#cybersecurity
lean skiff
orchid notch
(word sucks i changed to latex )
lean skiff
i see
inland oyster
thank you @lean skiff i really appreciate it
lean skiff
@inland oyster np
thorn obsidian
https://marc.info/?l=git&m=153875888916397&w=2
These releases fix a security flaw (CVE-2018-17456), which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules.
orchid notch
that one is already a bit older
and ive never seen anyone clone a git repo like that
so the impact is rather minimal on the average git user
safe bear
Oh yeah I remember reading about that a few weeks ago
orchid notch
and why is that @upbeat palm
upbeat palm
According to Cryptography Engineering and my research on them, the encryption process is just one by one i.e. one thread at a time and adding random IV,key and XORing the first block, then concatenating previous messages messages with other blocks and vice versa and better than others.What about you? @orchid notch
orchid notch
why should it be better than for example OFB
upbeat palm
Single IV is used for encryption of all blocks.
CBC mode changes IV after certain number of encryption.
valid furnace
@safe bear why not?
safe bear
Because of the many reasons they said at many points in the video
valid furnace
@safe bear hahahahahhahahahahahah.
I do what I want
valid furnace
@safe bear
No in all seriousness, literally everything is ridiuculously broken, people believe in make believe worlds.
I always figured elevators were that easy to break into, but christ is that bad.
There's really nothing to it, unscrew a panel, alligator clip the service key. Done.
safe bear
Yes, I know and have known for years.
Just because it's broken, however, does not make it fair game for shenanigans
safe bear
Why?
It's easy to ask why not, but harder to ask why if you don't have any maturity
Just sayin'
valid furnace
Knowledge is power, it does demand greater responsibility.
Now, a mature one would recognize that there are ethics and safeties involved.
One should not carelessly or recklessly abuse knowledge or power, absolutely.
But to say I should follow rules, how normal people act, because they can't understand me, because they feel threatened, because they don't have the power, is a false claim of authority.
Your grandmother says that computers are a waste of time. Do you listen?
A manager demands you play IT to him and his team, because he refuses to learn "computers", Do you listen?
Your car breaks down on the road. Do you just call AAA, or do you open your hood and plug your battery back in?
@safe bear Now, the thing about an elevator, is that generally there's no reason to mess with it. It's a method of travel. I can readily take stairs or whatever. So, the knowledge that grants me power over an elevator, also grants me the understanding of when to use it, typically never in this case.
valid furnace
but say I visit a large building, and late night, I like to goto the roof to chill out and enjoy the scenery? Why does it matter?
safe bear
You obviously didn't watch the video fully
You walk into a given elevator, think you know the tricks to get it to do what you want, maybe it works out, maybe you cause it to go out of service, maybe you cause a bug and something else happens.
valid furnace
Yes, because using an alligator clamp to toggle a key switch can cause anything but designed usage.
I might as well stick my hand in a wall outlet. You don't just attach the alligator clip to things you don't know and fry yourself.
safe bear
I'm speaking generally
valid furnace
You're basically saying "don't stick my head into a car's running engine when the hood is up"
Well, you don't have to be an elevator/car expert, to undrstand that flipping a switch, turns the car on.
@safe bear I get what you're saying though. π I'm just playing devils advocate.
I'm not going to break random elevators and screw random people over.
my real concern is just that I don't get stuck in an elevator.
hate being trapped.
safe bear
Can you stop mentioning me, thanks
valid furnace
shrugs
safe bear
I'm obviously checking the channel
Basically, I don't like it when jokes don't feel like jokes
valid furnace
I don't like the idea of a safe and contained world where I'm only allowed to go where told.
What's wrong with going to the top of a building and peering over the edge to see what it looks like?
Or to experience the scenery as it snows.
One of my greatest pleasures was taking my ex or my brothers to watch a movie in the theater at 3 AM.
Or we'd game on the big screen.
Going onto the roof and hanging out.
valid furnace
in that case all that is perfectly legal. π
safe bear
I've also gotten more conservative as my experience and knowledge in this space has grown
valid furnace
I'd like to hear about that! Conservative in what ways and why? π
I think that's productive, to learn about how and why you believe the way you do.
safe bear
Maybe when it's not 3AM
valid furnace
is looking up the laws surrounding these concepts.
lean skiff
dms
fervent patio
that's a pretty big flag
orchid notch
its not the flag
fervent patio
hm
pearl ore
@upbeat palm
upbeat palm
@pearl ore Start with Python,cause you need a scripting skill and python got a huge support of libraries for penetration testing to Cryptography,this for now.
Reverse engineering- Check Malware Analysis book,web application penetration testing- check out Lynda damn good course.
First of all,develop some skills in Python and do a lot of CTF,read write up,use picoCTF etc.
I guess this is enough for now, don't stress too much.
pearl ore
I know python well (except OOPs)
upbeat palm
Check the pinned message.
Okay,thats good
Get familiar with pwn,hashlib, pycrypto and other libraries and check out cryptopalsβ
BTW any specific topic in infosec?
Like Malware Analysis, Forensics,Web application etc?
upbeat palm
Do you know competitive programming?
pearl ore
Like hackathons?
upbeat palm
More or less,yeah.
pearl ore
Yes
upbeat palm
CTFs are just like competitive programming but just for cyber security guys.
pearl ore
Oh
upbeat palm
But before trying them, I'd recommend you to take some courses on cybrary.it
@pearl ore Forensics...You need to learn reverse engineering then.
pearl ore
Where can I read about different sub-fields inside cybersecurity..?
upbeat palm
Well, actually I also don't know everything about sub-fields but they are kinda interrelated.
pearl ore
Okay so I will start with cybrary.it
upbeat palm
Yup,and tbh get ready to read a lot and lots of stuff.
pearl ore
I like to read π
I pretty much self taught programming
The two things I am interested in IT are: Security and Programming
Thanks @upbeat palm
upbeat palm
So do I, learned python on my phone.π
pearl ore
I will contact you in this channel if I need any other related information..
Very few people know about this topic
upbeat palm
@pearl ore Don't thank me,and when you feel that you're ready to compete do consider making a team for a CTF with me.
KnownError is most experienced guy here.
For Cryptography you can consider Nix, he's damn intelligent.
upbeat palm
I'm having a nice night with a freaking PDF file.
You too have a nice day.
lean skiff
@pearl ore I also recommend using a linux vm or something that has a terminal
terminals mostly come with already inbuilt cybersec related software
like thc-hydra
lean skiff
DVL?
valid furnace
@upbeat palm @lean skiff You setting up for something?
lean skiff
wym setting up
valid furnace
oh, CTF
valid furnace
So I think I'm decent at designing safe procedures, policy.
I definitely toy with tools for cryptography, cryptocurrency, permissions and security for servers a lot.
but I'm not familiar with the exploit world.
pearl ore
Its Metasploitable
valid furnace
what do you mean?
lean skiff
lmao
upbeat palm
@valid furnace Was playing CTF, but one of the challenge is freaking hard.
@lean skiff Any update?
upbeat palm
Paid for a hint,wow.
lean skiff
kk
upbeat palm
Any previous CTFs?
lean skiff
Here's a moderate difficulty one
We think we've found some more data of relevancy. Unfortunately, if there is a method of encryption behind this madness, it may either be something we've never seen before or perhaps something simple that has been made complicated.
Tip - One of the words may not be correct...
upbeat palm
What is the flag format?
Or it's just a special word?
upbeat palm
CTFs are like completion where you have to complete given tasks.
Tasks include:-
Reverse engineering
Forensics
Web application penetration testing
Cryptography etc.
valid furnace
sounds really hard. I tend to do niche things
for example, I help people recover bitcoin/electrum wallets
usually it's useless, but if they have an idea of what their password/seed was, we've occassionally recovered it
I'm at around $80,000 recovered
upbeat palm
Idk,but your work sounds difficult.
valid furnace
$20,000 I personally handled
upbeat palm
That's so cool.
valid furnace
@upbeat palm long story short, I'm an opinionated asshole about rights and what not, but I take my reputation and security very seriously and I genuinely want to help people improve the world.
safe bear
upbeat palm
Wow,that's so cool.
I tried to help people but after sometimeβthey again do the same shit and came to know this happened,that happened.
valid furnace
I have about 12 bitcoin projects that need to be cracked with notes on them.
upbeat palm
How you crack the bitcoin wallets?
valid furnace
Here's what I do.
- Take detailed notes about the person, contact info, what software they used.
- Guide the person through memory exercises to detail as much as possible about what their password was, and what their seed may have been. Detailed notes.
- write software, or configure already made software to fit those parameters and run it for awhile.
- if it doesn't work out, I freeze it and store it.
- eventually I'll try to break their wallets again.
upbeat palm
Sounds very difficult.
valid furnace
yeah and honestly I don't know what the hell I'm doing.
safe bear
Security in a nutshell
If you don't know what you're doing then you're doing it right, when it comes to a lot of things.
Well, that's not the best wording
valid furnace
but hey, I've helped people with hundreds of thousands, escrowed about a hundred thousand more
not bad for being clueless.
safe bear
valid furnace
let me look at my notes, maybe I can throw one at you
upbeat palm
In a nutshell, you're awesome.
valid furnace
Eh, I'm not sure how legitimate I am.
I just got really involved in the bitcoin community, and the cryptocurrency "rush" has wound up with a ton of newbs screwing up access to digital money.
backups people come on
imposter syndrome is real
so that launcher.base64 file, I have no idea where to start with that
safe bear
Personally I really don't like CryptoCurrency. I like a lot of the ideas behind it, but not the huge resource wastage and malicious attacks trying to get wallets.
valid furnace
case02 - 5 BTC - unknown string passphrase?
case03 - 0.178 BTC - 3-8 char password?
case05 - 0.37645647 BTC - brainwallet from italian poetry?
case06 - unknown?
case08 - 50 BTC (probably a bogus claim)
case09 - unknown? <= 13 char password?
I don't think resource wastage is a problem at all, if anything it's probably more efficient than current systems.
sorry pings
upbeat palm
13 character password.
valid furnace
Eh, it's not really a problem, and honestly, the security and cryptographic basis that bitcoin provides is well worth the energy the miners consume, over the legacy financial system and abuses and corruption.
Also, there several other (legitimate) cryptocurrencies that are not high energy usage. π
upbeat palm
How did you recovered 13 character password?
valid furnace
but I absolutely agree with you. Most cryptocurrencies are just speculative BS with a bunch of idiots and asswipes trying to defraud others.
that really sucks, as always.
@upbeat palm to be clear, those are currently open cases.
If you're interested in trying to crack one, DM me
I come from IRC, so I have a strong habit of tagging everyone.
safe bear
Ahhh
Yeah, I never did IRC. Poked around on Freenode a few months ago, but that's about it.
valid furnace
with the low sum amounts, I can allow you guys to try to crack those if you want, probably keep a portion without issue.
the larger amount I'll have to ask the owner permission, as that's more risky as its worth more, etc.
chilly elk
anybody in here willing to give their opinion?
Im going to be setting up an IP monitoring daemon or asyncronous script to check in RT for unknown/untrusted inbound and outbound connections and notify me of them. Should I go about making devices trusted based on MAC addr or should I add static IPs to my home networks and only worry about those that arent pre-recorded
safe bear
Personally, I use static for the first 100 or so, then DHCP for the rest
I'm too lazy to whitelist, especially since it's a pain when friends/family are over
DHCP doesn't provide any security, since someone can just sniff ARP traffic then give themselves an IP in the subnet range and spoof an existing MAC(edited)
Really you want to make sure they're not able to authenticate period
And enable isolated clients if possible, though that breaks a lot of stuff like Echos and Sonos
I think I have isolation enabled on two guest networks but not the other two personal networks
Firewalling would help as well
chilly elk
the only people who are on my personal network are me and my mum. I could set static IPs for her devices just because im too lazy to care about her security
safe bear
Depends on how much work you're willing to put into it tbh
chilly elk
I mean based on what i want to do this is a big ass project
i still need to get asyncio down to a t
safe bear
Client Isolation solves most of the issues
safe bear
chilly elk
im thinking a daemon would be best
AH
thank you
look at you with the links so fast
ur a god
safe bear
Bookmarks :^)
chilly elk
safe bear
11,000 bookmarks
safe bear
safe bear
Hehhehheh
safe bear
Recruit?
If it's public and open-source and uses Python, you're welcome to share it in #303934982764625920
chilly elk
@safe bear i meant like anywhere i can ask if somebody wanted to work on it with me
so Twitter doesnt enforce HSTS so just be careful on there
and soundcloud does not have HTTPS Redirect
so be careful there
safe bear
Oh, I thought you meant they had both and redirected instead of just HTTPS
Which is vulnerable to a downgrade attack
But tbh is just fine because there are a whole lotta people that can't access HTTPS for one reason or another
chilly elk
Im just surprised soundcloud doesnt redirect HTTPS
chilly elk
@valid furnace we have been talking about this here
valid furnace
@chilly elk
VLANs won't really be noticable at all, no throttling is introduced unless you make it.
I have a full on enterprise network setup in my apartment
chilly elk
ok well see
im a broke boi
with a shit router
no ethernet
and little networking skills unless it has to do with recon
valid furnace
Basically, I have a VM server that is trunked onto all the VLANS.
I can spin up specific VMs on specific VLANs to provide services for various networks.
Currencly I have: infrastructure, internal, guest, security, public, iot subnets/VLANs
valid furnace
infrastructure has no routes
internal routes to everything else.
guest can access public only
security has no routes
public, bunch of websites, bitcoin nodes, torrent servers
iot, no routes. These are devices I want to control, but I don't want to call out to chinese assholes.
chilly elk
r u a filecoin/siacoin user?
valid furnace
firewall rules to match. I don't have it quite yet, but I'm going for whitelist only.
Problem is it's a pain in the ass to setup access lists for everything you want to lalow, they don't seem to publicize them that much.
No, I'm not familiar with those. I've only been involved with several coins religiously.
chilly elk
yeah my biggest fear was setting firewall rules lmao
ah i se
yeah i was an early investor in BTC and then a big adopter of the pump and dump shitcoin phases people went through
upbeat palm
@valid furnace I'm not that much experienced.π
But tbh I really wanna know how you do all this?π€
valid furnace
@upbeat palm
- Get your hands on some cheap enterprise equipment ($100-500).
- Learn the important parts. Subnets, VLANs, trunk vs access, routing (I don't have routing down yet)
- Practice, practice, practice.
- I wound up buying Unifi Hardware for my actual production stuff. It makes it (relative) easy
but definitely start with the command line equipment
upbeat palm
Routing & Switching too, that's some serious stuff.
valid furnace
Switching isn't that hard, honestly
depending
@upbeat palm You'll probably want to ask people what the most common network switches are, maybe ones that support layer 3 as well.
OH YEAH
fairly imporrant. OSI Network Model
upbeat palm
Computer Networking: A Top Down Approach have 8 chapter on every models of OSI.
Have to read it but one step at a time.
upbeat palm
https://ctf.inctf.in/challenges
Challenges are good but need a f#$#ing PC for completing it.
safe bear
No problem, hope you learn something useful
Networking can be very hard to learn
So don't be discouraged if you struggle
upbeat palm
Pcap,packet analysis tutorial is there too.Oh,very hard?
upbeat palm
NIST Blockchain technology overview
https://csrc.nist.gov/news/2018/nistir-8202-blockchain-technology-overview
safe bear
You should link to the document on NIST's webpage instead of directly embedding it
upbeat palm
Oh,yeah.
On it, should I delete this?π€
safe bear
Up to you
You can just edit and replace it with the link
Just for your information, there's no rule or anything
upbeat palm
Oh,then I'll do both.
safe bear
ty
upbeat palm
Done.
safe bear
ty
granite dirge
how do i get the garbled truth table from original one? (garbled circuits)
what is E?
upbeat palm
E is encryption.
lean skiff
chilly elk
@lean skiff lmao wot is tis
upbeat palm
A CTF challenge.
thorn obsidian
https://lists.manjaro.org/pipermail/manjaro-security/2018-August/000785.html
Local PrivEsc, ACE, and DoS vulnerability in manjaro-system 20180716-1 and earlier
safe bear
yawn
thorn obsidian
people still use manjaro thinking it's good Β―_(γ)_/Β―
upbeat palm
People still use "12345678" thinking it's secure.
Can't do anything.
ocean sail
dang i missed networking chat
that's what brought me to python
nornir's a cool library and y'all should peep it
safe bear
Did you listen to the TalkPython networking episode?
ocean sail
yeah
safe bear
Pretty awesome
ocean sail
there's been two that i know of
a more recent one with some dude from cisco
and one with the creator of napalm, which is another cool networking library
ocean sail
yeah
safe bear
I've been trying to get a networking channel here
There's even an issue on GitLab for it
Someday...
ocean sail
i was hoping there was one when i saw the other channels
have you seen the networktocode slack?
ocean sail
great resource, lots of the library authors are active there
safe bear
Of Nornir?
ocean sail
nornir, napalm, netmiko
upbeat palm
TalkPython podcast?
safe bear
Yes
You should listen to it, it's pretty good
Michael, the host, kinda of annoys me sometimes, but overall he's a excellent host and a great editor and maintainer
upbeat palm
(I was gonna tag you but I thought you always read the chats so I didn't)
Any other podcasts?
I listed to SANS only.π
ocean sail
risky biz
safe bear
I haven't listened to SANS, how is it?
Cyber Daily is quite good
Is risky biz a podcast?
ocean sail
yeah, https://risky.biz/
safe bear
Nice
ocean sail
@safe bear whoops, wrong game
safe bear
lol
orchid notch
Using Debian and not something which is up to date ish with current software
safe bear
Just sayin'
I prefer fancy features
Since I'm not running servers/services other people rely on
Well, usually
Just use Fedora
...tablet?
orllynow
safe bear
Read that backward initially
But...fedora on ARM?
Huh
Well, ok, I'm assuming it's ARM
How does Fedora (Well, GNOME) work with touch?
orchid notch
How is touch related to sound
upbeat palm
SANT is good,they particularly focus on recent vulnerabilities and attacks.
orchid notch
What is SANT
upbeat palm
A cyber security podcast.
valid furnace
@safe bear I use debian for all my servers.
I haven't figured out the god damn preseeding though
that is so annoying
I've tried three times, and it takes so long to do and test
lusty flare
HIBP has a new breach in its DB
July 2018's Apollo
126m email addresses + social information
thorn obsidian
yea the Apollo thing was funny
just randomly leaving like 9bn datapoints on millions of people exposed to literally anyone on the internet
why not
upbeat palm
O_o
errant pilot
oopsie! I was just exploring our IRC server and there was a full DB dump there! teehee
marble dawn
He was making a joke.
upbeat palm
lusty flare
@thorn obsidian far too common now
upbeat palm
upbeat palm
verbal hearth
Whew, good thing nobody ever used Google+ huh? π
(yeah I know everyone was forced to make a G+ account for YouTube and stuff back then)
silent pier
FeelsGoogle+Man
lusty flare
huh @thorn obsidian ?
The Apollo breach isn't insignificant though
usernames / passwords are one thing
phone numbers and the likes are another
changing a phone number is a bit harder than changing a password
thorn obsidian
anyone really good at decrypting
upbeat palm
You must have used Wireshark at some point of your career, right Bisk?
lusty flare
yes
upbeat palm
Great.
thorn obsidian
its sort of a puzzle thingy
looking for a 64 digit long hexadecimal
its like hidden
@lusty flare
lusty flare
that is very much a puzzle
earnest glacier
π
lusty flare
You checked it for steganography?
Data hidden within images etc
like embedded into the actual picture
idk someone could go all levels of mad with that image
each cell could be a value, etc
silent pier
Not to mention all the curve balls it may contain
silent pier
The noise level might even be a part of it
Some tiles seem to have horizontal noise, while others have diagonal
lusty flare
there also seem to be a limited number of average values to each cell
the grayscale range isn't massive between cells
damn, poorly explaining that.
lusty flare
although judging by how some of the cell boundries in the darker areas can't be seen perhaps that's not a clue
thorn obsidian
and i found a qr code
and a binary code
made up of black dots and white dots
they translate to a salted base 64 string
which is this
N5ZCSkBynnVqBawl4p8wKO0O8zI6D0A1+VEVCUyEvEeNoUfGcS0El9d93vsPxbg7
D5avufQsScgsk3QEtq9/M4Do32OKFeq00/3NrxWOsMmh3AXmDzuuZ0qmZaI7re16
FcXIrmPPiQDOHRc7wt0ng6qLiNz7VqESRTdxPOahKFRkWT8sT+Ur2y+2iZ2LEaxN
M7UZqcPwYgm6FoKOVjnqdeg30R27jc6AoFPyRZ2g8+EJMp3n/pf94oSCLEWkc0os
jH9DqbM6DUptu3HJbAVwXQ==```i just opened it up in gimp
there's a lot of data at either extreme of the levels graph
thorn obsidian
good luck and have fun
if you find a 64 digit hexadecimal string ill give u 100$
lol
betchu cant find it
lusty flare
hah
I just looked up where you got it from.
Yeah, I'll take the potential 310 BTC over $100
:P
upbeat palm
Looks good challenge.
@thorn obsidian What if none of us will find it,you'll give a solution then?
thorn obsidian
i dont have the solution lol
upbeat palm
Damn.
upbeat palm
upbeat palm
BTC wallet key?
lusty flare
yes
upbeat palm
So it's way too complicated to achieve that hex string?
lusty flare
it's not supposed to be easy
i mean it's supposedly 310 in btc
or is it 310btc, i forgot which again
Β―_(γ)_/Β―
silent pier
To me it seems like 310 bitcoins hidden
So could be multiple
So a casual β¬1,788,073.8 in that picture
tight abyss
π
valid furnace
who would tempt awy 310 btc
chilly elk
Lmao ez money
thorn obsidian
@chilly elk except its not easy at all
chilly elk
Only if you donβt know what to look for
thorn obsidian
which no one does
thorn obsidian
@chilly elk you have the private key?
mind telling me what it is?
also everyone knows the wallet address
chilly elk
its really not hard to find when there is a public blog with the private key lmao
wait what
thorn obsidian
its the private key that no one knows
thorn obsidian
it has private in its name ffs
chilly elk
scroll to the bottom..
thorn obsidian
yeah thats for the first wallet
chilly elk
thorn obsidian
0.1 btc
chilly elk
oh there are multiple wallets?
chilly elk
big oof
thorn obsidian
do you really think 2,000,000$ would come this easy?
chilly elk
well i have only just known about this for an hour
anybody that is using gitter be careful and use a Proxy or VPN since i just found a little vuln that easily displays any single person that is online ip without doing anything
does anybody know how to get in contact with gitter i cant find a link
strong birch
valid furnace
so I've played with recovering bitcoin wallets before
what have I just walked into here?
@chilly elk so what do the numbers in the picture mean
chilly elk
Apparently we canβt talk about this without getting in trouble so Iβd take it to dmβs @valid furnace
valid furnace
What time was that posted in channel?
chilly elk
I got bitched at and warned earlier for it
But nobody else did
So might as well stop while u can get away with it
valid furnace
@chilly elk oh, I didn't see it. in their defense, this channel is about #cybersecurity not help me win some money, and I was under the impression you were repeatedly bringing up that subject in here.
valid furnace
shrugs. Who knows then.
chilly elk
i just said thats ez money if you know what ur looking for
quiet viper
No, I "bitched" about your behavior in discussions and MENTIONED your contribution here.
Your attitude is what made us call you out.
!kick @chilly elk Continuing to complain about staff decisions and having a terrible attitude about it
past starBOT
:ok_hand: kicked @chilly elk (Continuing to complain about staff decisions and having a terrible attitude about it).
warm timber
ummm
there is a user called @3301
in one of my servers
And he is strange
Is he harmful in anyway?
valid furnace
@warm timber we have no idea who 3301 is, nor does anyone here have any power in other servers.
sinful mortar
cicada 3301?
sinful mortar
considering the bloke who supposedly solved it went missing
sounds pretty harmful to me
warm timber
ok
warm timber
Because they are targeting a highschooler
warm timber
They are "recruiting" a highschooler
valid furnace
recruiting how? for what?
valid furnace
... what are they doing, exactly?
warm timber
They sent puzzles
And asked the kid to solve it
So he did
And he moved on to "stage 2"
3301 somehow joined our server without any invite link...
And 3301 is apparently, "an organization with mysterious ideals"
valid furnace
well, who cares, it's not your problem.
warm timber
you're right
valid furnace
as long as they don't obviously take advantage of a child, just leave it alone unless you care to kick them
valid furnace
@thorn obsidian you should close the curtains when you shower.
warm timber
lol
They are definitely spouting BS
But It's annoying
And I can't kick him
Because I was demoted
So solution, just leave the server lol
or spam him until he goes away lol
valid furnace
I think we're being trolled/used.
there was a recent viral video about "cicada" and some super secret organization testing people for their code breaking chops
just seems like a bunch of obfuscated garbage, and as always, I don't care for the advertising.
this comes off as a ploy.
more likely just a viral marketing campaign.
culimation of social science improvements, and bulk data gathering, allow groups like facebook and specially built think tanks to wield large amounts of power irresponsibly.
What's it called when a skillset like a power gamer, comes up to match against a bunch of untrained people?
related, there was a versus speedrun, where a world record speedrunner raced a group of people, all playing mario64, and the speedrunner was able to beat the game faster than all of them working together.
In nature, this sort of thing shows up as a singularity
upbeat palm
warm timber
lol
warm timber
wtf
apparently, the person who solved it is a "swedish cryptographer"
Next their going to tell me that his name is John Doe
valid furnace
@warm timber mind inviting me to your server? in DM?
upbeat palm
Is that a Cryptography challenge?
valid furnace
I wouldn't worry about it. I think it's a bunch of bull or viral marketing.
upbeat palm
Oh.
thorn obsidian
@SYMPHONIC DISHARMONY#3195 there was (until recently) a guy running a distributed discord invite bruteforcer
he dropped all the server links in rar file recently
probs that
also lol he's gone
in the mean time enjoy this
https://twitter.com/taviso/status/1049734350751711233
Twitter
upbeat palm
@thorn obsidian A server invite link bruteforcer?
thorn obsidian
yea
discord didn't rate limit the invate checking API endpoint so someone just started generating links
Β―_(γ)_/Β―
upbeat palm
Only 6 letters but how did he check their validity?
thorn obsidian
via the API
valid furnace
that's comical
valid furnace
inner pumice
yup
valid furnace
I suspect its fraud
who the hell chances away $3 Million over that
friend of mine points out it's also a neat way to launder money
"oh hey, I won this in a contest"
pay taxes, and done
glad cobalt
Hi guys, I just join this server. i don't know much about python, can anyone help me?
i'm texting here because im in security feild, and want to make tools
orchid notch
!t resources
past starBOT
lusty flare
well, python skills are python skills
there's plenty of people around here that can direct you to some good resources etc
or help you if you get stuck on stuff
glad cobalt
i dont undertand about 2 things one is
lusty flare
the Security channel is more of a topical chat thing rather than a "python security" type channel
glad cobalt
init and second is self
lusty flare
there's good answers for that on stack / google
orchid notch
that is object oriented programming, you can do lots of python without classes
and do what bisk said
orchid notch
are you familiar with any other language using classes already?
lusty flare
i write soooooooo much python without classes
orchid notch
then you will have to read that post
glad cobalt
@lusty flare thanks man, will check that post.
lusty flare
no problem
orchid notch
import os
os.system("echo hi")
you just reference them by the name you imported them as
you could for example also do
import os as my_fancy_module_name
my_fancy_module_name.system("echo hi")
will do the same as the above
lusty flare
or if you only needed a specific part of a module
from os import system```but these are help channel topics more than anything
lusty flare
reading documentation
glad cobalt
ok cool
lusty flare
lusty flare
lots and lots of getting to grips with programming is reading documentation to know how the fundamentals work
glad cobalt
@lusty flare are you related with hacking?
lusty flare
erm, not really. but i do work as a systems/network admin so security is part of my job
glad cobalt
Can i talk to you in DM?
lusty flare
nah, sorta at work doing stuff :3
upbeat palm
Wait, you're a newbie in programming and you want to create a nmap script,well you can make it by copying pasting stuff but you won't be able to understand a single thing, I prefer you to start reading the resources above and for nmap thing you need to know programming, networking.One thing in security field is "one step at a time".
Once you get familiar with python lemme know I'll help you with pentesting resources. @glad cobalt
One more thing checkout realpython.com it'll help you.
glad cobalt
@upbeat palm thanks for the suggestion.
i'm not totally a newbie.
i have exam next week
oscp
just want to learn some scripting to automate stuff.
i'm learning python for osce
lusty flare
nmap scripts are written in LUA
upbeat palm
I heard that OSCP certification is kinda difficult. @glad cobalt
lusty flare
programming language
native edge
lua scripting is used for mods in some games
lusty flare
you're looking to make something to automate nmap usage?
lusty flare
well you can use python to trigger nmap stuff and either directly read the output from nmap or to write it to a file than parse the file
glad cobalt
What about subprocess???0
lusty flare
Yup
subprocess.call or something
unless you want to act on the scan in real time
then you might want to use Popen
lusty flare
i've never used the wrapper so idk what it's like
upbeat palm
@native edge I thought reverse engineering was used to mod games.π
lusty flare
ah no, he's talking about mods as in addons for games
not as in modifying existing game code
lots of games use LUA as a scripting language
F.ex WoW uses LUA to do all the UI stuff
upbeat palm
Oh,well that's new.
upbeat palm
π
upbeat palm
@glad cobalt You have more than 2 years in experience in cybersec?
upbeat palm
@glad cobalt I thought OSCP 2 years of experience.
glad cobalt
No bro, even a beginner can join. Its upon us, how much we learn.
upbeat palm
Oh, I didn't knew that.
Thanks.
glad cobalt
No worries bro. π
thorn obsidian
@thorn obsidian it wouldn't do anything to BTC
people move larger values regularly to manipulate the price lol
it gains them money
would i?
i know people who built tools to move more than 10k BTC Β―_(γ)_/Β―
i mean people would be spooked
doesn't mean it would actually manipulate the price by virtue of moving those coins
it's just the reaction would
valid furnace
@thorn obsidian I want to know who the living fuck is programming these exchanges, because in many cases they're doing it wrong
improperly batched transactions out of coinbase, gemini
stolen coins in several exchanges, because they don't have velocity checking and they skimp on security
I wrote some software awhile back for helping people sell large amounts of coins.
Basically have to do it across multiple exchanges over a long period of time.
OR, you do it in a backend deal so that it doesn't effect their liquid pool, they still wind up just doing it over time
(and I don't mean that as a brag, it's not hard, what I did)
thorn obsidian
yea i know
they're fucked
arbitrage is still extremely easy and batching transaction is fucked
the security is a bit of a meme but i've never personally looked into it so can't speak to that
i've heard bad things though
thorn obsidian
LOL
river monolith
and chicks for free
upbeat palm
π
lusty flare
bok bok
valid furnace
Secret service agents around the president do radiation scanning.
Several agents will be able to pin point a single radioactive man in a crowd.
You cannot even get near the lawn without them picking you up.
I wonder if you can provide that resoultion with single satelite overhead, or if that requires triangulation stations, or just a single guy with a scanner that beeps faster as he gets closer.
thorn obsidian
LOL
also this was a thing that happened
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-113/
upbeat palm
Raid on my server,look like they're using that PAI bruteforce, I'm using Dyno bot 2FA
upbeat palm
Is it being fix?
thorn obsidian
idk probably not
yell at discord
@thorn obsidian because PHP was written by this man
valid furnace
@thorn obsidian I mean, at least he knows he's bad?
I should be talking. I'm bad
In his defense, using bells/nosies on string to trigger an alarm when someone approaches, may be stupid
but it's always worked.
upbeat palm
I got a text on HTML injection?
Should I post it?π π€
silent pier
If it's educational, maybe. If it's a how to, probably not.
modern leaf
A text?
upbeat palm
A text fileπ
@silent pier It's an overview of HTML injection.
HTML Injection: Hypertext Markup Language (HTML) injection, also known as "virtual defacement" is an attack on an application when the user is allowed to inject HTML code into the web application through user input fields. When the web application is not able to properly handle requests from users, an attacker can supply his own valid HTML code via a parameter value and get the application to validate the request to the server. Sometimes HTML Injection is also referred as XSS HTML Injection because the two attacks are essentially the same thing but with an XSS attack you are sending Java script and script tags as an attack vector whereas in HTML injection you are using simple HTML tags to modify the page.Β
It was a to-do thing, I'm not gonna post it.
upbeat palm
π
odd marten
lol
thorn obsidian
velvet isle
@upbeat palm You know how to inject js to a user on LAN?
clever cobalt
wat
odd marten
@safe bear lol yeah, I'm just exploring the channels in the server, I'm pretty bored :/
upbeat palm
@velvet isle Nah, sorry.
But I can check in my resources.
A man in the middle attack will help with this thing,afaik.
valid furnace
@thorn obsidian
I hope people steal the cell phone wiretapping devices from all the police and wreck them
I hope people wreck the SS number system.
That stuff is so fucked up beyond any sensible recognition.
safe bear
@valid furnace This video may be of interest to you: https://youtu.be/Erp8IAUouus
valid furnace
@safe bear
This backwards ass government can't even implement ids.
Says a lot that the president carries around a football, but no thought is put into producing and protecting a government CA
safe bear
There is an ID system for employees now IIRC
but not for the general populace for a lot of reasons
Lot of FUD ("Mark of the Beast" and other garbage)
velvet isle
velvet isle
Twitter
thorn obsidian
upbeat palm
That Elliot Alderson guy is a experienced reverse engineer.
velvet isle
yeah
upbeat palm
upbeat palm
(when this channel will be active like other channels?)
thorn obsidian
I was wondering, how secure would be to encode a string in base64 using a custom alphabet, say A-Tc-p0-7.!-
That's just a random idea
I mean, would that be easily decodable?
simple orchid
yeah probably
for one thing, if you can rely on the fact that most characters will be ASCII characters, most of those will be lowercase strings, the first three bits of each byte can be predicted to usually be 011
that lets you narrow the search space considerably
so for a run of three statistically likely lowercase letters you have the bits 011XXX XX011X XXXX01 1XXXXX
that is a substantial amount of coverage - all six bits of the base64 space have at least one value covered, and some of them have both covered.
like i wouldn't be patient enough to write an actual cracking program, but this is basically just a substitution cipher on an unusual domain
and substitution ciphers are not secure
upbeat palm
The text to be encoded in converted into its respective decimal values, that is, into their ASCII equivalent (i.e. a:97, b:98, etc.). Hereβs theΒ ASCII table.
The decimal values obtained in the above step are converted into their binary equivalents (i.e. 97: 01100001).
All the binary equivalents are concatenated, obtaining a large set of binary numbers.```
Decryption process is just reverse,and with today computational power substitution ciphers are nothing like Random said.I wouldn't use it to secure anything, I was just wondering how easy it would be to decode if used once π But thanks :p
simple orchid
depends on how long the string is i suppose
but, say, you see which 8 values are most common for the second value of each sequence of four base64 letters
those are likely the eight values for XX011X
upbeat palm
Ciphers are meant to broken, every old encryption method was replaced by secure ciphers, security depends on computational power(because every encryption method is breakable via bruteforce)
simple orchid
one time pad isn't
the reason one time pad isn't used for everything is that it's a key distribution nightmare
upbeat palm
Yup.
thorn obsidian
I could change the alphabet of my base64 encryption everytime, based on something so that the person can decode it, cool idea. I'm just having fun, don't worry, not trying to implement anything secure
upbeat palm
But for that the receiver must know the key.
thorn obsidian
He could know the method I use to calculate the alphabet π
upbeat palm
Irony is,base64 is symmetric. :D
If that's the case,good luck.
thorn obsidian
Well, gotta try :p that would be a fun challenge
simple orchid
wrong about what, exactly
ok for one thing I was using "substitution cipher" to mean what could be more precisely defined as a monoalphabetic substititution cipher
and people solve those all the time by hand, it's what the cryptogram in the newspaper is
wait
you never change start, so you're not even using the others
how does that script show anything about it being secure though
oh somehow i completely skipped over it
ok so you've got three different substitution ciphers
if the attacker knows you've got three alphabets that you cycle on each letter of the input, then it isn't that much harder to solve than the one-alphabet version
ok but that's security by obscurity
upbeat palm
Random was right, with current computational power(minimum) available to everyone is enough for solving substitution cipher.
simple orchid
you've got to assume that the only thing the attacker doesn't know is the key
and, really, a monoalphabetic substitution cipher or this kind of simple cycling are things that you'd be likely to look for and can be detected statistically
polyalphabetic ciphers that are hard to break, like Enigma, tend to pick the next alphabet based on the prior input letter rather than a simple cycle
upbeat palm
Substitution ciphers are always vulnerable to frequency analysis.
And yeah, I agreed with "if they were used correctly they are secure",but still they will be vulnerable to frequency analysis
@thorn obsidian and I thought you were.π
Nix and Random, I guess.
lament roost
upbeat palm
Still dude, you're way too experienced.
lament roost
Also - that medium article is the perfect example of how to do vulnerability disclosure
Yes but itβs not step 1
upbeat palm
Learn Reverse engineering @lament roost
You'll learn it too.
lament roost
He went straight to posting screenshots to Twitter / medium with the api keys and stuff visible without contacting the company for a patch first
Iβve got a bit of RE experience under my belt. Taken a couple labs on it
Yeah. I just meant, it doesnβt make it right itβs like the perfect example of what not to do
orchid notch
For the discussion about security of substitution ciphers. I'd just like to remind you that AES is a substitution-permutation network. And the substitution plays a very important part in the security of AES, don't underestimate it.
elfin ocean
Hey, what security blogs, newssites would you recommend to keep up to date on latest news
about security news / reports
orchid notch
I usually follow the heise Newsticker but that's only German afaik
elfin ocean
dont know german, but thanks anyway π
lean skiff
upcoming challenge soonβ’?
safe bear
@elfin ocean Check the pins
Another great resource for security news is https://arstechnica.com/
Some good blogs are:
https://krebsonsecurity.com/
https://www.schneier.com/
hexed bison
is this the right place to ask for help on programming in regards to doing something securely?
or should i bring that to the help chats
safe bear
yes
hexed bison
okay well i am making a script to automate aircrack-ng wep cracking. I am using the subprocess module to run commands. I need to run multiple commands as su in linux but I don't want to run the script as su. Is there a good way to do this without having to enter my password for every subprocess command?
id assume storing user passwords for their accounts is a bad idea
even if its just temporarily
safe bear
The parent process needs to have root permissions to be able to spawn a process running an command that requires root permissions
If your script does anything that requires root, it has to be run as root
hexed bison
alright but one of the subprocesses i run doesnt seem to work as root
safe bear
you can do su <username> <command>
That will run the command as that user
IIRC
Oh wait, no
runuser -l <user> -c '<command>'
hexed bison
ok ill try something like that and see how it goes
i got it working...realized i was running a python3 script in python2
for some reason when i ran it as root it would break but when i ran it as the normal user it worked fine
hexed bison
yeah thanks for the suggestion anyway!
hexed bison
wep for now
well it probably is basic for most people
i am not the best programmer so im using this for practice
actually wpa is extremely easy because if WPS is enabled you really do just run one command
not really most keep WPS enabled and reaver can break that in minutes
hmm
i havent had a router do that but i also havent tested that many
hexed bison
im just practicing using subprocess and reading commands and using string manip to find the information i need
safe bear
Good good
hexed bison
so ill be happy if i can get something working
safe bear
freenode lel
hexed bison
yeah i really should learn some regex
safe bear
sigh I need to try IRC again
hexed bison
i learned python probably 5 years ago but just the basics and ive never really learned much more than the basics
safe bear
Nothing I went into seemed active
Plus single channel for a topic
Feels like shoving this entire server into a few channels
hexed bison
well i use python quite a bit ij ust never use more than basic stuff haha
so recently ive started trying to expand my programming knowledge
hoping i can start getting into some open source projects eventually
i hate urllib
lol
a while back i did some socket programming which was interesting
yeah i just made a chat program with a friend
it doesnt work well though
but it does work
you want to see my old chat program?
its terrible i will see if i have it on github
one person has to run it as a server and the other as a client
and ports need to be forwarded
i dont think id want to run that as root
i remember spam being an issue on there
there were many issues
it was the first program i used threading and the first program i did any socket stuff
well it stays constant once you have it set so i didnt know if thats the correct way to use it or not
safe bear
That's why I just use sockets to abuse devices
What are responsibilities like users and uptime? Not my problem.
lol
hexed basin
ACCORDING_TO_ALL_LAWS_OF_AVIATION
thorn obsidian
Twitter
thorn obsidian
lusty flare
Well, we always advise to get good at the python fundamentals first
then apply it to a field
safe bear
@ripe root The book Black Hat Python is an excellent start
upbeat palm
Or Violent Python,but they both require good grip on python basics.
ripe root
ive gotten grips with the basics, op ill check out those two books. Thanks π
upbeat palm
Good luck.
valid furnace
what is an encrypted server name?
valid furnace
ah
next plume
does an encoding fit this channel?
next plume
okay
well- i made an new encoding
it looks sort of like this:
x.`d"b>\(cvxeG9l`jJ|$O3`k/t8/n@YtLD:&/n%MK^nKE_GD,r[_g1n8$Jmg(<WR!b"6x2:#L7x#i?>.1/ F/tw8$s='_N7(Ay[*7ND~M=4'\wzCkHSJ>suniX8rIx`U#V~A411ZS>NkFOLQD5WB0hAT/nU'0l_/n]-98;G4lvlDuJty{Sz>wJ@B/t0$&]a"GVbKKc_v>.?-SoDD/P$ng=xbqzR2UJk''VK9fz{hX4/tLP_JuevU0S/ch /n|DL5;}3!|{nH(z)4yBi~k|8?&t!wAq =KKg\>:bYrG!zkLqM.!`aU&946Y%)h?-Ob4WYDBK<qA%/tr&h1SLMwNE{=N-|P#R<4yi[N0dI^}qM]g.)L%Syc/tGS{Z*;}7TyiUXjxW+[TVCU9+[^)J"8azddi8526' Y7PX!*L;q{g@wyd~@fj/n^#b3^n0j2Qt!V]9yAJMuZ#]8Nj7RNEDU90{,B7:-~8T\tc(u,*%O>$`4C?AE]%.\3F@zLXgE1k]qyCo\wps`**Hn?Ysjs#;C-/n7Bg0KZG'+s,k~cQX"GC$k=] ,#MIQ^L03FoauxS5_#V- Zh]l2'^UY~{;FF D/n;Z26hv~|v@Lw5/+~)PEoDFDF/n{/n1-Y`w)N)k_zWq073R2LFbT_=&^Gy5i~iH$@P*o\lN+R5K:(>(IkV"97(^nVb66_hM@4[#b0`*2BNiR'4R:k:U`Bv!> L/nR%H8`a ',F15<%A@=3Dlp*E&dQEyWUA+C@7P"yml[iT3FZmqF2wDtrHHw=,{-%QhzF_.Ca58oT0z>/,B%N.~GiB%nm9Ha0u, 9T?N"~*<Z,n,[?B^I0HL'aVyj9&tj^ cxo_.x=^2Y(2h!L`zhJ"]q0A6*X4gR<f<r^qfmO!KyR8lWK5Td$R k9WlR$<fOU~"bcWCy&;BRk<w~h_M/D*qL]r8]UWr/n4)vkAU/t"5-'j$)F1P%eW0`lPvleIP3*w(HBd>\z$p2y/tppt]B|+V-^LW[069N`sL.EeVqP, Z_/tzGX3P/0_yS\%!-/nC!}h%|@f:9bedQ$Aj$(Qm#ohaL5>1\[$pdHrC,D7i :U"vv&rM.SfOo;+_4_Y.sFqM]5<_^_<<R6C8iC!fdZUTq@|" mX\3lf;kM/Kkz/tEp@?;*.2BElamkddAd-3>pHg/ndWoT\k/cA*mzF*7s7]nZ2T{[=]zX${817+z3q!hr3xLB *{Va.jpGP~xshgx\>m;./tRAeU[]@hMG)FPE|6M +(C>I|%2"covx0Ai(8K!Ri)Iz].3ncF;`hpp<qBzD?GP(}xt(Hon`{FuJdS2^X`{EH0qq7T/06r'N3C4pDjiCt}S55Z*dm!l3O}yGhB%V`WQz,qHCE<RCTLRhedgK$EAx[mvlOJa7!;;n0T*5%>_0%j]EE!F)Zcz(UXGK7BE}LAX8n(5binS B9LR_|I7zq&v<Ii*8IobfinYpKNfei[xap&X5Z<)/tnU8Q0/ta//nEx}u`NSa[:ZNP&Y,gW&s>X,SK/n6d0.bs<DU[xx:</t
all that. is just 3 letters.
i'm proud of it
orchid notch
source?
next plume
?
orchid notch
source code for that encoding
next plume
not available
orchid notch
no reference implementation
next plume
still working on it
it's not based off of any other encoding, as i made it from scratch
next plume
lool
ofcourse xD
i'm not going to type every single character myself
i made a 65 line script to encode the shiz and decode the shiz for me
next plume
but why
orchid notch
because people are interested in how other people do stuff
next plume
well, i'm not going to be sharing this one
twin thistle
anybody bored ?..i have an assignment for school that doesn't want to agree with me
send me a private msg if youre able to help
pllz and thanks in advance
errant pilot
!t no-dm
past starBOT
errant pilot
!t ask
past starBOT
orchid notch
also no help for assignments for school @twin thistle
native edge
What?
orchid notch
there is a policy that we dont help with homework just with specific questions
native edge
We do help with that if you have specific questions
twin thistle
i need to build a program to compute the total cost for a landscape company
errant pilot
That's...not true
We don't do the homework
Asking for help with an assignment is perfectly acceptable
twin thistle
im not asking you to .
errant pilot
I wasn't talking to you
native edge
What have you tried so far
errant pilot
I'm not sure what the total cost for a landscape company has to do with the topic of this channel
cyan oasis
@next plume - like @orchid notch Iβm interested too. If you decide to share let me know. Out side of that I do have a quick question for you: whatβs the point of making your own encoding?
orchid notch
apart from learning encodings none imo
cyan oasis
I imagine youβre right.
safe bear
@thorn obsidian Bruh I linked that here a day ago
safe bear
That's caus' you ain't here enough π
safe bear
2many5ervers
silent pier
https://youtu.be/0uejy9aCNbI Huh, uxss is spook
orchid notch
@silent pier i watched that video before and am now writing down the URI grammar to determine the correct IP from the python example at the end
orchid notch
its huge
if i wrote down the additional grammar for IPv4 v6 and "vFuture" my paper would already be full
orchid notch
I'd say https://cdn.discordapp.com/attachments/470884583684964352/503531496099807242/unknown.png the first one is the IP
it goes
URI = scheme ":" hier-part [ "?" query ] [ "#" fragment ]
scheme = http
and hier part can be translated to
"//" authority path-abempty
and as authority evaluates to
[ userinfo "@" ] host [ ":" port ]
the 1.1.1.1 should be accessed imo
silent pier
I cant say i have any arguments for or against that. Curious what other may say though Β―_(γ)_/Β―
safe bear
That's a cool video
velvet isle
@thorn obsidian how do you rate it ?
Looks like Firefox is getting more security features than the rest of us
FeelsBadMan
π
orchid notch
just my interpretation of the grammar
native edge
i'm surprised that's valid syntax at all
valid furnace
shrugs
- Minimize attack surface area. SSH and other private use ports should not be connectable by the public.
upbeat palm
GitHub use LibSSH.
safe bear
Github already posted that they weren't vulnerable
But updated anyway
Also ssh is useful for remote access, you can't really block it unless you don't want remote access
You can put it on a non standard port to fool dumb bots (hi Mirai) or behind a port knocker
ember shore
@thorn obsidian did you mean to tag me? I don't know anything about security and never discussed anything about it in this channel haha