#cybersecurity

In URLs or other such links (e.g. anything used to identify a resource)? definitely

🤔

@safe bear To whom you're referring this?

@silent pier

"Reading through this about input sanitizing, how exactly can the use of those unicode characters with a visual or semantic similarity be a security risk?"

For visual, maybe limit the amount of combination characters

You can easily make unicode characters that are as high as your screen

@safe bear Oh...Sorry for tagging then

I ended up white listing available characters with regex

So I dont "think" itll be an issue

https://www.rfk.id.au/blog/entry/security-bugs-ssrf-via-request-splitting/
https://github.com/nodejs/node/issues/13296
nice find from someone in another server

read first URL first

Finally...

https://latesthackingnews.com/2018/09/14/new-ransomware-named-pylocky-discovered/

ooooooooffffffffffff

RCE for Alpine

https://justi.cz/security/2018/09/13/alpine-apk-rce.html

That's a big oof for docker applications

Is there a discord cyber security group anyone is familiar with ?

I know about a few which degraded into shit holes or are dead now. Why do you mind?

@lavish hull

Just because tbh

Always like seeing more stuff

Twitter and reddit aren't enough sometimes

Might be a bit off but is there any security benefits to having big unique but pseudo random IDs for all user entries in a db over just auto incrementing them

I mean.. probably not? The only situation I can think having incremental IDs would be "harmful" is if someone has a way of accessing the users by ID and therefore it'd be easy for them to scan through the data but then you have a bigger problem than that

I feel like all the issues I can think of presuppose a preexisting, much more severe security issue

Seems fair

I don't even need a row id thinking about it.. usernames are unique, else they can't use em

front facing incrementals are bad

👌

@silent pier no tbh, because you will have to store other identifying data to actually know which user it is

So one way or another users can be identified if there's a db leak

How will i connect that identifier to the user then?

@silent pier unless you want nobody to be able to identify who the data belongs to, including you

There will always be some identifier that can be traced back to the user

Don't get me wrong, I see what you're getting at

but I dont see how to connect them, if the db is breached

So using randomized IDs just increases search time

Like, imagine i randomized somebodys id

I use their name and identifier instead

Like WrongEnd#3931

Now if they change that the data no longer connects to them so i have two options

Switch the old name to the new one

Oh I see

Or keep a running list of namechanges and a current name

If data is editable

In my case it's a very basic create user + pass situation which you log into

That user has access to a set of messages to read

and that's it

• send messages

My point is no matter what you do they will be identifiable unless they are totally anonymous

Fairenough

User plus pass can be totally anonymous if you dont want to lock it to a certain set of accounts

I guess I could implement an unique ID just for the design to be more dynamic

Like even if you hashed their name n shit

If they know who they're looking for they can just hash the name themselves and search the db for that hash

I was thinking of using something close to discords snowflake before deciding to just use name+pass

what if you encrypted all of the user's data with their password

so the server itself can only access it when they're logged in

Huh

It'd need to be reversible which automatically makes it crackable

you couldn't let them reset though, all their data dies

It's a safer option but not a guarantee

Plus it would be hell on cpu to constantly encrypt and decrypt

store all the data in local storage; signed by the server if you need the user to not be able to tamper with it

So it's not scalable for everyday access

ultimately any solution depends on what the data is and how secure it needs to be

The application I'm creating doesn't need to be the most efficient, but be as secure as possible

for mostly the top OWASP breaches

both solutions i mentioned have the weakness that the user can lose it and it can't be retrieved for them

A good draw for hashing is the computer can't hash quickly

Speaking about CPU usage when en and decrypting huge chunks of data

So users cant hammer it with shitloads of requests until they get it

Yeah that is a good perk

How does LUKS (Linux hard drive encryption ) handle decrypting terrabyte sized hard drives quite quickly

I was messing about with a custom script and a leaked hash set not long ago

got surprisingly a lot of them within a day

So limiting the amount of tries is part of my agenda

Generally you can get a good chunk by using a preset attack

(Given i wont leak the hashes)

Searching for uh

both dictionary and rainbow attacks crack quite a lot very fast.

Well, trying "password" will often reveal the hash contents to you

make the salts longer

Because people are dumb and use password as their password

Oh bais

incorporate the username as an additional salt

I forgot to salt my passwords

lol ty

sure if there are only 4096 salts, you can generate all the hashes for "password" and search for them

but make the salts longer and it's exponentially more difficult

Ay

But if username can be edited, would using their username as a salt be.. smart?

require them to enter their password to do that, and rehash it

I'd have to store their initial username on the side then

Hm

I would use their id as a hash

Or a salt rather

Since id is immutable

That's fair, it might turn out to be quite a big id as well

if i get my idea to work like I want it to

or, yeah, just store the whole salt

it being open-ended how big a salt can be is the important part

Yup

But doing pass+salt+id -> hash might be even stronger?

Or is it being overkill at that point

store id like an id, salt on the side and hash as password

I mean you could combine salt plus id and hash that

And use that as a salt

Not make it intuitive what the salt is, but you know always expect an attacker to know your code

It's just a matter of how long do you want it to take and how intensive are you willing to handle

given it'll be a very small set of users just brute testing all salts available in a db leak wouldnt take long would it?

You could create hashes thousands of characters long but you don't because while it'd be fucking uncrackable, good luck accessing the data in a reasonable timeframe

Because you gotta make the hashes again to check equality

fair

Just trynna think about the most secure way to do it for a small set of users

the biggest threat is password reuse anyway

and there's not much you can do about that

https://xkcd.com/792/

When momo, sharp and I did it we didn't do a lotta complex stuff

Check the register endpoint in auth on defiant sails codejam 2

We made a pretty standard authentication there that should be reasonably secure for small-scale

(Like, the XKCD is about an evil website operator, but just another site's database which uses weaker security than yours being leaked is the more likely threat)

Yeah.. stupid users

Be more secure

What languages should one learn after Python for Cybersec, Ethical Hacking and Cryptology

you can learn C and more low level stuff in general

Why low level stuff?

because hacking is related to low level stuff

at least sometimes

+1

@thorn obsidian It depends what you want to do...like if you want to do web application penetration testing then you should learn JavaScript, HTML, CSS etc.

I may also learn them

may do Python > C/C++ > JS > CSS > HTML

in that order

I guess

idk

I dont want to pentest websites etc

but idk, I am no expert in this field

I'd rather try breaching/pentesting systems

(That was a fastest response I've ever seen)
Learn C&C++ before js,html and others

Good source of the latest in cybersecurity: https://www.reddit.com/r/netsec/

Assembly Language is also good

Speaking of what to learn: https://blog.ret2.io/2018/09/11/scalable-security-education/

Yeah, learning C and knowing the basics of assembly is essential if you're doing any sort of binary reverse engineering or exploit development

Oh yeah, I almost forgot that
Thanks @safe bear

It's not terribly essential for network/protocol stuff though

C is still really useful for that though, since you often have to grok (read and interpret) network codes written in C

Binary exploitation resources are so low but it worth the time

If you want to learn do this: http://overthewire.org/wargames/bandit/

I learned a ton about Linux and exploitation by doing the Bandit series

where did "grok" come from?

@lilac gulch http://www.catb.org/jargon/html/G/grok.html

Lemme check,thanks for this wonderful resource
Have you ever tried reverse engineering?

Yes

IDA or other debuggers?

Nope

Well, I did use Ida once during a class

Then?

ah lol

Just by hand with gdb and nano lol

During a class, lucky you
My college professors don't even know what GDB is

GDB is good,gotta check Nano

Well a lot of that was doing the Bandit exercise I just linked

Nano is just a basic text editor

Oh...

Because I can never remember Vi's keybindings other than insert, write, and quit

If I may ask what's your age?

0ld

True...No one can expect paranoids
That's great...security engineer?

old bird here

He went crazy from trying to quit vim at the ripe old age of 24

lol

I already have a lot of stuff bookmarked

in my cybersec & pentesting folder

netsec and scaling are new

I am doing a small Python project

a GPA calculator

then will do some C then C++

I probably have well over 400 bookmarks at this point just for cybersecurity

Damn

trying to do my Git in #tools-and-devops for Pycharm

if anyone can help btw

Please don't ask for help in other channels

apologies

Just wait

https://github.com/gentilkiwi/mimikatz

Good ole' mimikatz

Yup

https://github.com/jovanbulck/nemesis

@simple orchid you and a few others had a convo about password re-use, there are actually things you can do to stop that

I'm a big fan of troy hunt, he has a system that allows you to automatically check passwords against pretty much every major database leak in the last 10 years, all anonymously and for free
https://haveibeenpwned.com/Passwords

https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/

he operates an API that people can query, or you can check the DB locally

the amount of passwords is actually up to about 512m now

@thorn obsidian Thanks for post...seems quite informative

np

the above system is actually used by big sites currently, like 1password and EVE Online

I have some experience with leaked databases

When I was on telegram there were channels who post premium accounts of users
They call it "hacking",lol

lol, my old password is breached

Good stuff

he also operates https://haveibeenpwned.com/ which can be used to check for breach based on email

https://www.extremetech.com/computing/276991-f-secure-says-almost-all-computers-are-vulnerable-to-new-cold-boot-attack

https://www.hackthebox.eu Anyone else trying their skills here?

I want to but I can't
This is the best CTF portal
You should pin this @silent pier

I can't pin :P

I'm proud I managed to find the code

The invite code?

Other than that, going to leave the whole setting up a secure env etc to work with for later

Yeah

That require some basic JavaScript and HTML, I guess

and string manipulation / basic decoding

You should try, I was checking some CTF team and they are awesome
One is good at reverse engineering,other one was good at binary exploitation and vice versa

Can't say im an expert in either

But know a bit of each so far

Point is cyber security is just like programming that need logic and analytics skills
You did both...wow

programming needs those two too

so cyber security is like programming 🤔

I was trying to decode a PDF file blackout text and redacted it got a flag...but can't progress further...

@orchid notch It involves programming...

i read this book abouut cryptography from my library yesterday because i was bored

Which book?

a third of it was about stenography

german my friend

german

they listed so many ways

its crazy

Oh... Sounds boring

no

I'm​ just gonna read "Cryptography Engineering"

they explained a stenography technique from the 16th century where people would write different letter styles in order to create a binary system

@orchid notch 🤔

History of Cryptography is kinda amazing to know about....

so you would write an "a" in one style and another one in another style

and from that create a binary system

Just like knowing about analytical engine

it gets even more crazy

eventually the distance between the letters with different styles (distance in other letters) would also matter for the meaning

The key?

there is no key

its stenography

its hidden writing

stenography hides the existance of a message

😖

lol

Try "Serious Cryptography"
You're interested in networking?

¯_(ツ)_/¯

i guess im not bad with it

👌

there are stenography techniques hiding the message in a binary system created from rhymes schemes in poems

That was so inconvenient

huh?

I mean doing all that encryption/decryption by hands...real genius

its technically not encryption

and the pre electronic stuff was kinda easy to do with some help devices

Oh...

ByteCommander is typing

*steganography

sh

leave my mobiles autocorrection alone

stenography is something different, my young friend

its this weird keyboard thing right?

🤔

what?

stenography

steno typing

https://www.youtube.com/watch?v=RBBiri3CD6w

weird keyboard thing

https://en.wikipedia.org/wiki/Shorthand

yeah thats old stenography

nowdays we have keyboards for stenography

Most of the doctor here write like that,lol

waity what is that keyboard doing

magic

Yes.

its typing whole syllables instead of letters

If steganography is hiding of text,how someone gonna understand it then🤔

by knowing how it was hidden

A mutual understanding of encryption algorithms

again its not encryption

there is no key etc involved

I think I should check steganography on wikipedia

modern steganography is all automated

there is for example hiding informations in pictures

not like the actual picture

but the file

Woah

in fact there used to be methods of steganography for hiding messages inside pictures

for example morse codes using grass

That is advanced

that is actually pretty old

You said it was boring but it kinda sounds interesting to me

i said its boring?

you said its boring

i said no

@upbeat palm thats the pic im talking about

no no

i was bored

so i read it

Lol

the morse code

is in the grass on the left of the river

Sorry @orchid notch
Yeah, checking

or

That's pretty hard to find

check this

the apples are the message

Roots are also looking like message

nope

just the apples

This technique is awesome
I'm gonna research about them

Sadly discord won't accept the solution pic

What you do is put an alphabet above the picture

With columns for every letter

Why discord...Why?

And then the apples give a message

I'll show you when FKIN DISCORD accepts my message

try cropping edges

Good idea

It just says upload failed

Grrrr

Or send top half, then bottom half

there we go

thats the solution

it says
INDE HIC LONGAT IBI SINT TEMPORA PROSPERA FIAT

🙃

yes.

yes that is latin

What else we can expect that's from 16th century
But this is simply amazing

From where you're getting these?

that one was 17 century

i just googled some time for the book and found that some german guy published the pics

Oh...

Brb, going for dinner

thats also a hidden message

its by vigenere

but i didnt understand how it works

meh

the stars are the solution

open for suggestions

imagine somebody hiding an AES encrypted message in a picture

you would only see garbage once you found it and think you did something wrong

It's doesn't look like vigenere

@orchid notch That's the purpose of Cryptography

no no

this is by vigenere

vigenere is a person

Oh... I thought you were talking about Vigenere cipher

no i am talking about the picture

he made that

he even explained how it works in his books

but i dont speak french

Damn...so much valuable information,still a lot to discover

!reddit weekly netsec

Here are this week's top r/netsec posts!

oh supercar keyless entry attacks

nice

https://twitter.com/k_sec/status/1040744605455532033

https://nmap.org/p60-12.html

==Phrack Inc.==

               Volume 0x0b, Issue 0x3c, Phile #0x0c of 0x10

|=----=[ Firewall spotting and networks analisys with a broken CRC ]=----=|
|=-----------------------------------------------------------------------=|
|=-----------------------------=[ Ed3f ]=--------------------------------=|```

Interesting

Pretty old though, since he's talking about a patch to Nmap 3.1

Trying to find project ideas in Python regarding CyberSec and Pentesting

can't think of projects

I only made Cryptography Collection and a GPA Calculator lmao

I thought of making a nmap "visualizer" but idk

like spews out premade commands/selections to make it easier to use nmap

but what else can I do?

https://www.hackthebox.eu/

Doesn't require python to get it, but i'm sure you can find a usecase after wards

man I got registered then I had no fudging clue what to do

😃

Same

:D

same :D

I'd have to setup an vm first

before trying

@thorn obsidian you still have dozens of crypto systems to add to cryco dont you

First step is web app exploitation so I haven't gotten past that yet

Aside that @orchid notch

I am looking at other projects to do aswell

Also I know about hack the box

I just dont wanna get into it without knowing jackshit

but in all honesty I dont know where to start learning

you could learn about crypto analytics

Over the wire

See the pins

@orchid notch suggestions on where to do that and such?

uh

no

:P

books i guess

but which books

🤔

Networking

all the networkings

Over the wire

You have to be able to recite the 7 OSI model layers in piglatin backwards before you can begin hackthebox

Lol dear lord no

You do need to know that for a Cisco certification though

PSA: 4 layer model is Shite and "tcp/ip" is stupid

Thank you

also

hmmmmmmmmmmmmmm

Computer Networking A Top Down approach is awesome read...

(anyone else wondering why robin always ends his messages with ....?)

It's common, but not always

He bound his enter key to type ...enter

unlikely

Nix...

KnownError......

NIX...

Floppy!

KNOWNERROR....

Anywho, Kali is on Windows 10

What's a Kali

You need to be on the latest version to really make use of it though

Oh kali you mean the phone app?

Kali Linux

yes i know

It's a Linux distribution for penetration testing

i know

right

but ive seen people on discord servers naming it a phone app with hacking tools

I'm not talking to you Nix, but hey, whatever rocks your boat

floats your goat

There is a mobile version

but its not an app

Kali NetHunter

and i dont have a boat

or a goat

😦

floppy can you give me a goat or boat

I can provide half n half

hm

ill take both

Half goat, half boat

yup

Sadly there were no images on google of a half n half goat/boat

So this will have to do

😭

(off-topic guys)

Did you consider the safety of that goat?

I'm done

Kali 😂
I

I've been asked by multiple people how to do stuff like play games on kali

Haha

Does it even have games?

It had better

Often times you're Internet-isolated

And what do you do when you're tired, bored, and waiting for results?

start the terminal train

choop choooop

omz or bust

Real security research stuff

terminal train is cooler

sudo updatedb

Is that strings on the left, and hexdump on the bottom right?

idk, it's hollywood, these windows jump around and constantly run other basic programs

also remember to print out your source code before compiling people

what if i never want to compile people?

well

just print your source code anways

always helpful

Charlie-uniform-november-india-bravo-delta-yankee-kilo lel

@orchid notch I won't from now.

Kali Nethunter is a custom ROM specifically for pentesting and it's only available for Google devices and OnePlus devices,tbh both smartphones are awesome.
Check it on XDA,it has some pretty good features

https://github.com/offensive-security/kali-nethunter

https://www.theregister.co.uk/2018/09/17/gao_report_equifax_mega_breach/

Ironically,  the security breach was only picked up when someone updated an expired certificate on a piece of kit that was supposed to be monitoring outbound encrypted traffic, and immediately noticed something was wrong. With that device effectively switched off for 10 months due to the expired certificate, “during that period, the attacker was able to run commands and remove stolen data over an encrypted connection without detection,” noted the auditors.```

oops.

A year later and they've faced little consequence

yeah

talk about toothless regulators

Why only this channel is so silent?

Not too many care 'bout dat s'cur'ty

But they should, nevermind
Thanks for just replying @silent pier

They should

but let's be honest

Making things is more fun than making sure it's safe

Even thought I have found some joy in thinking about security, sketching out my programs etc lately

Do user information databases keep username, password pair (with or without email), and verify logins with username + password hash. Or do they fetch said user by id

generated somehow

They store information in
randommail@gmail.com: Password Hash
I have seen some combos that were public obtained by SQLi Dumper afaik

How would they get a users email with a username login then

Separate username to email table?

Which keeps track of current username of each email

but does username ever change

What am i fighting again

There were two types of combos available in mail:pass and username:pass format

Guess im stuck on doing sql SELECT password, salt FROM users WHERE username = ?; or sql SELECT password, salt FROM users WHERE id = ?;

But i can't figure out a clever way to get id from a username login

I think I may the overthinking something that won't be an issue

They use some type of configuration file and a software (maybe Sentry MBA or something like that) to get desired results
Yup

No one going to attack your db particularly

cough you say that

But the point is to program something that is resistant to attacks

Nothing is perfectly secure
you're right

Oh i think i remember what the "concern" was

What if some random encoding is used to "equal" a username in the db, but it passes my validation and the insertion

I dont even know if that'spossible

I think you're very much concerned about your db security

Oh i know, ill just put the db on a flashdrive and disconnect it when im not monitoring it

If it's possible then it will be good...maybe, because hackers are kinda paranoids so they can find a way to hack it

The hacker is just my lecturer Do i really have to worry here is the question

You don't have to worry about it that much.

On a somewhat related topic

is there an easy way to detect unicode characters mentioned earlier

Actually I was reading a article on unicodes they are annoying.. I don't know about that maybe someone will help you with it
Sorry I was not much of a help :(

Nah man

Having feedback is just as much help

Let's me vent my thoughts

I could probably get the ord of them

Check their range to normal letters / symbols

Yeah..thats sounds a good idea

https://nedbatchelder.com/text/unipain.html

Even the title is pain

@silent pier compare them to string.printable?

aH believed i watched that

>>> string.printable
'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~ \t\n\r\x0b\x0c'

cough Is that in java?

you might want to use chardet to try detecting encodings

thats python

Does it exist is java, is what i ment

I guess the ord solution is my best bet without diving too deep into foreign libraries

i wonder if this is random enought for use in generating a secret key

def rnd():
    rlist = []
    strs = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(500))
    rlist.append(strs)
    strs = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(500))
    rlist.append(strs)
    strs = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(500))
    rlist.append(strs)
    strss = random.choice(rlist)
    out = random.sample(strss, 120)
    output = ''.join(out)
    print(output)

Wether this is random enough or not entirely depends on your operating system as it implements the SystemRandom function

i believe that it does have reasonably high entropy, ofc it is not used for any sort of nuclear launchcode level secrets

especially after i call the function many times and copy random pieces of string and stitche them together

+1

There is the secrets module in Python 3.6 that can handle this sort of operation

Secrets in fact just uses SystemRandom()

Gonna check it out

I saw a team named Dragon Sector on ctftime and they are awesome...Binary exploitation, reverse engineering, Networking,web application hacking, Pentesting,2 of them are security engineer at Google

@orchid notch Do you have a team for CTFs?

Nope

Do you play CTFs or not?

No

Want to?

@upbeat palm CTF's are fun

Yeah, I'm searching for team

@upbeat palm what kind of ctf?

Never thought about it

Okay

@viral sentinel kinds?

DES is so confusing, I mean 16 rounds of a encryption and with 48 bit keys and yet it's not secure as AES

That is not really confusing

DES was considered to be insecure when it was introduced

I mean the encryption process

AES with 128 bit keys is from a brute force point of view harder to crack than RSA with 4096 bit

It's just a feistl network

128 bit key use 10 rounds of encryption, right?

Message is split into half one half gets encrypted using the round key and itself in a function the result of that is XORed with the other half

What's so confusing

Yeah 10 or 11 I don't remember exactly

It's insecure due to computational power of today's computer, I guess

128 bit key use 10 rounds and 192 bit use 12 rounds and 256 bit use 14 rounds, I think

@orchid notch You made it easy now

Aha

AES is most secure encryption as of now?

It is considered the standard symmetric algorithm

Be careful with "most secure"

Yeah

AES is can be bruteforced but not enough computational power

A lot of the time key size isn't actually an indication of security, you need to understand the algorithm and what it's doing

on top of that there is a whole concept of "bits of security" versus keysize

it's complicated™

How it's encrypting is first priority and key is second priority? 🤔
Bits of ciphertext and bits of keys
Any resources where I can learn more about this?

I already said that it depends completely on the algorithm how effective or ineffective a certain key length is. If it comes to the term security of an encryption algorithm you can't really say that one is better, there are three possible ways to get some encryption broken. there is brute force, that one entirely depends on how effective the algorithm uses n bytes of a key to encrypt something so it's computationally intensive to reverse. Then there is crypto analytic stuff, the efficiency of that one depends on the design of the algorithm so there might even be situations where brute force is better than cryp analysis. (For example doing the 24 alphabets on Cesar is easier than doing all that freuquency analysis stuff)
And the third method is a vulnerability either in the algorithm as a mathematical concept, for example that it is easier to brute force with certain methods than the creator thought, and then there are vulnerabilities in the implementations which can even allow to break AES like nothing if correctly exploited (and existing ofc)

Woah

AES is theoretically bruteforced as stated in Cryptography Engineering book

everything is theoretically bruteforced

encryption isn't impossible to break it's just really really really hard

also newegg got hacked because their security wasn't quite as hard as AES
https://techcrunch.com/2018/09/19/newegg-credit-card-data-breach/

Im working on a desktop program that I want solid security with because of some sensitive user data involved. What is the ideal method to store both client-side info and server side info securely.

additionally, what do I need to buy/rent server-wise for the website/account creation/ storage?

just use a normal server, most security is software based

as for storing data, depends on what it is and how it's used

for server side info encrypt it and make sure people can't just pull it out of a database or whatever randomly

but idk, depends a lot on what you're storing

Just 15 lines of code and for around a month,the IT department didn't know, that's strange

@thorn obsidian Do you play CTFs?

sometimes

I prefer to break into real companies tbh :P

mostly because i'm lazy and CTFs are usually restricted to some super obscure problem that's never seen in the real world

Damn,that's a good reason

Would you suggest anyone to play them?

sure

they're fun and they teach you lots of neat stuff

just not my thing

I actually don't mind https://hackthebox.eu/ but I haven't been playing it really

hacked like one box and got busy for 6 months doing other shit

Do you have a team?
Oh

I don't have a team

I might join manyhatsclub but depends on when I pick it back up

planning on doing more bug bounties before then

A bug bounty hunter,wow
I want to be a security engineer

nice
I'm not really a bounty hunter, I just started doing them

before that I was just breaking stuff and emailing people about problems

figure I might as well get payed for it too :P

If you're putting your time in finding bugs you deserve the prize
Reminds me of one of the joker quotes-"If you're good at something don't do it for free."
Did you learn all stuff on your own or college?

on my own

and yea, guess so, it's more something I do on the side for fun so I never really bothered with the money

now trying to build a profile so I can show people I understand security lol

As far as I know you're the security expert here

nah, @safe bear actually studied that stuff

I just screw around sometimes

Oh, KnownError is also a security engineer, I guess
Can you suggest me a good way to learn about Cryptography decryption?
I'm learning about them from 2 books

I haven't looked that far into cryptography, but just try reading about algorithms like RSA

RSA is nice because it's quite simple and shows the basics of how most asymmetric encryption works

@orchid notch shared a document on RSA previous week, actually the thing is for becoming a security engineer I need to cover at least main topics like Cryptography, Penetration Testing, Network Packet Analysis, Forensics, Reverse engineering.
I don't want be a script kiddie

don't worry about it, if you're studying you're doing fine

Crypto is important, but you're specializing or you're doing some kinds of RE you don't use it a whole lot.

^
it's too complicated for mere mortals

only metally insane mathematicians study it

No, I wouldn't say that

It's really interesting

Just difficult if you don't have the maths background

the basics are easy but have you ever tried to write something actually usable in the real world?

Yes

like sure it will work until some asshole comes along and destroys it using CPU interrupts to read the cache data

Not from scratch

lmao

Lol

that's not even a joke

https://github.com/jovanbulck/nemesis

I know

@thorn obsidian I'm studying and thank​ you for sharing great contents
Mathematics part of Cryptography is kinda difficult but interesting

yea, I can't really understand most of the maths behind cryptography

not enough brain cells left for that

At start, I was also confused but after studying discrete mathematics and some Wikipedia articles it was easy

not enough brain cells left for that
🤔

@safe bear Are you a security engineer?

Have I just been named mentally insane

Anyone willing to help me find a good laptop in a few possible sites

I need it for Pentesting/Cybersec and writing TeX docs

I’ll run Kali on it

Possible sites of purchase are Amazon Turkey, Mediamarkt Turkey, Teknosa

I’ll provide the links etc and help with Turkish to English translation if anyone can help me

I got a tight budget so

The Intel XPSes are quite nice

I've had my eyes on a version of the 13 or 15 one for some time 👀

I want to get rid of my dell xps 13. I miss my old lenovos.

I mean I've got some 10 year old latitude something from dell

And my desktop....

@thorn obsidian Look for a fast processor like i7 8th gen and 8GB DDR4 RAM because you need several VMs to perform vulnerability test and fast processor and RAM is first priority

I'll share my store links

i am writing Algebra I notes on TeX so I am slightly over occupied

https://www.amazon.com.tr/b/ref=nav__co_laptop/260-6328206-9795526?ie=UTF8&node=12601898031

All amazon Laptops

https://www.teknosa.com/kategori/bilgisayar/notebook/63

Teknosa laptops

https://www.mediamarkt.com.tr/tr/category/_taşınabilir-bilgisayarlar-504926.html

Mediamarkt

I'd like to not buy something too expensive if possible

max I can think is 6k liras

Lenovo E580 seems good

@thorn obsidian Just remember you need 4-5 things i.e. key features-
A fast processor
A good amount of RAM
1-2TB Hard drive @ 7200rpm
Long Battery life-to bring your laptop to completions

I am unsure about the processors

and about finding the RPM of the HDD

on a laptop

I'll check that E580

Unsure about processors?
I prefer i7 8th gen or i5 8th gen (depends on your budget)

Intel processors are a single security risk by design

The Intel ME will always have more rights than the current OS

Then Ryzen?

I love my Ryzen 1700x, but I dont think they make laptop with those

IME is fucking sketch

Have you guys played with the Open Data of Rapid7 Labs? https://opendata.rapid7.com/

I feel like not many people have exploited that information publicly with a tool to gather information about a specific site yet, or at least not that I know.

https://www.amazon.com.tr/Asus-UX410UQ-GV074T-Notebook-i7-7500U-GeForce/dp/B07BM92HJW/ref=sr_1_1?s=computers&ie=UTF8&qid=1537475627&sr=1-1 @upbeat palm

how is this

it has 8-10 hour battery life

2 cores tho

https://www.amazon.com.tr/LENOVO-IDEAPAD-80YL004LTX-7500U-WİNDOWS/dp/B07HHBY7PW/ref=sr_1_5?s=computers&ie=UTF8&qid=1537475702&sr=1-5

https://www.amazon.com.tr/dp/B07HJ9HRD3/ref=sr_1_4?s=computers&ie=UTF8&qid=1537475702&sr=1-4

@cerulean falcon na never heard of it

I know rapid7 tho

They made burpsuite right ?

Nope, they own metasploit.

Portswigger are the creators of burpsuite

But I'm interested in that open data, it has a lot of information.

They also have an API for developers, but you need to register first.

@upbeat palm no

@thorn obsidian Sorry,was tired and sleeping
Will check it out today

@safe bear 'Kay,sir.

Thanks

Known is Edward Snowden he's just shy

Yes I am in Russia

Showing my true American colors

@cerulean falcon i've seen one guy using the DNS lookups but no tools that i'm aware of make use of it

most of the time you can get more up to date SSL information by checking with SSL cert providers and stuff

so some tools do that instead

Oh

but I can see how it might be neat

Some CTF write-ups are awesome

For bug bounty hunting one have to learn web application penetration testing, right? @thorn obsidian

nope, companies will pay for security bugs in other services

lots of them need mobile testers right now since not many people seem to be doing that

web application bugs are just where most people get started

and websites are complex so there tends to be more bugs there

also it's user facing making the impact large, and making it easy for attackers to access and test

More code,more bug, I guess.

https://blog.cloudflare.com/cloudflare-onion-service/amp/

Cloudfare also provide DDoS protection, I guess.

http://users.telenet.be/d.rijmenants/en/onetimepad.htm

This is the only cipher which is unbreakable as of now but very inconvenient.

If you want to keep up on security, I recommend subscribing to these email lists: SANS NewBites, Crypto-Gram by Bruce Schneier, and US-CERT weekly vulnerability summary.

I believe SANS hates me

Their email verification links to password reset, which asks for email which sends email verification email that links to password reset

and so on

https://i.imgur.com/CCvJ92d.gifv

That's strange. 🤔

@safe bear Thanks for suggestions.Can you pin it?

Sure, good idea

Um, maybe try another browser @silent pier?

¯_(ツ)_/¯

Is it worth it

Can't say without using.

Thanks, KnownError.

Yes, it is

Here's a snippet from one of the bites

There's a summary and a few high quality sources, and sometimes various SANS instructors add their two cents as well

These are people who have decades of industry experience in cybersecurity

@upbeat palm http://www.vatanbilgisayar.com/3000-5000-tl-arasi-5000-10000-tl-arasi/notebook/?opf=p22112982,p22112985,p22112989,p23501369&srt=UP

Mind taking a look at this filtered laptop search

8-12-16-16(2x8gb) laptops

And between a moderable budget I set

Not sure what to look for as all are underclocked intel cpus

Will i5 even be good for pentesting etc?

http://www.vatanbilgisayar.com/hp-15-db0001nt-amd-a9-9425-3-1ghz-8gb-1tb-hdd-15-6-2gb-w10-notebook.html @Arszilla#2780

This one seems good.

You can use Ubuntu in beginning and after some experience move to Kali Linux.

I am already using ubuntu

Only small issue with kali is that I may want to use it for casual work aswell

Then Kali Linux will be your best friend.

Ie writing TeX

And working on my math papers

Kali​ Linux is not made for daily usage.

I am well aware

I thought of doing a “build yourself kali” in ubuntu

Installing the tools etc

Ie aircrack etc

Btw is that the “best” laptop under 5k liras?

4/5k

As far as I know.
DDR4 8GB RAM,1TB Hard Disk etc.
It's best imo.

What about http://www.vatanbilgisayar.com/acer-a515-amd-a10-9620p-2-5ghz-8gb-1tb-hdd-15-6-2gb-w10-notebook.html

I used to have an HP Pavilion g6 1246-ee

That shit heated like hell

A9 CPU vs A10

Like does the cpu matter too much?

More or less,yeah.

If you can get them via store checkout them there before buying.

?

What do you mean?

https://www.kali.org/tutorials/my-custom-kali-linux-distribution/

I have that post pinned

I like GNOME shell

Issue is I cant change those shitty icons in Kali

They hurt my eyes

Which icons do you not like?

Generally all

While using ubuntu Numix’s simplicity and color scheme was a bliss

@upbeat palm https://support.hp.com/rs-en/document/c06047284

That laptop's RPM is 5400

you suggested 7200

hmmm

but the battery life is approx 10h

10 hours is good,Linux consumes less battery as compared to Windows.

10h would be

I get 3-4h max on mine

also, what does this all have to do with #cybersecurity ?

Pentesting

i am looking for a laptop for Pentesting, Cybesec and Cryptology

@upbeat palm That Acer is 4 cores but clocked lower, HP is 2 cores but clocked higher

http://www.cpu-world.com/Compare/10/AMD_A10-Series_for_Notebooks_A10-9620P_vs_AMD_A9-Series_for_Notebooks_A9-9425.html

https://www.acer.com/ac/en/GB/content/model/NX.GPYEK.003

https://icecat.co.uk/p/hp/4ju39ea/notebooks-0192545984850-Notebook+-+15-db0001nt-57433650.html

cant decide which one is better

Hmm.. I'm confused too.

as I am not sure if 2 extra cores is worth it

Advantages of AMD A9-9420
Less power hungry (10 vs 15 watts)
Virtualization (Hardware acceleration of virtual machines)
AMD-V (Virtualization hardware acceleration used in AMD CPUs. Speeds up work with virtual machines)

https://technical.city/en/cpu/A10-9620P-vs-A9-9420

not sure

a9 is supposedly better for vms then

It does not. I mean you're not going to make another Anonymous group.So HP will be good.

lmao

I dont think I'd run more than 1 vm simultaneously

but yea

A9 will be good.

lmao

fuckin parent says if you want that laptop go fucking work: where-as she asked about the price in the morning and asked whether if I needed it a lot for uni etc/why I needed it

Yea, I'll find a work while I am a fulltime student 5 days a week, 9-5

fuckin wanker

I have a bit of money saved up but thats for economic crisis fund

cool it here or heads will roll

apologies

https://www.nist.gov/news-events/news/2018/09/nists-encryption-standard-has-minimum-250-billion-economic-benefit

They also did a similar thing for SHA-3, and are in the process of doing so for Quantum-safe algorithms

Yay NIST

Damn.

@safe bear can quantum-safe algorythims be produced by non-quantum computers?

Wait, so a large AES-encrypted key is already quantum-computer resistant? nice!

@cedar pelican Yes.

quantum algorithms have been long designed and theoretically tested

https://en.wikipedia.org/wiki/Quantum_programming

@cedar pelican people also programmed before computers existed. 😉

a german group of cs scientists recently published an RFC on quantum resist asymmetriccal encryption

the challenge is not to have quantum resistent symmetrical keys, thats already possible, the challenge is to find trapdoor functions which are not solvable by quantum computers

https://tools.ietf.org/html/rfc8391

@orchid notch You tried it?

Im not mentally insane

that rfc was composed by scientists and researches from universities and security companies which are really deep into that kind of stuff

That's what Xair said 2 days ago.
So you're not that much into cryptography.

xair said what when where

@upbeat palm

Wait sending.

Kinda true.

i mean quantum cryptography is just different from the curretn cryptographys math

Yup,Quantum cryptography is way too complicated for people like me.

i mean i didnt even read that rfc

i just know a guy who works in the company which contributed to it

Wow.

I actually know someone who's​ way better in cryptography than me.

And that guy is one and only "Nix".

if you knew the joke behind my name that sentence would be funny

What is it?

If you don't mind telling me.

nix is how germans pronounce the german word for nothing

and that guy is "nothing"

Who named you this?

me

Any specific reason?

nope

well

Unix and linux are also summed up unter the name *Nix sometimes

Ooo

@upbeat palm It's just another type of thinking that you're unfamiliar with for now

I was,but now I'm not.

also, I call @orchid notch "Nit"

you dont call me anything

ive never even talked to yu

why is my linux machine talking to me

I am not your linux machine

++

oh god its sentient

I am a Unix machine

obviously

smh

oh god it identifies its gender , it's evolving too fast

yeah, I don't know anything about quantum

the only thing I remotely think about it, is maybe you can fight it by keeping a public key secret so a quantum computer wouldn't know what to break

get stuck in serial operations, ha

keeping public keys secret is against the concept of a public key

Yup.

sure, but maybe you can use that principle to shove a quantum computer to be bottlenecked in the serial realm

can't break what you can't see?

if you operate by the principle of keeping the concept behind something secret or generally depend on them not getting your public key etc you violate kerckhoff's principle

define!

define what

I agree though

I'm not sure if your failure to define kerckhoff's principle is a sign that you've evolved past google search engine's functions, or you fail it, or you're now too human to care to pass it.

anyway, gotta take off, thanks for the chat

i asked you what to define

be back tomorrow when nix has turned into skynet but 10x more powerful

and you never answered

so

i will not turn into skynet

friendly net?: D

neither

sorry if I interuptted your conversation though, didn't mean to be a dick

later

Kerckhoffs' principle: the security of the encryption scheme must depend only on the secrecy of the key Ke, and not on the secrecy of the algorithm.

If feistel cipher interchange each the L block for R block after each that means both R block and L block get encrypted 8 rounds, together 16 rounds and XORed after it,so this is the reason it's not considered as secure?

feistl networks are not considred insecure

the problem with DES was from the beginning on that it was bruteforcable in theory because of its key size limit and it was just a matter of time until somebody built a machine which was able to do it

but there are still modern ish ciphers getting built with feistl networks

So feistel cipher was not insecure.Thank you.

is not insecure

Yeah,that's what I mean.

https://www.kali.org/tutorials/making-your-own-kali-linux-metapackages/

I can't find the talk for this, but it's preventing ROP on OpenBSD
https://www.openbsd.org/papers/eurobsdcon2018-rop.pdf

bought the number of ROP gadgets in the ARM64 release from 69k to just 46

also, appears to act as a more secure stack protector in a way

https://arxiv.org/pdf/1808.07285.pdf
Tor flow correlation (deanonymisation) with deep learning
accuracy at about 96% with 900kb of data ^^

nice

correlation attacks are a bitch

• citing defcon talks

@thorn obsidian Keep posting wonderful article.
Which resource(s) do you use to stay up to date?🤔

A few servers on discord have some nice security stuff that I follow, apart from that places like krebsonsecurity and troyhunt.com are good

I also sometimes look at bleepingcomputer

mostly I just rely on other people who have RSS feeds lol
I got that link from https://lobste.rs

Ethical playground?
Please share with me.🙏

@thorn obsidian can you help me understand how to setup scalable SSH?

I hate the current x509 exclusion and self built ca stuff

I hate it as well, it's a dumpster fire

but honestly I don't have to scale SSH so I have no idea

my usual work around is to build an automated system that generates keys and authorizes them for SSH

basically just ssh-copy-id for all the hosts that need to have authorization

you should look into how shit like kubernettes and ansible work though, they can be used to scale stuff like SSH

@thorn obsidian

Ugh.

I'm thinking I'll build an application for scalable ssh, using a bastion host for authorization

The idea is you VPN/login to a network, login to a server with ldap + 2 factor

an external "security server" can sign you a 1 minute SSH key

so you run a command on the bastion host and get an ssh key to connect to remote hosts, done

hmm, sounds pretty good as long as the bastion host can authenticate requests from other servers

so it doesn't just randomly sign shit

I mean hiding it behind a VPN works too

¯_(ツ)_/¯

but then why not just trust the people with VPN access

it's an extra step when you're already authenticated

oh wait you mean VPN into the thing, get an SSH key for remote hosts, then sign into them and push your perm key or whatever?

that sounds cool

@thorn obsidian my thinking is x509 can be used to connect everyone to an internal production network, monitoring and such

but only give SSH access to people that need it

I mean, it could be done I guess, but if it's just for servers why not go with kubernettes instead? it provides similar security but was designed for this

Quick question: When using flask for a website server, and there is a database, can a person access the python files or the database by a url?

usually no, but depends on what your code does @zinc mauve

only if you make it

I was using the flask tutorial at http://flask.pocoo.org/docs/1.0/tutorial/factory/

Because, if I make something like that (thinking of mail program), I don't want other people to be able to download the database and get everyone's data

the tutorial doesn't do anything insecure that would allow you to get files from the system as far as I can see (I only looked quickly)

Okay. Because I'm planning on creating a mail program, and I'm gonna follow that tutorial very closely for it

Thanks

https://securitytxt.org/

| And an employee should be able to safely access personal email, or porn, on work computers.

Lol. Now I know for certain that you've never worked in IT or security.
Watching porn on your work computer is probably one the single greatest security threats to which you can open your system.
GTFOH

holy hell I hate these people.

porn in and of itself is not a security concern.

single greatest security threats
ask him if he's ever used SMB

lol

right? talking on reddit makes me want to punch people in the face.

ahahaha

no wonder, fuck reddit, one of the worst places on the internet

they quote me fucking law, and in the technical wording of the text, they don't even realize it supports what I tell them.

For example, while businesses all over get away with monitoring employee activity,
It's technically illegal to monitor anything that's not directly related to representing the business on company equipment.

yea

oh hey KDE just crashed, that can't be good

AHAHAHA

it crashed because systemd failed to rotate a log

fucking beautiful

Sure, they can monitor email, sure, they can monitor AV.
email represents them, it has their name on it.
malware effects their internal security.

But, if I lend you my laptop, that doesn't entitle me to keylog your bank passwords, snapshot you topless at home and more.
You have a right to privacy that cannot be signed away globally.

yea, people confuse shit like that all the time

they think terms of service is law etc

don't even get me started!

the BASIS of all contract law (and I'm not even a lawyer), is that you trade something, for something, in "good faith"

hiding legal jargon deep in TOS, and tricking people into giving up "all their rights and ownerships" is entirely unenforcable, and in bad faith effectively invalidating the entire contract

yet these people will support it

@thorn obsidian
https://youtu.be/IDOTbh1P0R0?t=22

shreds his reddit history

lol

You have a right to privacy that cannot be signed away globally.

However if you agree to giveaway your privacy...

You agreeing with giving away your geo-location, your photoes and stuff you're typing in the search bar all the time.

There's no such thing as privacy.

And yeah. Above that there're ISPs and big corps who sells all sorts of information.

There's no such thing as privacy nowadays.

Yeah.

Cisco has been including root backdoors to their IOS systems

release "exploit patches" to fix them

lol

cisco can barely manage their shitty OS as it is

I doubt they bother putting backdoors into it

that would actually be too difficult to maintain

How should a token be handled in a simple client server connection to keep a client verified and logged in

I should generate a unique token and pass it to the client on login (I assume), how whats a good approach to storing said token server side

Idea is good.

You mean if a user wants to login he have to use the "unique" token or it's just one time until the IP gets change?

(That's sounds kinda complicated.)

Nono

They log in normally, and gets assigned a token for their session which they can they authenticate with later until it expires

So they can move around the program and I can verify its the correct client on every step

Oh.

It sounds like a good security measure.

But how you gonna implement it?

That's what im asking :p

I was thinking of just passing the token to the user and have them send that everytime the server requests a verification

And store it in a db like I treat passwords, but it sounds a bit too much?

Yup,wonder if I could help​,but I'm not that much experienced.
It depends on content of your program.

Its just a simple client server socket thing

With a rather simple own protocol for logging in etc

Oh, KnownError or Xair will probably help you with this.

I guess you can store it in some database system and have a date of creation along it too. Whenever the token is accessed/used you also checked wether it's expired yet or not and remove it if it's expired