numbers paired with a foreign key that matches the NSA list. It's in one of the home directories but I forget which one.

>>73097926
https://stackoverflow.com/questions/6844785/how-to-use-regex-with-find-command
>>
>>73097894
If you can help pay rent and cook I've got a spot for you
>>
>feel alone
>i want a gf
>remember how annoying woman can be
>i want a bf
>>
How does writing/correspondence work in the field? I need this for a college essay about the careers we want to go into
>>
>>73098138
>tfw when same feel
>wait wtf is he saying?
>no no no, you can't impregnate bf. gf is still better. just have to take a mute
>>
=== /sec/ News:
Cookie monster eats data from Sesame Street store
Snazzy headline...
https://www.bbc.com/news/technology-49986737
>The official Sesame Street online store, along with thousands of other retailers, has been targeted by a credit card-stealing hack.
>Card details were collected by a piece of malicious software, dubbed JavaScript Cookie.
>The code was found in shopping cart software built by Volusion, which has 20,000 small business customers.
>The issue was spotted by a security researcher while shopping for toys on the Sesame Street store.
As a security researcher, you are always on the job.
>>
>>73098201
>you can't impregnate bf
even better!
>>
>>73098201
But seriously now, at least if its a self respectable faggot i would take it over any woman any day.
Ofc pussy is nice but i value my sanity, women can be childish and temperamental, while guys prefer just to enjoy life, woman like drama.
thus, faggots>woman>femboys
>>
>>73098443
Everyone and their uncle likes drama what are you on about.
>>
>>73098595
You dont get it.
Have you ever got a fucking 20yo calling you and inventing reasons to break up, when she actually still likes you and just want you going all
>nooooooo
>why you doin this
>please dont leave me ://
I am sure there are some women that dont do this but even so, every fucking woman i met likes drama for the sake of drama.
fuck women
the future is twinks and sexbots
>>
>>73098595
Drama is for femoids. Where can I find a drama free female? Do they even exist these day? I have had so many bad experiences.
>>
>>73095575

https://www.1337pwn.com/using-nmap-with-proxychains-in-kali-linux/

as long as you only send a small number of packets it may not violate the law in your country, but it may violate the law in whatever host country your target(s) is in. proxies are not immune to investigation.
>>
>>73098669
>>73098301
>>73098138
proof that autism causes homosexuality
>>
>>73098733
Put me in the screencap
>>
>>73098139
For pentesting, generally on two levels:

Business/executive - people who don't know nmap from burp suite, but you have to tell them the root cause, impact, and how it affects their bottom line, and provide context around what you found

Technical - People who can follow technical instructions to verify findings, who you give your recommendations to, and usually the people who ask you technical questions

Some business folks are technical and some can even understand code POCs but it's the exception rather than the rule
>>
I was reading a rtf about icmp, it says icmp messages are not checked by the computer or something?
Any exemples of malicious payloads being delivered by icmp?
>>
>>73098968
Not sure about payloads, but icmp can definitely be used for C2 and exfiltration
>>
>>73098733
>>73098788

programmer socks were a meme a loooooong time ago
>>
>start reading a book about nmap to get more background into reconaissance
>get bombarded with nping,ncat, ncrack, nyourmother
Holy fuck, i tought this was just a basic tool for mapping networks.
>>
>>73099145
Mapping networks is complicated.
>>
>>73099145

ur mum's got a lotta address space
>>
>>73099931
and so many open ports waiting for my unsolicited connections and data transfer?
>>
reading nmap security and network auditing cookbook RIGHT NOW what should i read next?
also
why the fuck is ncrack SO FUCKING SLOW just for a fucking ssh pass?
>>
>>73099942

nah she's only got a few of those and you have to find them one by one
>>
>>73097894
I found mine on an imageboard..
>>
File: 1569970442201.gif (3.92 MB, 309x309)
3.92 MB
3.92 MB GIF
Was going to try to do my ECE master's thesis on defeating facial recognition, but my professor shut it down (mostly because it involves more signal processing than computer architecture and hardware).

Any other ways we can strike back at <<<(((///them////)))>>>? My professor had me look at papers of several computer architecture and hardware conferences and they were either boring (branch prediction, faster caches) or out of my expertise (finding hardware Trojans, faster caches, growing parts on different substrates).
>>
>>73099091
But post some latex socks and people blow their gaskets.
>>
>>73099961
The reason for this is because logging into openssh takes a minimum of some fixed amount of time, and I believe there's a wait between processing consecutive login requests.
The better solution is just to avoid guessing ssh logins whenever you can.
>>
Follow up from last thread:

>>73089120
>Mathematicians aren't cyber security professionals
NSA uses mathematicians for all kinds of work relating to crypto, from cracking to securing and likely also providing algorithms that are strong enough for them alone to crack.

There is a reason why they are the largest single employer of mathematicians.
>>
=== /sec/ News:
>OpenSSH 8.1 released
https://lwn.net/Articles/801829/
>ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer overflow bug was found in the private key parsing code for the XMSS key type.
>ssh(1), sshd(8), ssh-agent(1): add protection for private keys at rest in RAM against speculation and memory side-channel attacks like Spectre, Meltdown and Rambleed
>>
File: bow to chinaman.png (99 KB, 722x480)
99 KB
99 KB PNG
>>
>>73101670
Why aren't they willing to acknowledge their actual boundaries? The boundaries of Tianxia they're obsessed with are already conceding territory from the original meaning.
>>
File: chelseabreadman.jpg (100 KB, 1080x969)
100 KB
100 KB JPG
https://isc.sans.edu/diary/rss/25386

libpcap has had bugs since 2018 that were unpatched and known about. looks like bug trackers and cvs are back on the menu, boys.
>>
My main issue is I have no clue as to where the path to a career in Cybersec starts. I'm looking at Uni degrees and since I have nobody in my personal life to ask about pointers I was wondering if anyone could help me out to which degrees I should be looking at for later advancement into Cybersec.
>>
>>73103047
Don't go to university.
>>
>>73103047

comp sci, comp eng, elec eng, applied math, applied physics
>>
>>73103166
I personally don't think I have the capabilities of learning all this on my own. I'm in my early 20s and just recently started getting my life on track.

Feel University is necessary. If you disagree, could you tell me why?

>>73103192
I'm looking at Open University (Online Uni but apparently reputable in the UK). Do these courses offer everything necessary? http://www.open.ac.uk/courses/find/computing-and-it
>>
>>73103290
Regardless of going to university or otherwise, you still need to teach yourself. You're perfectly capable of learning, but to me this sounds like you've admitted to defeat before even starting so you might as well pack it up now.
I'm probably not much older than you and I push myself and learn every day, and have a couple of years industry experience under my belt, no university degree and that's never stopped me, nor will I ever let it.
>>
>>73103290
>>73103357
Just to clarify, I've wasted money on computing courses with the OU and Plymouth university (neither of which I stuck through). Fuck them both. It's a scam and I'm bitter that I'm going to be paying for this shit for a while.
If you're a socialite sure go and waste a few years of your life "studying", otherwise it'll probably just be living hell for you as it was me.
>>
>>73103357

I didn't mean it in that way. I'm pretty optimistic and confident how things are going currently.

Let me rephrase it. I feel I learn better when I'm guided by people with more knowledge in the subject than me, I think Uni would personally do me wonders and I would also like to have a degree or two under my belt so I may further my career.

I know I'll be doing studying and learning on my own to further my knowledge, but I think Uni would help me out with that.
>>
>>73103401
>>73103409

What's your preferred course of action then?
>>
>>73103409
Sure if you want to do it do it, but it's not an experience I can recommend to anyone in good faith. There is a wealth of free information available and institutions no longer have a monopoly on information. I've even worked as IT security staff in a university.
>>73103434
Make an environment for yourself in which you are productive and happy. If you are looking for other like-minded people try security conferences, if you speak to the right people I'm sure you'll be able to get into events without spending very much (if anything) at all.
CTFs are an incredible resource. I've been on HtB recently and have been having fun with it. Learn a programming language and try writing some simple exploits, using a debugger to perform dynamic analysis.
Just do whatever you're interested in really. Practice, practice, practice. Socialise with people and discuss security and just enjoy yourself. What's the point if you aren't having fun?
>>
Is there any reason to use ncrack?
it is literally bad!hydra
>>
>>73103552
Not really. They're much of a muchness really though.
>>
>>73103563
what the fuck are you talking about
>>
i am consideting setting up a lab with a outsider atacker trykng to get into a network
but the real objetive of the lab is training on firewall evasion, should i use the emergent threats ruleset or would it be too tight?
>>
>>73103047
dont fucking listen to >>73103166

Enjoy trying to find a job in CSEC at the entry level without a degree unless you're a literal god who pays for and gets his own library of certs.

Degree's prove that you can follow directions, submit work on time, and that you at least have exposure to the shit that employers dont have time to teach you. If you go in without one youre gonna have to start at the way bottom doing 3+ years in an IT/Tech desk sweatshop or know the person who owns the company.
>>
>>73095955
>crypto

If you don't trust businesses that accept crypto, you are retarded and are unironically living in 2012
>>
>>73103802
Well, not wasting time/money on a university degree is valid as far as my experience thus far has gone.
What concrete evidence do you have to support your claims that it's impossible to be successful in the industry without a degree?
I don't even have any certifications whatsoever, just bugs, CTFs and industry experience under my belt and I'm in a position in which I'm not even remotely concerned about the idea of being able to secure further employment.
>>
>>73104075
To add to this, I know many other computer security professionals without degrees, many of which are far more financially well off than myself; and I'm on holiday abroad, and have been for nearing a year now without even needing to consider getting a job. I'm only 22 as well.
>>
>>73104075
>What concrete evidence do you have to support your claims that it's impossible to be successful in the industry without a degree?

I literally said that it is possible, just difficult.

My concrete evidence is that I'm on the hiring team for a major organization in the security field and work directly with recruiters. When it comes to entry level/associate positions we won't look at someone who doesn't have a degree unless they also have a lot of industry experience or are making a transition into security, have experience in another industry and a lot of self study. If you can get in the door without a degree you're good, nobody cares about your education after your 1st/second job anyway, my advice was more tailored toward entry level.
>>
>>73104223
Your company sounds like it sucks and you; the typical corporate whore parasite. Go to hell.
>>
>>73104239
and you sound like a hippy schmuck who's pissed he cant worm his way into a job he's not qualified for.

follow the fucking rules
>>
>>73104255
Read some of my previous posts, buddy. I'm actually doing reasonably well for myself and I at least have the integrity to not be a soulless corporate gatekeeper and am actually making an honest living for myself.
Like I previously emphasized, go and choke on a dick.
>>
File: 1532646669108.jpg (126 KB, 527x614)
126 KB
126 KB JPG
>>73104286
>gatekeeper
lel.

I work for a living, not to save the goddamn world or give a handout to some asshat that wanted to do things 'differently'. I cant validate your claims, I have only my own experience to go off of. Im 99% sure you're full of shit just like im sure you feel the same way about me. That doesn't mean you should go around giving people on g shit advice thats going to waste their time, someone might be dumb enough to listen to you. If you actually have so much tegridy think about that before you go leading people astray
>>
>>73104323
Of course I'm going to offer people advice, not that it's the be all and end all or anything. A few years ago I was in the same position as they are, struggling to figure out how to survive in the world after flunking my way through the broken education my country mandates.
It's a pretty hard place to be, especially for a loner. And I fucking tried university, twice; but everything about it drove my anxiety through the fucking roof.
I'm not going to try and delude people into believing there's no other way when I absolutely know that not to be true from personal experience.
>>
>>73103192
>elec eng,
>applied physics
Unexpected.
>>
>>73103290
>Open University (Online Uni but apparently reputable in the UK)
The reputation is generally good but there have been some very negative reviews.
>>
>>73103731

it's not tight at all. the ruleset is easily bypassed, just try it out a few times. you have to tune the ruleset to specific needs anyway so you'll have to try poc exploits.
>>
>>73104547

lots of ee and physics dudes. adam boileau is an ee and stephen ridley is a physics guy.
>>
>>73104861
This one:
https://www.theregister.co.uk/2011/07/18/verity_stob_pgpdip/
>>
>>73105480
>Certain characteristics of OU texts can be quite amusing. Their pompous vocabulary goes beyond even the requirements of academia. For example, they freely employ the word pedagogical, apparently not realising that its use is reserved to those strange and seedy schoolmasters who appear in early Evelyn Waugh and Aldous Huxley novels.
... my physics professor said pedagogical all the time.
>>
>>73106134
Was he strange or seedy?
>>
=== /sec/ News:
>Tor Project Removes 13.5% of Current Servers For Running EOL Versions (zdnet.com)
https://tech.slashdot.org/story/19/10/09/1853238/tor-project-removes-135-of-current-servers-for-running-eol-versions
>The Tor Project has removed from its network this week more than 800 servers that were running outdated and end-of-life (EOL) versions of the Tor software. The removed servers represent roughly 13.5% of the 6,000+ servers that currently comprise the Tor network and help anonymize traffic for users across the world. Roughly 750 of the removed servers represent Tor middle relays, and 62 are exit relays -- where users exit the Tor network onto the world wide web after having their true location hidden through the Tor network. The organization said it plans to release a Tor software update in November that will natively reject connections with EOL Tor server versions by default, without any intervention from the Tor Project staff. "Until then, we will reject around 800 obsolete relays using their fingerprints," the Tor Project said in a statement this week.
Interesting this part about finger printing.
>>
File: foreign hackerman.jpg (57 KB, 720x789)
57 KB
57 KB JPG
>>
>>73101754
China is a pressure cooker that will burst any day, in a way that will make Yugoslavia look like a walk in the park. The communist party is well aware of this and just respond by tightening all screws, making China their particular type of dystopia. China, the country, has much power but no real friends.

There will be a lot of domino pieces falling with them, North Korea, Hong Kong, Tibet and more. All African states will disregard their enormous national debts to China.
>>
Anyone agree/disagree with this list of Cyberpunk movies?
https://screenrant.com/cyberpunk-movies-never-seen/
>>
>>73104895
>ruleset made by international team of security researchers
>easily bypassed
really?
>>
Anything /cyb/ on TOR? >>73101837
>>
File: 1565829250880.jpg (115 KB, 679x665)
115 KB
115 KB JPG
>>73103357
Can you describe what you're doing each day in regards to learning? I keep finding myself sitting down to read or practice something and I just spin my wheels, it's such a strange feeling.
>>
>>73106200
He mentioned tvtropes to me during smalltalk once. Otherwise no.
>>
>>73108819
Start by avoiding low quality news sites.
>>
BTW the FTP site is updated with a Comfypunk archive. It seems the old site is still offline so might upload more of the old stuff there.
>>
>>73107642
We are slow today so i am gonna expecify, is it possible to bypass the pfsense-snort(using the emergent threats ruleset) using only nmap or do i need to know how to make custom payloads or packets?
>>
File: ICS2-1200x827.jpg (87 KB, 1200x827)
87 KB
87 KB JPG
>>73094114
>>73095920
>>73095943
>>73095955
>>73097082
>Intelligence Gathering on U.S. Critical Infrastructure
https://www.icscybersecurityconference.com/intelligence-gathering-on-u-s-critical-infrastructure/

Critical infrastructure like Missile and Fire Control manufacturing plants are exposed.
>>
File: niagara.jpg (69 KB, 775x640)
69 KB
69 KB JPG
>>73111008
If one guy did this, how much info did China and Russians gather on critical infrastructure?
>>
File: lockheed.jpg (90 KB, 1117x263)
90 KB
90 KB JPG
>>73111008
>>73111019
>>
File: geo18-1200x703.jpg (185 KB, 1200x703)
185 KB
185 KB JPG
>>73111008
>>73111019
>>73111035
Shits bad yo.
>>
>>73111050
>>73111035
>>73111019
Why didnt he just sell it to china
>>
>>73107642

yeah, do you even know how the rules are written or used? it's usually packet characteristic matching and hex pattern matching. look up advanced evasion techniques.
>>
>>73111063
And live where' In frozen vodka lands of Russia or China where normal internet is banned and other users only speak chinese?
Better to use it on a conference or a blog post than becoming a fugitive.
>>
>>73110873

you can bypass it using https because snort will never see the traffic.
>>
>>73111095
Is thee any book in the /sec/ mega about this?
>>
>>73111115

just look at the actual rules in the emerging threats ruleset and you'll see what it matches. https://rules.emergingthreats.net/open/snort-2.9.0/rules/

>botcc.rules
>alert tcp $HOME_NET any -> [195.64.154.14,207.244.97.230] any (msg:"ET CNC Ransomware Tracker Reported CnC Server TCP group 64"; flags:S; reference:url,doc.emergingthreats.net/bin/view/Main/BotCC; reference:url,ransomwaretracker.abuse.ch; threshold: type limit, track by_src, seconds 3600, count 1; classtype:trojan-activity; flowbits:set,ET.Evil; flowbits:set,ET.BotccIP; sid:2404526; rev:5515; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_and_Server, deployment Perimeter, tag Ransomware, signature_severity Major, created_at 2016_04_03, updated_at 2019_10_09;)

all this rule does is match two ip addresses (195.64.154.14,207.244.97.230) known to be part of botnet c2. you change the ip address or use a proxy and it won't trigger even if you're using the ET CNC Ransomeware.

>exploit.rules
>#alert tcp $EXTERNAL_NET any -> $HOME_NET 2200 (msg:"ET EXPLOIT CA BrightStor ARCserve Mobile Backup LGSERVER.EXE Heap Corruption"; flow:established,to_server; content:"|4e 3d 2c 1b|"; depth:4; isdataat:2891,relative; reference:cve,2007-0449; reference:url,doc.emergingthreats.net/bin/view/Main/2003369; classtype:attempted-admin; sid:2003369; rev:3; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

all this rule does is match the hex pattern 4e 3d 2c 1b at offset 2891 (see isdataat) on port 2200 (see $HOME_NET X) coming in on a tcp connection. it might not be possible to fragment the packets or attack payload in such a way that they won't be reconstructed and detected, but it might also be possible; i don't know enough about this exploit to say.
>>
>>73101056
fair point but there is a line between the people who design and the people who do. Architect/Construction. Gunsmith/Soldier. Dev/Sysadmin. And I would argue Maths/CyberSec
>>
>>73111063
Who says they haven't?

They already had a huge leak in the F-35 program and the fighter should be considered utterly compromised at this point in time. Chine even made an obvious clone. And yet LM comes off, scot-free. In fact they make a mint on this because the "only solution" to Pentagon is to pay LM even more to develop something new that China has not (yet) obtained. The whole thing is perverse.
>>
>>73109232

sounds like both tbqhwyfamilam
>>
>>73111716
Not him, but isn't it kind of a given that if you're using something common or you reverse-engineer a known payload, you change things like port number and do >>73111103 to make rules like this fail?
>>
>>73111103
What, how does this work?
I searched and all i have found is dns tunneling, is this what you are referring to?
>>
>>73109232
TV Tropes has about 18,400 results for a search on "fetish". This could be strange AND seedy..
>>
>>73112784

you can't change the port number for a server you're attacking unless you're going after the network stack in general and if the server doesn't support encryption then you can't hide the from traffic analysis.

>>73112876

you use any encryption at all and nids can't read the traffic. https uses tls/ssl but anything works. you can xor the traffic against a 32 byte value and snort won't detect anything. obviously doesn't work with exploits, but sometimes you can use shellcode encoders to bypass hex signatures.
>>
>>73113063
>you can't change the port number for a server you're attacking
My bad: I thought it was about post, not the exploit itself.
>if the server doesn't support encryption then you can't hide the from traffic analysis
Does that even happen anymore?
>>
What do you think about fwknop? It sounds like a viable way to expose a computer on the internet and have it respond only to me.
>>
>>73113091

yeah it does happen a lot. there are protocol downgrades and other things like reverse ssl proxies that enable nids to do traffic analysis.
>>
Methods of juicejacking an iOS device to view call logs/text messages/multimedia files?
>>
>>73095571
>austria
basiert und rotgepillt
>>
>>73113219
But could you bundle AES with your post and use a preshared key?
>>
Why was deepdotweb taken down?
https://www.deepdotweb.com/
>>
>>73113526
They finally got the Politie on board and could.
Silly peasant, you thought you're allowed to have fun?
>>
>>73094282
In my experience, /cyb/ types in the US typically live on the west coast, and we don't get home from work until 2 or 3 AM UTC.
>>
>>73113700
can confirm posting from work rn
>>
>>73113483

you can use any kind of encryption you want so yes
>>
bump
>>
Year 2 of college for cybsec. We haven't done any CTF or exploit type stuff yet.

Where do I start? What are some good guides to get started practicing port scanning and exploits etc. should I start with Metasploit?
>>
File: doggo lisa.jpg (33 KB, 500x499)
33 KB
33 KB JPG
>>73108819

you must focus sad kot, find something to read, any book, and read a few pages at a time, then do more each time you read and eventually you shall become DISCIPRINED
>>
>>73116414
Just out of curiosity, what does your course actually cover? What have you done so far?
>>
>>73116659
First year was Cisco networking basics and a bit of cyber security fundimentals.

This year is network scaling, network security monitoring, and later ccna security. We are supposed to be doing some Metasploit later but it's almost midterms and so far it's all been review and a little bit of nmap.
>>
>>73116713
Not exactly what I would've expected but fair.
>>
File: bokvp.jpg (24 KB, 611x393)
24 KB
24 KB JPG
what fun stuff you nerds do?

gimme me an example of something very /cyb/ and/or /sec/ you did today
>>
>>73116769
im going to take a look at a HtB machine now
snipper
>>
>>73116758
It's a networking program with an option to major in cyber security. Cyber security fundimentals, network security monitoring, and ccna security are the cyber security courses in the program.

NSM is the course I'm taking now, we are going to do some Metasploit and Kali , but so far its been mostly reviewing how firewalls work and other basic shit so I was looking for something to supplement my course material until we get to the good stuff.
>>
>>73116871
I don't know firewalls are pretty boring and self-explanatory. I think I could get the hang of it in like a day on the job probably.
Not really the sort of thing I'd do a course on.
>>
>>73116893
It's not a course on firewalls, we just did some review on them.
>>
>>73116769
see
>>73106532
>>
>>73116769
still working on freeIPA implementation
>>
>>73117007
That some kind of faggot beer?
>>
>>73117024
it's a redhat project combining a cert authority, DNSSEC, LDAP directory and SAML and some other stuff

I said a few threads ago I was looking at openLDAP but it's very barebones and I want kerberos PAM for auth on my home network
>>
>>73116769
Working on the cyb FAQ. It still isn't finished yet.
>>
Biohacking is now reaching normie media, even the business news:
https://www.dn.no/d2/helse/teknologi/biologi/trening/biologiske-hackere/2-1-645776
You might need a translator.
>>
>>73116414
>Year 2 of college for cybsec.
>We haven't done any CTF or exploit type stuff yet.
You should ask for your money back.
>>
>>73118313
How am I supposed to hack shit without knowing anything about networking first?
>>
>>73118432
Is that a serious question?
>>
Wired was once good, now it is fairly bad but still saw the potential to go even further: now it refuses to play nice if you view Wired in privacy mode.
Why do websites do this?
>>
>>73118601
Because selling your ass out to advertisers, glowniggers and whomever else willing to pay is the main revenue stream for internet publications. Your attempts at privacy violate their business model.
>>
>>73119402
It is a bit hysterical of Wired to "defend" privacy while selling out their readers.
>>
>>73119430
"privacy" in MSM definition is limited to safety from random skiddies wanting to swat you and maybe le ebil foreign regimes seeking to manipulate 'murrican voters by showing them ads (as opposed to 'murrica manipulating foreign voters by straight up bribing them with cookies and manufacturing "protest" wholesale). You don't need to defend against 'murrican ad agencies because they are glownigger-compliant and only want to help you find that thing you always needed to consume but never knew about it.
>>
Cloudpunk is getting good review:
https://www.forbes.com/sites/mattpaprocki/2019/10/06/cloudpunk-is-the-cyberpunk-life-realized/
Anyone here checked it out?
>>
File: 1570439693500m.jpg (62 KB, 1024x1024)
62 KB
62 KB JPG
>>73094114
Whats the password for the oscp pwk zip file??
>>
>>73120352
"society"
>>
>>73120399
I'm serious you fucking Cuck what is it?
>>
>>73120421
y so serius? :-)
>>
>>73120434
Because of society
>>
>>73120399
Nevermind I'm retarded
>>
>>73120421
calm your tits
>>
>>73120176
Voice acting needs work
>>
>>73121342
Yes, was a bit weird.
>>
did the phenom ii x6 t10xx series cpus have hardware level backdoors? are they vulnerable to spectre/meltdown and derivatives? can you make them secure (asking about t1055 in particular since that's what i have)?
>>
>>73121773
>hardware level backdoors
Probably government mandated, but it is not on record.
>>
>>73122715
Unless you can find direct evidence of government involvement, it's a "why bother" and getting it patched is more of a matter of creating and releasing your own mechanism of accessing it.
>>
So I have been trying to get into security and tried to solve overthewire games first. Obv. I really don't know shit about where to look for bugs.

Do you guys think that it would be smart to first read a few books and make notes and then dive into practice? Otherwise I don't really know what to do. Pls help frens.
>>
>>73118432
Besides the OSI model and reading packets, which shouldn't take more than a semester, you don't need to know anythiing else about networks to start exploiting systems. In fact most of what the OSCP teaches has nothing to do with networking and its considered a 101 type class.

In other words you got had. If you think I'm just trolling, try the machines on HTB and see how far you get.
>>
>>73123149
For me, it's reading writeups at first so I understand what mode of thinking is needed. Don't rely on it though, its a crutch
>>
>>73123149
Depends how much of a beginner you are. Overthewre is good, but nothing beats actually trying to exploit vulnerabilities on actual machines. If you just want to know how people start looking for bugs, reading writeups for HTB or Vulnhub machines is a good start.

Otherwise, yes start getting used to reading about a lot of dry and boring technical stuff. You really want to learn the basics of networking (ie packets and how protocols work), programming (conditionals, functions, control flow, etc), linux BASH & windows Powershell, before you can really start to dive into exploits.
>>
>>73123152
>you don't need to know anythiing else about networks to start exploiting systems.
Oh, really? When I hear people talk about networking my mind goes to configuring routers, etc. Well I guess I know enough then.
>>
>>73123159
>>73123241
I'm at the start of my second year as a CS student.
So I have a basic understanding of programming.

Can't really try to exploit machines, because I don't know what to do. Also I dont want to be a skiddie and only use Metasploit or SQLmap for short term success.

Thanks frens, then I will start to read a shitload of books to understand the basics.
>>
Is whonix safe or is it a meme?
>>
I feel like a brainlet learning bash, then again I'm not practicing just reading
>>
>>73123605
What book are you reading, gonna start on bash
>>
>>73123484
How about taking a look at https://www.hacksplaining.com/
>>
Tell me a good email for a profissional email, safe but not autistic.
>>
>writeup getting retired
I am almost to my next rank come on.
>>
>>73123815
Any alternative to this website but for exploits that are not web related?
>>
>>73123508

it's safer than running on bare hardware, but everything has bugs. safe is not an immutable state; it's a process. whonix is part of the process of being safe, but you're never 100% safe.
>>
>>73111716
>>73111115

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node32.html

this should help you understand what a snort rule looks like and what all the potential fields do/are.
>>
>>73123484

USE THE CHEATS LIKE METASPLOIT AND SQLMAP, READ THE WALK-THUS TO GIT GUD, DON'T WASTE TIME TRYING TO BE NEWTON DISCOVERING CALCULUS
>>
>>73124440
>but you're never 100% safe.
What if I'm running Multics?
>>
>>73123149
>>73123484
>Obv. I really don't know shit about where to look for bugs

https://www.youtube.com/watch?v=qTkYDA0En6U

https://www.youtube.com/watch?v=U60hC16HEDY
>>
File: Philosophator.jpg (20 KB, 400x400)
20 KB
20 KB JPG
a group of master hackers writing on the webpage :O i will be no able to get money for zero exploits,,,, fuck, i gave to much free power to the people u.u
>>
>>73124514
But anon I don't want to be a scriptkiddie.
I want to understand what I'm doing.

>>73124593
Thanks Fren.
>>
>>73124876
>But anon I don't want to be a scriptkiddie.
You have to start somewhere.
>>
>>73124876
Eventually you will hit a wall that will force you to not be a skid anymore. Just gotta get your feet wet first then you'll start to understand more and more.
>>
>literally can never find websites vulnerable to sql injection
How am i suposed to train on sql injection, everything is so safe
>>
>>73124535

then unix beards will rape your terminals daily and you will never know
>>
>>73125979

YOU MUST LEARN TO BYPASS THE REGEXS, ANON
>>
>>73097863

Don’t do it, the training is good for the time it takes but private sector/BS degrees blow it the fuck out of the water, I would conservatively say 95% of our servicemen couldn’t defeat an easy level HTB machine
>>
>>73098968
>>73099016

You can also use it for tunneling past public routers that are trying to box you in. You have to have your own VPS of course
>>
File: serveimage.jpg (76 KB, 1280x720)
76 KB
76 KB JPG
Why to FPV drone racing goggles look so much more /cyb/ than VR or AR goggles
It just ain't fair
>>
>>73127331

if you're wearing goggle why do you care?
>>
>>73126259
HOW
>>
>>73127646

payloadallthethings, lightbulb burp app, ingenuity
>>
What's a good place to begin with learning how to use a fuzzer?
>>
>>73129675
what are you fuzzing?
>>
>>73129758
I wouldn't know. I've never fuzzed before.
>>
>>73129774
step 1.
find out what you actually want to do
>>
>>73129785
I dunno. Pick something about using a fuzzer and I'll go learn from it; I mostly asked to bump the thread from page 10.
>>
>>73129799
go read the afl documentation and try and find some crashes in a random open source project
>>
>>73094114
Should I pull the plug? Are they good?

https://deals.gdgt.com/sales/keepsolid-vpn-unlimited-lifetime-subscription-3?utm_source=engadget.com&utm_medium=referral&utm_campaign=keepsolid-vpn-unlimited-lifetime-subscription&utm_term=scsf-334393&utm_content=a0x1P000004MT7H&scsonar=1
>>
BENIS BUMP
>>
how do I help the hong kong protests?
this is the most /cyb/ riot yet
>>
>>73130171
This is entirely their fault and you should feel no sympathy for them.
>>
>>73130236
>no help for people who didn't know any better

this is how the world will burn, fool
>>
>>73130242
It was always burning since the world's been turning.
>>
>>73130236
yes goy let china fuck their arse its not like we are their next targets
>>
>>73100244

do branch prediction so we can have more spectre and meltdown! :D
>>
I have a degree in math from a top 20 school, is this ok for getting into cybersec degree wise or do I need to go back for CS
>>
>>73131468

set up some christians as terrorists and get promoted by the fbi when they get "convicted" xD
>>
>>73131468
You're qualified to work for the NSA but probably for crypto bitch-work.
>>
>>73116769
>>73116781
>>73116990
>>73117007
>>73117574
so you do jack shit? thanks for confirming, posers
>>
File: 1502411540026.png (17 KB, 721x489)
17 KB
17 KB PNG
>>73131624
someone's grumpy
>>
File: 1555234194800.png (207 KB, 292x362)
207 KB
207 KB PNG
>>73116769
Try to get a job.
>>
someone tell me about fiction books that involve cyber crimes, surveillance, computer forensics etc.
it's for a gift, doesn't have to be cyberpunk, just hackerman related and doesn't have to be very based in reality
it must be paperback, manga is fine but prefer books and novels
>>
>>73131640

won't be needed when you get fucked, nigger
>>
>>73131765
Does it have to be books? I know a number of movies and vidya.
>>
if i am a regular punk how do i become a cyber punk
>>
>>73132321
well, I won't be able to get him it, but to be honest, I guess I'd be interested in it as well
>>
>>73132342
install gentoo onto your cyberbrain
>>
>>73131630
Let's hear what you have achieved in your life.
>>
>>73133206
nothing special
done a fair amount of computer security stuff but ultimately all of that is pretty inconsequential
i've had sex at least, unlike someone :^)
>>
>>73133261
>sex at least,
I guess that too is an achievement.
>>
So I work in a huge company. I've been a dev for 2 years but just got moved into the security department. My degree is in sec, how do I study so I don't eat shit? I would be doing pen testing against our products.
>>
File: crest.png (156 KB, 294x375)
156 KB
156 KB PNG
Is a 32GB flash drive, enough for hacking tools and other security software?



Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.