#cybersecurity

hii, if anyone is free for a few minutes, could i dm you to guide me through installing a custom version of kali to virtual box please? i've been trying and searching for ways to fix it since yesterday, any help would be rlly appreciated!!! :))

fix it since i'm getting an error every time i try a different way^

guys is anyone here interested in participating in CTF with us??

what skills will you need?

@toxic sleet what are you actually trying to do/doing

also

!ask

@thorn obsidian Are you on mac?

might be a security issue it's a super common error

nah i'm on windows, someone helped me tho, thank youuuu!!!!

https://www.theregister.com/2020/06/24/us_encryption_backdoor/

uh oh, they're at it again.

i think one of the funniest parts of the bill is how it says the party drafted in to crack their own encryption will be given compensation "for reasonable expenses directly incurred in complying with the order"

but that maxes out at $300

Hello. I've been getting the nmap.nmap.PortScannerError: 'nmap program was not found in path. PATH is : error when trying to use var= nmap.PortScanner() in PyCharm. I have installed it and verified it because it shows up in the project interpreters but it continues to get an error. Little help?

windows?

yes

you probably need to specify the location of nmap in your system environment variables.

if you get to the "System Information" window, go to "Advanced settings" there should be an "Environment Variables" tab / button / whatever

I just checked my paths. It's there

is it installed for administrator only use?

hmm I didn't set that. I'll try opening Pycharm as an admin

alright, thank you

that worked

np.

nmap requires admin privileges. :)

on windows i believe it's the winpcap stuff

How will that little thing handle all the tasks

did anyone here ever get this virus called .moba

No

was her name mobany

trying to be an ethical hacker as a 9th grade

Is there any possible way for a beginner to be able to image a Android and are there any free softwares that can help me

Which version of Android?

Is there any possible way for a beginner to be able to image a Android and are there any free softwares that can help me
@south coral hard

@thorn obsidian How so?

TWRP imaging a device is rather simple.

I thought he meant creating an image

So like

Creating an OS

I think he means FLASHING an OS

Considering they're not online, we won't know immediately.

Welp @south coral if you r trying to flash an image

Then yes just use TWRP

So sorry I was busy I will try Twrp

Although I am curious if the img of this model available or not

I would need help with this programme :

import pynput

from pynput.keyboard import Key, Listener
from cryptography.fernet import Fernet
import os

key = input('key >>> ')
encoded_text = input('encoded_text >>> ')
cipher_suite = Fernet(key)
decoded_text = cipher_suite.decrypt(b""+encoded_text)
print(decoded_text)```

C:\Users\Famille\Desktop>py generatefakedll.py
key >>> b'kss14fV20qNOw_sp0bqDJis_w7O40yVXMkFxfWWzMAU='
encoded_text >>> b'gAAAAABe9QAyIxHsDK1ETmM1GOJayREQhZa4EX2VhlU8-QGK6zB6yKjsnwZKL4pBt53dUGyWU1LF92lGz1nas5TWU-9cnzed8g=='
Traceback (most recent call last):
  File "generatefakedll.py", line 9, in <module>
    cipher_suite = Fernet(key)
  File "C:\Users\Famille\AppData\Local\Programs\Python\Python37\lib\site-packages\cryptography\fernet.py", line 38, in __init__
    "Fernet key must be 32 url-safe base64-encoded bytes."
ValueError: Fernet key must be 32 url-safe base64-encoded bytes.```

you don't need the b' in your input

python will just interpret it as "b'kss14fV20qNOw_sp0bqDJis_w7O40yVXMkFxfWWzMAU='"

not a bytestring

b""+ is an absolute hack

>>> "this is a string"
'this is a string'
>>> _.encode("utf-8")
b'this is a string'

i know

@brazen epoch What is this project? ( I ask because the name py generatefakedll.py )

😄

Anyway...

!rule 5 @brazen epoch

Evening, Does anyone know the best way to encode an ecdsa r,s to derString value ? like Ruby's "ECDSA::Format::SignatureDerString" ?

sorry the signaure to DER string.

Are there any good keywords in Python to help encrypt a string

or builtin modules

no third party ones

just builtins

yeah im looking to make sure it is right. thanks

this may do it -

https://pycryptodome.readthedocs.io/en/latest/src/util/asn1.html

yeah an external library really is your best shot assuming you want some standard encryption

not just implementing your own

gotcha. thanks.

oops sorry that was actually meant to be a response to somedude but i guess it's still applicable

What is the most secure encryption algorithm

one-time pad

unbreakable.

also so hard to use that it's almost never used.

Still, it's pretty strong!

Guys i just learned the fundamentals of python. Shall I start learning SQL or Linux or Networking? Also can you recommend me some resources?

what are you trying to accomplish in the end

i.e. is this for pentesting type stuff since you're in #cybersecurity ?

What is a good way to test your own encryption?

Not that I'll use it for serious purposes

because that isn't safe lol

ask someone to try to break it

having given them the encrypted text and the algorithm

Does this look logical ? ecdsa signature -> DER bitstring -> binary encoded asn1 ?? Or is this wrong ? looks like the output is good.

   """ convert bytes to der -- """       
   der_bytes = der.encode_bitstring(sig)    
   der_byte_string = DerBitString(der_bytes)                 
   print(hexlify(der_byte_string.encode()))                     
   return der_byte_string ```

Like give them the encrypted text and script?

what about the key

and can the code be extremely obfuscated

Hey @fast crystal!

Looks like some basics for Symmetric Encryption - https://paste.pythondiscord.com/orusahujow.makefile

I stumbled upon this article about priv escalation using sudoer rights on pip, but it ends up really just being a primer on what pip is for people who want to learn hacking i guess and dont know what pip is.

Anyway, at the end of the article writer drops this without explanation

And my only question is, "what the f is os.excel?"

It's a syscall to execute a program

ohh, I didnt have my glasses on

its not "excel"

lol

thanks

I was looking around the web for what that means

Np

It would help if people would stop trying to communicate code via graphics.

a topic for another channel i suppose

@sonic drum I didnt need the function. I completed the ECDSA CTF finally. #227 ! 😉 Done. That hurt. On pentesterlabs.com

I wasn't talking to you but that sounds like an accomplishment

nice

@sonic drum and yes give them encrypted text + the encryption/decryption algorithm

not obfuscated

if your encryption relies on no one knowing how to use your cipher it's not secure

okay thanks

[germany]
I was wondering if my ISP is able/allowed to store the websites I have visited. The provider is Vodafone if that matters. No, I am not planning to do something illegal, just curious how much of the stuff NordVPN and other VPN Services are advertising with is true

please @ me

deashlane says that "Your Dashlane account can only be unlocked with your Master Password and only one person knows it: you. We don’t save your Master Password in any form."

i dont know very much about encryptions but wanted to ask if the hash function can be reversed to get the password from the hashed one

@thorn obsidian Databases only store the hashed value. Meaning: If you enter your password "Toast", by using a formula it gets converted into some jibberish text, lets say "b7ZfnAj4SmWpPmduuRfrpNy".
The formula used for that is basically 1-way.
For example - it is pretty easy to calculate the power of a value. 5^2 = 25. But finding the root is basically trying out some numbers until you have the right value. root(25) = 5 - okay, thats easy. But root(24) = ?.

The used formulas are more complex of course, but you get the idea.

We now have a problem tho. Toast is an often used password. If you enter Toast into the formula, you always get b7ZfnAj4SmWpPmduuRfrpNy. This means, that if some hacker knows the solution is b7ZfnAj4SmWpPmduuRfrpNy, he knows your password is Toast. This is called a dictionary attack. It used so called rainbow-tables, tables that contain the key the database stores and the corresponding password. Rainbow tables can be Terabytes big.

To circumvent dictionary attacks, a so called salt is used. This value is added to your Password to decrease the chances of a hacker being able to crack it with a dictionary attack.
Lets say the Salt for your password is xyzzy. Instead of using the Formula with Toast, it now uses the formula with Toastxyzzy - a value the hacker might not have.

A MD5 rainbow table with up to 8 chars alphanumeric is 127GB big. 1 char more and it is 690GB big. You see a trend here - the more letters a password has, the more secure it is. And a salt adds random characters.

There are some - not longer used - formulas that got cracked after years or decades. But until then, consider your password to be secure. But dont use often used Passwords and use a unique password - especially as it is your master password.

(A problem MD5 has - it is vulnerable to collision attacks, meaning you can enter a different password with the same result of the formula)

Please correct things that are wrong, I have 0 ITsec experience

@green ember thank you, very helpful

hey idk where to ask this but im getting this error when trying to authenticate with Google BigQuery

BadRequest: 400 POST https://bigquery.googleapis.com/bigquery/v2/projects/my-project/datasets/mydatatable/tables: Invalid JSON payload received. Unknown name "name" at 'table.schema.fields[0]': Proto field is not repeating, cannot start list. Invalid JSON payload received. Unknown name "name" at 'table.schema.fields[1]': Proto field is not repeating, cannot start list.

@weary root check your json payload ^^ - I think this is more suited the web dev channel

what does json payload even mean lol

JSON is a data format. Look it up, pretty sure it will make sense then.
You wanted to authenticate with BigQuery - that means you used an API. You sent a package to that API to authenticate - perhaps a user name and some meta data. This is the JSON payload and it was faulty.

@weary root

godaammitt

i folllowed the documentation word for word lol

Some websites use so called tokens that authenticate you for some time, like 30 mins - meaning if you dont use the website for 30 mins, you would need to log in again.
Perhaps the site uses something similar

So just restart all again and hope for the best

"have you tried turning it off and on again"
if that doesnt work, good luck 😛

does anyone know a simple obfuscator for python?

https://github.com/dashingsoft/pyarmor

has anyone worked on auth via azure AD before?

I stumbled upon this article about priv escalation using sudoer rights on pip, but it ends up really just being a primer on what pip is for people who want to learn hacking i guess and dont know what pip is.

Anyway, at the end of the article writer drops this without explanation

And my only question is, "what the f is os.excel?"
@thorn obsidian It's the way PIP was deisgned, hence why pip install --user exists i guess

https://www.theregister.com/2020/07/02/cisco_smb_router_hole/

cisco at it again

I am trying to write to specific memory values in a game's memory. I used Cheat Engine to find these, but now I don't know how to find them with python. I assume I first need to find the base address of the process, but all the resources I have found have not been helpful. pymem seems to have changed since the answers were posted and win32api and win32process give ImportError: DLL load failed: %1 is not a valid Win32 application.

https://stackoverflow.com/questions/14027459/finding-the-baseaddress-of-a-running-process
https://stackoverflow.com/questions/13045864/python-how-to-get-the-start-base-address-of-a-process/13050919#13050919

I am using 64bit windows, python 3.7

(I am not sure whether this is the right channel for this question)

i can give you examples in py2

it might help

something like this should work with a working memorpy library

mem = MemWorker(name=PROCESS_NAME)
modules = mem.process.list_modules()
ptr = modules[PROCESS_NAME] # or any other module
print(mem.Address(ptr).read())

so for this you'd need to activate your py2 virtual environment

and install a " working memorpy library", my slightly modified and working version can be installed like
pip install https://github.com/hrt/memorpy/archive/master.zip

actually I see I have put up some example uses here https://github.com/hrt/memorpy

Maybe I will use a different language for this

thank for the help anyway

c/c++ is the obvious one to look at, but, at the same time you can call the same C windows functions in python

so the Encrochat bust is pretty interesting

by the sounds of it the French authorities managed to gain access to EncroChat's servers in France and deploy something sneaky

but as far as i understood how EncroChat worked i though that'd mean they've have to get some malware onto the handsets.

oh that was the case. nevermind.

wow memorpy looks awesome 🙂

Hi! I am trying to connect to Ceridian Dayforce using python 3.6 (no django/flask) and using the python-dayforce library. My company uses a SSO to login to Dayforce, I tried in the authentication phase of connecting to use my AD username/PW, and my domain\username and PW, neither worked. I dug further and found that the SSO is a SAML SSO (not sure if it's relevant for my question). My main issue is I'm not able to actually connect to Dayforce using python-dayforce or using regular requests, I assume because of the SSO. Can someone point me in the right direction of what I need to do? All of my googling has led me down a rabbit hole of Django and Flask, neither of which I'm familiar with or am currently using.

how can i get the number of a user without knowing what it is.

I am planning to create a form that get's a person's number and name and send data to them depending on their area code.

i... what?

I'm not sure I follow

you want to somehow get an user's number without them giving it to you?

how would you propose that would legally work?

You don't get it

@thorn obsidian

Just like someone signups with google and enters their password an email

You know

i just want to make a simple webpage

that someone can go to

and enter their phone number

register their phone number so that i can send something to them

and store their phone number in a database.

So you want to enable user profile registration via phone number?

You phrased it in an odd way, still not sure what youre trying to do, and how it relates to security

just wondering

if you have a use register

and store the info in a database

can't you access it in the database?

Are you trying to verify a number or something?

Because you can use Twilio to send a text/call to someone, and have them input the code they get ( normally 6-8~ numbers ) into whatever you're doing.
But that's normally not used for login outside of 2FA - and even then, it's a weak way of doing 2FA, considering TOTP is much better. Also, if someone is a victim of SIM-jacking or an SS7 attack, you can get any/all texts/calls of theirs, no problem.

#discord-bots

Scott u well versed in SS7 attacks?

@thorn obsidian (just realised he sent that like a day ago)

well versed as in, I know of them? Yes. That's about it

I was bored so I made my own encrypter

la0olalalalalalalalala0olalalalalalalalala0olAlAlAlAlAlAlA0oL70olalalala0olalalalalalalalala0olAlAlAlAlA0oL70olAlAlAlAlAlA0okekeke0olAlAlAlA0olAlAlAlAlAlA0olalalalala0olalala0olalalalalalalala0ola

Try crack that

so

when you are using your cell phone data

and u arent connected to a network

what ip address is logged when u access a website?

your phone service provider's IP?

it is commonly shared with other devices

giving each device their own IP would be very wasteful

Try cracking this:
566e59574e7a645731674a4856696332566a6343566f5a4841673d3d0a

7616746148444871798887167618871116877168766

[21:18] xx: your phone service provider's IP?
[21:19] xx: it is commonly shared with other devices
[21:19] xx: giving each device their own IP would be very wasteful

day late

but this is called Carrier Grade NAT.

it's where you've got a buttload of devices accessing the internet from 1 public IP address.

it's mostly used in mobile phone networks to prevent exhausting the IPv4 range.

sometimes entire countries do this.

countries that don't like privacy or freedom.

i think at one point Bahrain only had 1 public IP address in use

Lmao 😂 so one discord user getting banned could’ve got the whole country banned from a server?

guvfjnfwhfggbjnfgrlbhegvzrqhzo
and
jxyimqizkijjemqijuoekhjycutkcr

mean the same thing

fun quiz - find out what it is?

@thorn obsidian, yes.

but also discord would probably be illegal in those countries and external internet access restricted

they run in their own little ringed fenced intranet

Lol sucks to be them then

there is any forums that posts recent malwares

is this right?

we can't help out on any graded assignments

!rule 5

Hi I don’t think this is too related to this channel but I couldn’t find a more suitable one. https://youtu.be/PFS9KQcQT-s I make videos on machine learning security, I’m a researcher in this topic and this particular one has a look at some neat tensorflow code

Can a single TOTP secret be used across multiple TOTP generating programs?

I've been using KeePass for half a decade and Authy for the last year. I just found out about a plugin for KeePass that lets you generate TOTP codes within KeePass. However, since it is a third-party plugin and is therefore at risk of losing development and breaking, I wanted to know if the secret could be re-used later should that happen. The secret is easily accessible within KeePass so that wouldn't be an issue.

@viral shadow you could scan the same QR code by two apps, that shouldn't be an issue.

there is any forums that posts recent malwares
@gritty wedge What legitimate reason would you need this for?

Hey is it possible to create a python program that counters a ddos attack

You wouldn't do it through Python, that's more the networking equipment's job.

CVEs are public

@analog jacinth ... Yes? Was there a question there?

Was replying to dammi

kek

Always nice to see implementations tho

A while back there was a cve concerning ebpfs, and that feature is so obscure, like I couldn’t even figure out how to use them, let alone write malware using it 😂

You wouldn't do it through Python, that's more the networking equipment's job.
@thorn obsidian sooo how would I get this kind of thing done

Would I contact my ISP?

ISP? Are you dealing with a DDoS on your residential connection?

Yeah on my router

Home WiFi

How are you sure it's a denial of service attack and not faulty hardware?

I’m not. I want to prevent it from happening in the future

• there’s applications such as Wireshark that detect ddos attacks

There's a lot of questions to ask, but I have to be AFK for a bit.

I'll try and answer here shortly, and if I don't, ping me tomorrow

Use a proxy?

Anyone got a recommendation for a software that password protects directories and encrypts their contents? (Windows, preferably portable/open-source but not a deal-breaker)

I have a bunch of tax-records/legal stuff that are just sitting in a regular directory. Would like to secure them.

Looking for something like KeePass, but for directories/files. No backdoor.

@viral shadow 7zip

@gritty wedge What legitimate reason would you need this for?
an antivirus

@gritty wedge dm me, i seed malware samples

got currently almost 100 gb

adding daily

[04:17] @woven condor : + there’s applications such as Wireshark that detect ddos attacks

your home computer would be on the wrong side of the network to detect that

and wireshark is a packet analyzer, pure and simple

there are a number of methods to DDoS mitigation, nearly all of them require having a decent router.

heck, something with iptables and a few decent rulesets could do the trick

or you could go the full whack and buy an appliance that detects abnormal traffic flows.

you could easily block a synflood by setting limits on how many syn packets a host could send at you in x time period

so i was just reading a UK government report about Huawei's kit and potential security impact on it and found this interesting bit

In the first version of the software, there were 70 full copies of 4 different OpenSSL versions, ranging from 0.9.8 to 1.0.2k (including one from a vendor SDK) with partial copies of 14 versions, ranging from 0.9.7d to 1.0.2k, those partial copies numbering 304. Fragments of 10 versions, ranging from 0.9.6 to 1.0.2k, were also found across the codebase, with these normally being small sets of files that had been copied to import some particular functionality.

seems like the report suggests that the biggest security failure in Huawei kit is them doing a shit job at building systems in general.

Analysis of relevant source code worryingly identified a number pre-processor directives of the form "#define SAFE_LIBRARY_memcpy(dest, destMax, src, count) memcpy(dest, src, count)", which redefine a safe function to an unsafe one, effectively removing any benefit of the work done to remove the unsafe functions.

https://www.theregister.com/2020/07/10/digicert_pulls_certs/

womp womp

as if EV certs are a thing anyone should still be buying.

where did the unix channel go?

#unix

In the first version of the software, there were 70 full copies of 4 different OpenSSL versions

how tf did they get this to compile/link/work?

i can barely get 1 to work

ikr?

like... how do you do it so bad?

@woven condor yes, contact your ISP, say you are experiencing periodic outages.

Ok

And then what will they do

Hopefully troubleshoot the issue

If it's a ddos then they will give you a new IP probably, or mitigate it

If it's something else, which is almost always way more likely, then they will hopefully be able to fix it

why does python have no pie?

and why are there rwx segments?

not python specifically, but what's the proper term for attacks that involve a large amount of fake accounts that try to achieve something maliciously? fake reviews/fake publicity/influencing things in one way?

Hey anyone interested in working on a project regarding dark web. I’m trying to write a extendable python tool which can monitor, crawl and index hidden sites on darkweb and index collected information to elasticsearch?

i think the channel you want is #680716760134975491

since I haven't found an answer yet, this channel seemed to be the closest one to the topic: If I use fiddler to find apis that websites or browser extensions use, am I allowed to use those APIs?

okay;
I have a program that I'd like to provide a free version, and a pro version.
it's python compiled to an exe, but I'm wondering if the following method I have in mind will be safe to use:

Have a variable defined at the start of the program, which is either True or False, indicating whether the program is Pro or Free. and if it's running the free version, it'll disable certain features. So I'll set the variable to True, compile the python code, and save that as the Pro version, then change the variable to False, compile it, and save that one as the Free version. Is there any chance users might be able to open the exe file and manage to change the variable?

Obviously I want something secure, but I also don't want to have to write two separate programs; one being the Pro version & the other being the Free version...

@ me if you can help, thanks! :)

Yes, it'd be trivial to patch the code to always be True.

This kind of question is brought up relatively often, and the response I've always seen is that Python is not the appropriate language for preventing these sorts of things.

yeah just make the program get the content from a server where it sends some key pair to identify itself, if it is registred as pro on serverside, send content that is for the pro version and vice versa

anything clientside can never be trusted

doesnt matter which language

Really any language is vulnerable to tampering like that

yeah and obfuscation doesn't help

I suppose when that is said, it is meant that it is more difficult to obfuscate things in Python.

well not necesserily, just that obfuscation always is reversible

if the logic is serverside, then there is nothing for the user to do

especially if cryptographic secure ciphers are used for authentication

also why not have pyinstaller make two separate exes

one for free and one for pro

he does not want to write two different programs

and besides he's still compiling python so it still has the same problem

How could all the logic be serverside

the client still has to ask the server

well yeah ofcourse

but that has nothing to do with the actual verification

saas is an option if you really care

but if the client has your source then they can mess with it

or write their own

but if you have some sort of login system and you are not using md5 (lol) it should be pretty safe

is raspian , based on debian ? secure using SSH ?

if im using python 3.7

@shy spire If you setup SSH properly, it's reasonably secure, yes.

I'm not sure why you brought up Python version, as that has nothing to do with SSH.

It's a hard problem to make things "secure"

Things, yes. SSH? Not so much

In no specific order:

1. Setup SSH to use only ed25519 keys.
2. Require SSH keys, at a minimum. Add passwords and/or TOTP if you want.
3. Disable root SSH.
4. Setup an account which is designed just for SSH access, and then jump from that account to any other account to do work.
5. Setup Fail2Ban for SSH so any bots that attempt to access your server get banned.

@spiral pivot is that the 🕋 ?

uhm yes

but that is not related to security, go to offtopic

this is so sad 🕋 🙏

indeed 🕋 🧎‍♀️ 😞

@spiral pivot @dusky fern How is this related to security?

so

with digital signatures

we encrypt the hash instead of document, so that we can establish data integrity right?

but if we didn't encrypt the has but only the document

we would only know who it came from

but not whether the document was changed or not, right?

for reference, I am talking about this

there is nothing about ctypes opening up for rce/bof/uaf etc on the docs https://docs.python.org/3/library/ctypes.html might be worth mentioning?

actually, is ctypes allowing rather trivial rce intended?

https://www.theregister.com/2020/07/13/in_brief_security/

don't use EOL operating systems.

hahaha nice title

Hi , i'm looking for a library for symmetric encryption like AES that works well on both linux and windows , what library you suggest ?

@quiet karma either PyCryptodome or Cryptography

@thorn obsidian Thank you

No problem

Hello,
I've been wanting to secure my python application, and I was wondering if I could get any advice.
I've recently finished a program and been re-searching for tools that I could use to secure my program.

My current plan is using a paid pyarmor obfuscating, and then using nuitka and mingw to convert the code to C and then onto an EXE.
Then on top of that using VMProtect Ultimate.

The only thing I'm afraid of is the server link and it's API token. Since those are required on the client's application to connect.
And I would think hiding such a token would be a pain, and quite impossible since anyone could dump the application and grab the link and token.

Everything/All of my functions are on a AWS server, so everything is server-sided.
Leaking the functionality or anything like that would be quite impossible I guess.

But I just wanted to know that if these programs are enough to keep a program at least secure.
I know nothing is uncrackable, but would you think this would at least make it hard enough?
Also, if you have any advice, that would be greatly appreciated.
Thank you.

"secure" against what

what is your threat model

@thorn obsidian

@thorn obsidian secure against hackers. I already know some people are attempting to crack the application I'm developing.

very vague

and "hacking" and "cracking" are entirely different and even somewhat unrelated terms

again, what is your threat model

what threats specifically are you trying to protect against

there isn't a "one gun kills all" kind of solution

Well, do harm to the application.
They want to "crack" the application, since it's a paid application.
Make it free and hurt the sales.

each specific attack requires an equally specific defense

are you attempting to stop piracy? because that has nearly nothing to do with hacking

Well yes, stopping piracy.

see #cybersecurity message

I see.

I guess I've felt confident by obfuscating the code with pyarmor, and compiling into a C program as an exe with VMProtect Ultimate was a good solution.

@thorn obsidian Thank you.

not sure I helped much, but sure

Storing any kind of token and then trying to hide it away is a guaranteed way that someone will come along, break it open, and find your token.

So you more or less want to be upfront with your users.
Have them setup an account and grab an API key from their account.
That way every account has a unique API key.

You also want to store as much as you can on a remote server.
That way they don't have the option of getting that information from your client.
Now, if you're using an API, that doesn't prevent them from reversing your API.. 😄

what is kali distro

What?

https://en.wikipedia.org/wiki/Kali_linux

can I see your codes,?

@thorn obsidian

can I see your codes,?
codes?

@thorn obsidian I mean Like sample of your securities codes

I'm using fiddler to monitor traffic from my phone but I'm getting only useless information like this

I want FTP requests

filter by FTP protocol then

oh, fiddler

nvm HTTPS is what I wanted

fiddler only looks for HTTP / HTTPS traffic

ah

yeah

I just installed the kali linux OS, now do i need to install metasploitable2 vmware inside the OS or is there any other way around?

What about the metasploit framework,i m not getting a clear view,will be glad if anyone can help me out

i already did pip install pyarmor so what should i do?

I just installed the kali linux OS, now do i need to install metasploitable2 vmware inside the OS or is there any other way around?
@next junco bro metasploitable is just a pentesting O.S that is full of vulnarabilties

I just installed the kali linux OS, now do i need to install metasploitable2 vmware inside the OS or is there any other way around?
@next junco you first have to try into some other devices like windows and android I highly recommend to do it with your's only or using a VM version of them and then you can try metasploitable2 as it is just cli based so for begginers it is a bit difficult to use and deply trojans and backdoors you create

What about the metasploit framework,i m not getting a clear view,will be glad if anyone can help me out
@next junco metasploit is pre installed in the kali linux
as it is the most important and basic tool for pentensting and other hacking you want to do most of the programs use that for making scripts so it will be really good if you get a good knowledge about it

i already did pip install pyarmor so what should i do?
@thorn obsidian I think first you should start python by writing python in the cmd

!tempmute 696644016896475146 7d You have been clearly told before that discussing creation of malicious software is not something you should be discussing on this server, yet you have refused to listen. Take this time off to read our rules and code of conduct.

:incoming_envelope: :ok_hand: applied mute to @jovial heart until 2020-07-22 11:06 (6 days and 23 hours).

@next junco We don't allow discussion about malicious software on this server as per rule 5

!rule 5

@jovial heartThanks alot for the help!

@fast shore Sorry for that, Won't be asking again.Then what are the kinds of question to be considered in the security section?

It should fit under the topic, Securing code against hacking, data sanitization, encryption, and protecting yourself and your devices.. I know you probably weren't doing anything malicious but we do tend to err on the side of caution.

not trying to inject myself into debate, but it looks like metasploit and metasploitable2 are open source software made by a big company for the purpose of security research and testing https://metasploit.help.rapid7.com/docs/metasploitable-2

Metasploitable 2

A test environment provides a secure place to perform penetration testing and security research. For your test environment, you need a Metasploit instance that can access a vulnerable target. The following sections describe the requirements and instructions for setting up a vulnerable target.

seems on topic to me, granted I haven't been on this server too long and don't have examples of malware dev discussion I can recall

@fast shoreok will take care of that.Sorry for the trouble.

@echo herald Metasploit is useful, but it falls on the opposite side of protecting yourself and your devices

I'm confused as to why, though. If I have an application server, I would much rather do pentesting and other security tests on this VM than I would on my own server. Is it because it could be used to help develop malware?

because the discussion wasn't "i discovered my application server is vulnerable to X, how do i stop this?"

it was "how do i use metasploit?"

we can't know the intention of someone using metasploit, even if they say it is to test their application server

Is there any tool available on play store to check my mobiles outgoing traffic

so should everybody clarify their intentions before posting asking for help or suggesting solutions?

no, because that could be a lie.

Like every ping it makes

to be honest, I read the reply and thought it was reasonable and on topic. My biggest concern is that one day I'll post a response that I think is reasonable and on topic and get muted/banned for it. I'm really just trying to get some clarity so I don't have to worry about that

anything "that may break laws, breach ToS, etc"

there's a lot of tools that fall under that umbrella, though, and this one is specifically a testing environment for research

if people want help with pentesting / security, advise them on where they can seek that help

rather than helping them here.

there are pentesting / security discords, blogs, etc, etc

@south coral Depends if you have root or not on the device

Non rooted

Ah, alright. One sec

Got a freaking xhelper so no root

a non-detailed answer that points someone in the right direction i imagine is okay.

depending on the question

but i wouldn't touch a question on metasploit because, well, despite being a tool

its main purpose is exploit systems

regardless of if you own them or not

Do ping me with the answer

Thank you very much 😊

even though the responder was pretty clear that the intent was for the purpose of securing/testing against their own devices?

you first have to try into some other devices like windows and android I highly recommend to do it with your's only or using a VM version of them and then you can try metasploitable2 as it is just cli based so for begginers it is a bit difficult to use and deply trojans and backdoors you create

what would've been the appropriate response? suggesting they take the conversation elsewhere? even though this is supposed to be a place where people can ask for help, you suggest that no response at all would've been the best course of action

@echo herald I do understand your point, and that is why why always try to warn users first and make the rules clear before dealing out infractions. Talking about deploying trojans and backdoors you create starts to take it into malicious territory which is not what we want.

ok so it was primarily:

it is a bit difficult to use and deply trojans and backdoors you create
that pushed it over the edge then?

Partly the problem is that it is hard to moderate as it impossible to know real intentions, so as I said earlier we try and err on the side of caution, although we try and make that clear to users first

quark had previously asked about creating a backdoor (listener) as well.

It's not really about the intentions of the user that's asking. We're a very open community and messages stay visible in the chat history as well. Our moderation line is that we don't allow the discussion of code that's exploitable and/or usable in a malicious way. This also means that things used for pentesting often fall under this umbrella, as it can be used for both purposes.

There are communities out there that are specifically aimed at security, pentesting, and ethical hacking, though.

totally understand, I'm just imagining a conversation where I help somebody with a tool like locust and they go "welp, thanks for your help creating distributed load testing infrastructure, now to point this thing at mycompetitor.com and cause a DDOS, thanks again @echo herald !"

even though the tool's purpose is load testing your own servers, it can be used maliciously, and since I've had experience with it, I could be at risk just by trying to help

The best way to approach it, is, be under the impression someone malicious is listening to the conversation. Can they take what you're saying, and with the information you've given, construct something highly malicious?

That's why the stance for Metasploit and others like it exist. You're not exactly going to see a legitimate reason for someone to use a USB Hacksaw/Switchblade in 2020 for example.

( USB Hacksaw/Switchblade was a neat trick in regards to U3 drives. U3 drives were flash drives that had two partitions. One appeared to the computer as a CDROM, and the other was typical USB removable storage. Autorun also hasn't been a thing since XP, so.. 😄 )

But that's the thing, I can casually bring up and chat about U3 drives, even though they're completely malicious in nature, considering it boils down to don't stick random flash drives into your computer, and less of a "Hey, autorun doesn't exist anymore!"

Which is a great way to protect yourself. Don't go to thrift stores and buy used flash drives!

or take them from conventions

@lusty flare You don't store your business card on a flash drive?

casual

did you see the embedded business card that runs linux?

That sounds highly impressive and terrifying at the same time

https://www.thirtythreeforty.net/posts/2019/12/my-business-card-runs-linux/

I feel like anyone I spoke to would be sketched out if I discussed a bunch of security stuff, and then handed them that

"So yeah, by the way, USB devices aren't really all that secure. They can masquerade as HID devices like a mouse, a keyboard, and the vendor/product ids can be easily spoofed considering firmware signing isn't a thing in most products. Even if it was, I can just find out your vendor/product ids and spoof those on a separate device. Oh yeah, do you want this business card that runs Linux? You plug it in via USB. It's not sketchy, trust me."

quite :D

The slow step back of just "Uuuuuhhhhhhhhhh........ Yeeeeeeaaaaaaahhhhhhh... I gotta go..."

back to the rules thing, i think that's a good way to view it scott.

it's not "is this person going to use this maliciously" but "am i giving away enough information that someone can then do something malicious"

it's like when people come in asking about how to get into pentesting / ethical hacking all you can really do is point them in the right direction

Yep, that's about it

it's kind of vague and handwavy, but there are plenty of resources out there that aren't this discord to get this information

ok, I feel pretty good about that explanation, it leaves me a little more hesitant to help other users in some ways but I guess I'll rely on the judgement of the moderators to know that I haven't previously accidentally given away help that can be used maliciously

So here's a good question. Let's say someone uploads an image with some JavaScript in it, such as with https://www.secjuice.com/hiding-javascript-in-png-csp-bypass/. How do you defend against this? Outside of not having "unsafe-inline" and "unsafe-eval" enabled within your Content-Security-Policy, of course 😄

More curious of how to sanitize an image like this, and detect these kind of things

``>>> pyarmor
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'pyarmor' is not defined

`` ( I already installed python and pyarmor )

https://pyarmor.readthedocs.io/en/latest/usage.html

anyone got any good ways to encrypt files with python

https://cryptography.io/en/latest/

thank you @analog jacinth

https://thedailychain.com/largescale-twitter-hack-live/ this doesn't look good at all

yeah what kind of hacker has golden coins

and u puts them on the track pad

@thorn obsidian

seems like a social engineering breach

paid some insider to either give access to the tools or flip specific account email addresses so they could take control.

big oof.

is burpsuite legit software to capture web traffic

?

yes.

well, it's a legit set of tools

there aren't any android capturing tools? I couldn't get fiddler to work yesterday

android app would be ez

there probably are, i'm just not aware of them.

i mean you'd probably need a rooted device

I have one

@lusty flare Sounds like someone's about to have the weight of the legal system on them soon enough

could be a GDPR problem too

I'm not a lawyer, but fairly certain this is breaching CFAA, which constitutes multiple felonies.

( https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act for those unaware )

yeah, i was thinking more about how it's exposed how much data twitter employees have access to

I haven't seen what's been released in regards to it, but I imagine it's about what's to be expected.

it could be..... problematic

but yeah, the twitter employee is gonna get fuuuuuukkktttt

if it wasn't a pay-for-play type job and they were socially engineered

i'm not sure if that'd be more or less damning

when using rsa or public key encryption how do you verify that the person you are talking to is really who want to be talking to

how can I generate __cfuid

or get

or csrf_token

This could be more of a long shot, but figured I'd ask. Anyone have experience working with e-mail servers?

yup, I have

not super in depth, but I could probably help with more general advice

@thorn obsidian You encrypt your message with their public key, so it can only be decrypted with their private key

The other person can also sign their message with their private key, and you can decrypt it with their public key to confirm they signed it

Hi everyone. I am very into Python and cybersecurity. This is my first time using Discord. I hope I can learn a lot with the community.

@thorn obsidian

when using rsa or public key encryption how do you verify that the person you are talking to is really who want to be talking to
In regards to e-mail, do you mean the address you meant to send it to, or the person behind that address?

Some suspicious activity in the logs. Someone tried to hack my django rest api, it seems, but I don't have anything valuable on that server, I use it for learning. I know I should turn off the debug in django, but what else can I do to make it safer? They managed to use the single allowed host to make a succesfull request
At this point I just need to shield it from any requests coming from outside of the server
https://i.imgur.com/3TCCy9e.jpg

don't have it listen on the public address?

maybe use something like nginx as a front end and block access to specific end points?

require authorisation to access the api?

Yeah, I'll fiddle with nginx. Found this article
https://testdriven.io/blog/dockerizing-django-with-postgres-gunicorn-and-nginx/

btw in case you missed it

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1350#ID0EGB

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.

To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.

I use centos

how could I get cookies for web scraping when there's an OAuth2 login on the site?

@slate fulcrum This sounds like an XY problem - https://xyproblem.netlify.app

How can I set up some encryption using the ssl module when sending TCP packets via socket? Is this encryption good enough for basic usage or what would be recommended? I want to use some existing library as im not interested in re-inventing and re coding stuff that has already been made..

@thorn obsidian but do I normally use requests with oauth2 as well? I don't think I can get everything I need

Hi guys

is python enough to be a legitimate cybersecurity engineer?

The concepts you take away are useful

do I have to learn other languages

But, I'm not sure about it helping you with every part of the job

or will python be sufficient @long crow

?

No, definitely not

Most of cyber security has nothing to do with coding

You can use python to find vulnerabilities, but it isn't part of cyber security

Hey is there anyone here that is into running their own dedi/vps.... can talk ssh, ciphers,ssl,nginx,bind9......

yes

Also yes ^^

https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html
Twitter posted an official blog about what exactly happened

cool

so they actually do have 2FA on their internal tools.

For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our “Your Twitter Data” tool.

uh oh.

None of the eight were verified accounts.

oh that's alright then

interesting.

so i guess the worst case didn't happen

siphoning off user dm data

We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken.
Seems to me there's still a chance that might have happened, just not through the specific Your Twitter Data GDPR tool

true

although it seems really dumb that they tried to sell accounts

something just seems "off" about the attack tbh

i can't help but think there's an ulterior motive

why would you break into twitter and just try to sell accounts or post a scam?

I think it's possible some 16yo stumbled across some Twitter employees and thought of a cool way to try and get access to their shit - then just did the first things he could think of. None of it seems that well thought out

yeah, it seems like a shit plan

trying to take control of and sell single / double character accounts?

that's... that's not going to work.

@slate fulcrum I have no idea what you're doing, but it sounds off, like we're not getting the full picture.

this page as OAuth login (facebook) and I want to scrape the page but I need to be logged in

@thorn obsidian

Hey is there anyone here that is into running their own dedi/vps.... can talk ssh, ciphers,ssl,nginx,bind9......
@wicked fulcrum
yaz

@slate fulcrum Facebook has an API. Not using it is breaking ToS, which is something we can't help with

!rule 5

How can I set up some encryption using the ssl module when sending TCP packets via socket? Is this encryption good enough for basic usage or what would be recommended? I want to use some existing library as im not interested in re-inventing and re coding stuff that has already been made..

if anyone could help, would be great

@fluid scarab encryption how?

Are you wanting HTTPS?

I'm using tcp

I want to encrypt them

them as in packets

So yes, you want HTTPS?

correct

tried with the ssl module but no luck

I imagine this is a Python application, since you're using the ssl package

yes

i'm using sockets

Are you using Apache or Nginx?

currently none as i'm just testing on localhost

Use one of those, and set your application behind it

I will in the future

Then you can use Gunicorn or uwsgi to connect Apache/Nginx with your application

I see. Out of curiosity - what is the ssl package for then?

heard you use it to gain security for tcp

I use it for sending mail with smtplib, for example.

But anything server-wise, you're a lot better off using Apache/Nginx and then putting your application behind that and having Apache/Nginx handle that kind of stuff.

Does that make sense?

yes, you dont want to mess up on such a critical part of your application so its better to use some third party software

It's not just some third party software.

Apache/Nginx are tried and tested

true, think I'll stick with Apache so I can try with Cassandra db aswell

Depending on what you're making, Flask/Django could be a huge help

I have no idea outside of you wanting to use ssl, so I don't have much to go off of

Dont think i'll use Flask or django. I'm working on some project just for fun and I am in need for transfering data such as audio or text messages from one client to another, so I need to stick with sockets. Unless I create some API which I really don't want.

and obviously I need to encrypt that data

Have you looked into https://github.com/signalapp and their libsignal?

They don't have Python versions, but something like https://github.com/signalapp/libsignal-service-java might be what you want

or, Signal in general might be what you want if you're sending audio or texts

Hmm, i'll take a look, thanks

👍

What is a tor

is tor and vpn the same thing

https://www.theguardian.com/technology/2013/nov/05/tor-beginners-guide-nsa-browser @vital gyro

no tor and vpns are very different

Coming back to my previous messages #cybersecurity message
It seems I could just change ports to expose in my docker-compose.yml to make the port open only to the other docker containers and not anyone else on the internet

what is a "_rtoken"

I saw it in a request on a site but I can't find anything about it

Are you still trying to scrape Facebook?

@slate fulcrum If it's Facebook, we still can't assist with it.

python is also about security

@long orchid ?

Does anyone here know about Tails,and its security flaws.I heard it has many but i wonna hear a second opinion

no tor and vpns are very different
@analog jacinth I agree they work on a completely diffrent data transportation method

@thorn obsidian nah not that anymore

also how do I figure out what this is:

Scale it down 4 times

@thorn obsidian how secure is piping from curl straight to the shell?

it's not

I'm assuming this is in reference to what I just posted in #unix :p

yea, made me wonder haha

in this case, the site is trustworthy

but it's always safer to wget the file first, visually inspect it, and then execute it

especially if you need to run it as root

righto

is there anyway to capture ssh password hashes remotely?

like in 4 way hand shakes ?

why do you need this info @mellow steeple 😄

hack in to google's main server

lol

i'm a network student

check out common ssh vulnarabilities 🤷‍♂️

👍

actually i have only completed cisco introduction to networking course
where can i find them?

just google around

ssh is a preety secure, established protocol

i wouldn't really know

The easiest approach to this would be a MITM

Of course, known_hosts exists, so good luck with that

^

anyone here knows if its possible to technically code captcha bypass with python?

Bypass, no, solve, yes.

I'm working with an API that handles the release of bitcoin to customers. The HMAC key has a permission, "money_pin" which authorizes the release bitcoins to customers. The money pin is a 4 digit static pin that's set on the website that's required to be passed with certain release/money handling calls.

The API docs state the following: "Security concern: To improve security, do not save the PIN code longer than the users session, a few minutes at most"

Are they expecting me to pass this same pin every call? Is there a safer way I should look into doing this? It seems so strange to me that I'd need to enter the same pin over and over manually every api call

From what I can make of it, it'll be fine if you store the PIN in the session object

Like, the guideline basically means you shouldn't save the PIN for longer than the user session. And anything stored in the session object is cleared once the session (browser/tab) is closed, unless set to persist.

I've built this application to handle all aspects of my business except the security/money release part since I'm worried if I mess up it will cost large.

I guess each transaction could be set up as individual sessions

that's viable too but again, pin for each call

test it with tiny amounts? it is always a good idea to test the implementations first

I have been, theres a HMAC permission that doesn't require the money_pin at all

but to me that seems even riskier, if my server is breached someone could run the program and empty my wallet

steer clear of that permission, PINs exist for a reason

I was thinking of implementing some form of 2fa to be required alongside the PIN, or would that be pointless? Sorry my experience with programming is just basic programs/time saving scripts nothing to do with securing an application or encryption at all

2fa is good to have when dealing with stuff like this

Like I was thinking to store the pin somewhere that requires 2fa to have the pin returned in a secure way for the api call to use

but that still doesn't seem like the right solution, the API call requires the pin to be a 4 digit int, so it can't be passed to the service encrypted or anything

you'll have to decrypt it in that case first

but having my program decrypt it would put me in the same position, if server is breached the pin could be captured, i think?

what if you store the decryption key remotely and fetch it after 2fa only (i'm not an expert on security)

True

thanks for the info @light pagoda

you're welcome

@mellow steeple That wouldn't be something we could assist with, considering rule 5:

!rule 5

ok .. hope that can stop all the cybercrimes in world

Regardless, that is not something we can help with here in the server.

https://developer.apple.com/programs/security-research-device/

Interesting 🙂

Sounds pretty neat

New Hack Can Trick Power Bricks into Starting Fires
https://xlab.tencent.com/cn/2020/07/16/badpower/ Oh no
English version: https://gizmodo.com/new-hack-can-trick-power-bricks-into-starting-fires-1844441247

Hello everyone,
in my Python Code I´m connecting to a mySQL-Database.
The password of the mySQL-Database is clearly in my Code.
How can I change this?

Store it externally and access it at runtime. An example would be a config file or an environment variable

@thorn obsidian
That's pretty much what I was gonna say.
+1

I’m jealous you get to react to my comment

How come? 😄

I would like to give my friend the programm...

@coarse bobcat Would it use a local MySQL DB on their computer, or would this be a client and you'd have a server somewhere else?

It’s a very succinct way of agreeing with people 🙂

@coarse bobcat Would it use a local MySQL DB on their computer, or would this be a client and you'd have a server somewhere else?
@thorn obsidian It must be a Server

sry for bad english btw

Oh, then you wouldn't give them that exact program. You'd make a client program, and they'd use that client to connect to your server

I didn´t understood... Can you give me an example?

You'd have a server ( Flask/Django/whatever ) with a DB ( PostgreSQL, MySQL, whatever ), and it would do the heavy lifting. Whereas, the client would send/receive things from the server.
Not sure what your server does, so can't give any more detailed info than that.

So, my programm is a Chat. And i write the messages in the Database.

Ah, I have a multitude of questions then

How are messages encrypted?

I'll be AFK for a bit, but with it being chat, there's a lot of things you need to think about.

samsung galaxy note 7 nah fam,samsung galaxy c 4

So, my programm is a Chat. And i write the messages in the Database.
@coarse bobcat try using flask
get some info about it it is helpful for these kinda things

hello peeps of insecurity

so what does security updates mean in the context of python?

i know like theres security updates for OS etc

but if say i made a calculator.py then what would the security updates for this py file mean?

ping me plz ty

@old trail if the script worked before it should work afterwards aswell. Just that a internal vulnerability was fixed. Like for example if some module wasn't checking some obscure scenario

can you give an example

i honestly couldnt think of a vulnerability in a calculator.py

lets say the calculator.py has only python print(int(input("x"))+int(input("y")))

what would be a possible security update for this code?

@spiral pivot

input() could do a buffer overflow internally in python in some cases where it does strlen(n) and misscalculates the reallocation for the buffer, so it results in the return address being overwritten internally in python which leads to RCE

holy fucking shit

excuse my french but where does one find info like this

you dont

you get it by reading source code lol

i dont even understand what you just said except the internally overwritten buffer part

but now input doesnt buffer overflow, but if it were to do that, a patch would be made for all supported python versions

so im pretty much fked if i just publish my code on github?

no you dont need to do anything as a user

but github has the security section where it wants me to update security patches

oh

i just found it today hence the question lol

is it python2?

its jupyter notebook

eh be more specific please, send the github repo

its in all my repos

forked etc

theres a tab called security

yeah

that is on every github repo

so i just leave it ye?

yes

im insecure

hold me

lol

hahaha

like everything has security issues though lmao

this sounds way too advanced for me so ima just yolo push

yep

thx for de help

👍

np

have a nice day

you too my peep yeet

huh, interesting @thorn obsidian

the powerbrick firmware hack

never considered that you could fuck with the power negotiation

@lusty flare Like I said before, TEMPEST is back, baby!

someone reversed engineered texas instruments and blew up a battery

oh my god not the giant black block

You mean... the entire company was reverse engineered?

and someone exploded an intensive farming unit

Huh. Thunderbird leaks your internal IP address.

http://forums.mozillazine.org/viewtopic.php?p=3005353#p3005353 is a nice fix for that 👍

https://bash.ws/email-leak-test can be used to test this is working how you expect

I set mine as "localhost", same as K9

thats uh

very weird

mail clients haven't done that in like

decades

¯_(ツ)_/¯

Was a weird thing I noticed

yeah

hii

hello

If anyone ever had any doubts that SS7 attacks were real:
https://thehackernews.com/2017/05/ss7-vulnerability-bank-hacking.html

So 2FA via SMS is flawed and insecure then

I read it as broken auth + 2FA via SMS is flawed

@thorn obsidian , with python script?

@sage stream SMS should never be considered a secure second factor

@old trail python is considered a memory safe language. i'd be more concerned with input(), if you're using python2

i see

improper usage of input() can cause great issues, especially if it's used for anything AuthN/AuthZ related

input() will evaluate string literals. can lead to a lot of bad things

in your example you're casting it to an int though, which wont be an issue

https://www.theregister.com/2020/07/23/american_title_insurance_ny/

womp womp.

850 million records of non-public info publicly available for 4 years

knew about it for 6 months and failed to fix it

that's a spicy meatball

the reason is so fucking dumb as well

documents were displayed through a URL and a DocumentID parameter

you could just iterate over the DocumentID number and get other people's data with no authorisation checks

and they were indexed on search engines

you could literally type the correct search terms into google and get someone's mortgage paperwork. nice.

isn't this what weev did a few years ago?

you mean the AT&T breach?

that's slightly different

that was an un-index URL that was still publicly accessible

also re-reading up on it

looks like weev discovered it and then wrote something to exploit it rather than reporting it

also disclosed it to the press before alerting AT&T

went a bit too far i think...

@neon cobalt

with python script?
What? Not sure what you're referring to

i think he's asking if it was done with python

but obviously implementation method doesn't matter

Ah, yeah, it wasn't done with Python as far as I know.

Yeah

https://www.nist.gov/news-events/news/2020/07/nists-post-quantum-cryptography-program-enters-selection-round

After spending more than three years examining new approaches to encryption and data protection that could defeat an assault from a quantum computer, the National Institute of Standards and Technology (NIST) has winnowed the 69 submissions it initially received down to a final group of 15. NIST has now begun the third round of public review. This “selection round” will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard.

Woo!

oh sweet

now we just need people to follow NIST recommendations.

which has never been an issue.

Ha

hey @thorn obsidian

lol

Oh fuck yes @thorn obsidian, thanks

Been waiting for this for forever

@thorn obsidian Can I ask you about 2FA, password managers. or the Killer project?

xD

just ask

@jovial heart Not security related

@slate prism Any specifics? You can PM me if you'd like

ohh ok ok

sorry

Is python popular for anti-virus software, or what kind of security software does python come in handy for?

Are there any good reads or research papers that compare the security of the latest version of iOS and Android?

https://support.apple.com/en-gb/guide/security/welcome/web apple has this

https://source.android.com/security/features android has this

not quite sure how you'd compare them, or if anyone has

I think antivirus software generally gets written in lower level languages that are compiled to executables (python relies on python being installed, and thus depends on the host system), but that's just a guess

Anti-virus software today usually involves a lot of memory scanning, not sure if that is even possible in python

It is

I'm sure it is

Chat here dead

@thorn obsidian

Chat here dead
Have you checked the topic?

Just did

And that's why it's dead

Lmao

Did you have a question?

Are there any good reads or research papers that compare the security of the latest version of iOS and Android?
@thorn obsidian Hi i was wondering if you know or have any good resources which compare the security of these two?

Security how?

@sage stream Can you be a little bit more detailed?

Ah yeah sorry. I’m referring mainly to the out of the box system security itself. So things like app sandboxing, or the encryption/biometrics used by both systems. Or also how hard it is for an attacker to get in.

also how hard it is for an attacker to get in.
Remotely or with physical access?

Since remotely mostly boils down to things like the web browser, messengers, etc, and that's something I'd point you to the CVEs of

Also, Android isn't the same across all devices. You need to think of security patch levels and the additional software for each brand

I would say remotely.

Since, hopefully, you're not buying any tablets from Barnes & Nobel for example 😄

( The joke being there is that if you ever check their security patch levels, they're easily 2+ years out of date, every time. )

Yeah well that was one of the reasons I left Android, but I think many manufacturers have improved now with the patches. I only had experience with Samsung and few others back then.

Well, that's the issue. You'd need to focus on devices that are actively supported.

But now I was considering getting the one plus the new one. I’m currently on iOS, and wanted to see what the state of security is like on Android.

Which, OnePlus does fairly well at keeping their devices supported. LineageOS and XDA-Devs are two good places to check out for up-to-date devices

I've got a OnePlus device, so ¯_(ツ)_/¯

Wasn't a fan of them years ago, when a debug application was found that essentially gave root.

But that seems to have been a one-off

Yeah I read about that.

I can't think of any other device manufacturer that keeps their devices as up-to-date as OP does

Well that’s good to hear. Although I probably don’t have anyone in my threat model, would you trust most Android phones to be safe from backdoors? Or is this is not a thing.

From backdoors? That's a tricky question, considering some believe Google Play Services is a backdoor 😄

Oof

Yeah I guess you are right. Same applies with iOS too then

Just a matter of trust

Well, you can de-google an Android device a pretty decent amount

Yeah I have seen this with stuff like f droid but is it the same experience in terms of UX and convenience, that was my only concern.

You can install extra services for F-Droid and other repos to auto install program updates for you

https://gitlab.com/fdroid/privileged-extension

But generally speaking Android encryption is good right, for one plus? And are things like biometrics stored on device, like iOS have with the Secure Enclave?

Yeah, they're pretty much the same

As long as you have a password/pin/etc on your device, it'll use File-Based Encryption

I see, well sounds good.

https://source.android.com/security/encryption/file-based explains how that works

hello scott

@dreamy briar Hello

Ok thanks. I’ll have a read if the security section on it.

you know this much about security, is it bc you work with it?

@sage stream If you have any additional questions, don't hesitate to ping me

@dreamy briar You could say that

Cool thanks.

that's actually very cool

Actually I did have a question I asked yesterday here. #cybersecurity message

are you that guy who tries to breach into sites to find weak spots and stuff?

@sage stream Anti-virus isn't normally done with Python. There's a whole slew of things Python does do, though. I'd suggest checking out things from https://reddit.com/r/netsec and https://reddit.com/r/blueteamsec and searching python and seeing what comes up

Alright cool, and thanks

@dreamy briar Ha, it's not as glamorous as you think. There are quite a few people around that do just that, and it's mostly paperwork.

ik, but i'm not saying that u get in front of three screens writing matrix shit down and wearing a black whoodie

i still think it's cool as a job

and i'm studying to get there

I have a security question, though not really to do with code. Currently, I'm get 2FA verification code SMSs from services I don't realise. One on Monday and two just now. I'm thinking I shouldn't be concerned about it if it's not for services I recognise, but I'm wondering if that's the correct assumption. Any thoughts?

@quasi turtle Depends on the service

If it's coded properly, those are verification codes that they need to input into whatever account they're making

But, if it's not, someone else could put your number in their account and it wouldn't ask

Also, SMS is a horrible 2FA method

Agreed on that last point, which is why I try not to use SMS anywhere.

Using someone else's number seems to be a bigger thing recently

But yeah, its for services I've never heard of in my life, and for which Googling kinda brings up dodgy websites

Huh. Mind PMing me those sites?

I'm interested

So I just have the service name so I have to guess at the site

I'll do some research for you if you'd like

Can you PM me these?

Sure

That way potentially sketchy sites aren't posted here

do you have DMs blocked?

I do not

Never mind, it's me haha

@everyone im a computer genuis please respect me

please keep conversation on topic @high dock

I've asked before but I'm still confused on how to encrypt my packets using the ssl module. I basically have two pcs which communicate via a server and I want to establish a secure, encrypted connection between theese two devices. I'm using TCP. There are not many resources available regarding this. The docs are confusing and when I try to use a self signed cert it gives me errors even though I'm just on localhost and I will forever be on localhost as this is just for educational purposes. I tried implementing AES but that's even more confusing when I will in the future add more devices, I just don't understand how. I want to learn from this so if anyone has any resources it would be appreciated.

I want to do accomplish this without using any additional library other than the ones available in the standard library such as sockets, ssl and such.

Dont rly know where to start

People have mentioned https but im not dealing with web applications

@thorn obsidian who df are you

you are not very kind, are you?

@thorn obsidian WAS I TALKIN TO YOU BEACH

get it beach instead of B****

<@&267629731250176001>

(not sure if right way to go about this).

just ping them

yeah, please calm down @high dock

who are you

i have to poop ill brb

that's your last words, huh

!tempban 361264321835040783 7d On further inspection of your message history, it looks like you're only here to troll and mess around. Your first few messages here are "sup nerds. i just got back from banging your girlfriends". Not very appropriate here.. Then, you try to @everyone and say "im a computer genuis please respect me" for no reason. The low effort trolling is not appreciated here. Please reread our rules and CoC if you decide to come back.

:incoming_envelope: :ok_hand: applied ban to @high dock until 2020-08-02 00:15 (6 days and 23 hours).

Does anyone know where I can find (if there exists) benchmark times for calculating hashes with Python? I'm taking about how long to calculate n hashes of SHA256 for example using Python.

it really varies depending on the length of the password salting/peppering wordlists etc

If i want to make security programs is there a specific module for that?
And is there a feature in python that can search for files in the pc?

I'm learning cyber security and i need help with this

@thorn obsidian make security programs? What defines security programs?

For example a basic security program that checks for new files that have been added and a delete files feature

for personal use ;-;

@fluid scarab We discussed this, and your best bet is to use something like Flask/Django. If you really want to go the route of sockets/ssl, you'll need to know a whole bunch of edgecases.

@thorn obsidian So something like Tripwire?

umm

one sec lemme see what that is

Yes i think

I'd look into Intrusion Detection Systems ( IDS ) and Intrusion Prevention Systems ( IPS )

Ok

why did you do that ion thing?

;-;

anyways

thanks for the help :3

@thorn obsidian Because my initial post was Detect, and my bolded text indicated an edit

Oh ok

thanks for the help tho

No problem, hope that helped

👋

@thorn obsidian I'm confused, isn't flask and Django for web frameworks? I'm working on something low level so I'm only dealing with tcp

Direct communication between two devices

Yeah, this is the chat program or some such?

I have two devices over lan which I want to establish a secure connection

Which means that when im sending packets to one another I need them encrypted

If it's over LAN, that's different.

I wouldn't do this over wan, yet

You don't really have the ability to properly do certificates if it's over LAN

Yeah I got some certificate errors yesterday it was something about localhost stuff

Have you looked into Briar? https://f-droid.org/en/packages/org.briarproject.briar.android/

It looks to fit what you need. Though, not sure on it's audit/safety/security status

Haven't heard of that before. Would it be hard to implementing something like aes yourself using some of pythons crypto libraries?

You can do that, but it's not something I'd suggest. Signal/Briar seem to solve any messaging issues I have when it comes to that kind of stuff.

Mind you, there are things like https://cryptography.io that exist to help you through that

It's just when you start dealing with cryptography and everything, it's a good idea to find something that already exists and has been vetted

I see. How can I generate the same key on both clients? Do I need to implement some diffe helman stuff or are there 'easier' ways to get same keys?

I will use the library you posted above

generate the same key? What key?

An AES key, you mean?

The key used to encrypt so I can actually decrypt the message when it's sent

An aes key yes

You wouldn't normally use symmetric encryption for stuff like that

@fluid scarab this article seems to do exaxtly what you want to do just write it in py3

https://medium.com/@md.julfikar.mahmud/secure-socket-programming-in-python-d37b93233c69

Except lazyme has 9 stars, and I've never heard of it before: https://pypi.org/project/lazyme/

For something like that, you'd use Colorama

DHKE + AES GCM?

is anyone proficient in python / Django in order to make a partnership to build a fuzz manager?

fuzz manager?

fuzz manger (master > slave , and adding many child nodes) it's basically a botnet applied for vulnerability research (crashes and security issuses related on the app which is being tested)

it's basically a botnet
Yeah, not something we'd assist with here.

!rule 5

it's not malicious . it just up to you . by the way the project will be used only as a collector in order to classify errors

@teal bone
If it has botnet capabilities, it can be used for someone with malicious intent to create something questionable. Which is all the reason to not assist.

botnet cabaility I mean . you have a master bot collecting the information from slaves (log information) . so no ddos or something like that . if you can take an example would be like a syslog or rsyslog

While you or I may not have malicious intent for something like that, can you say that about the other 70,000+ users here?

That's why it's best to err on the side of caution with these kinds of things

I see double edge-sword

Oh sure, no doubt. But it's best to be careful.

oh well. sorry then.

No need to be sorry, lots of folks come in asking for assistance with things.

I work as a red teamer , and I know people will only want to cause harm to others

im here

ok yeah this is cool

what are some of your favorite exploits to target?

users

always the users

My favorite is bisk

the best user 2020

anyone know any cli program like fiddler ? ( to capture web traffic from chrome )

you mean a packet sniffer?

tcpdump / wireshark

CLI, so tcpdump

can i use it to listen for http traffic?

yeah, you'd have to do some filtering

tcpdump is just straight up a dump of TCP data

thnx

Tshark also

Hey all just wanted to introduce myself! My name is Chris and I'm just getting into IT now, but I definitely want to eventually get into Cyber Security. Not sure what specifically, but I'm excited to continue working through Black Hat Python by Seitz, check out overthewire, hackerrank, bugcrowd, tryhackme, etc.

Welcome to it.

check out https://www.vulnhub.com/ too

Will do, thanks!!

@fading basalt you might want to look into bluehat stuff

how to setup / secure servers and environments (windows / linux)

think of it as recon on a target

@lusty flare hmm ok. Thanks I'll check it out.

Anyone experienced with Setenv & htaccess? I'm working on a website, got some credentials in a .env file but my PHP doesn't succeed on obtaining those variables through $_ENV nor getenv(). I looked it up, I'm on shared hosting so I can't change php.ini, on forums they say I could only try to write something in .htaccess to add a rule to the ini file. I don't know what to write and I'm kinda stuck

And if there are, are there any other options for securing credentials without hash (to make api requests etc. maybe .conf file? Idk, I'm not really experienced with securing creds)

I'm reading some python source code and i came across this very confusing thing

It looks like it is used incorrectly aswell in StructUnionType_new but idk

@spiral pivot You sure this is Python?

https://github.com/python/cpython/blob/c82dda1e08c4b74ca24f88d6a549d93108c319cf/Modules/_ctypes/stgdict.c#L67
https://github.com/python/cpython/blob/c82dda1e08c4b74ca24f88d6a549d93108c319cf/Modules/_ctypes/ctypes.h#L266

assuming ctypes counts as python

Oh, you're talking about the language itself

hahah yeah

Thought you were referring to .py files

😄

then i can understand your confusion haha

That'd be more for #internals-and-peps

alright i'll go ask there, thanks

👍

Any input on what's safer out of apache with django socket vs running django directly?

Django socket?

Also, I wouldn't use Apache, I'd use Nginx

I did something like that before with a socket.
But Nginx over running directly in your opinion?

I'd never directly run Django or Flask. Always on top of Nginx.

Unless it was testing or some such

i mean, you don't necesarily need nginx, but hope you mean you're still usinga production grade server

Alright, at least somewhere to start. I'm slightly afraid of how it'll work out.

It will be my running server, I'm already online

with gunicorn?

Just an empty apache as of now, and cockpit panel for virtual machine

But yeah I think the socket thing was gunicorn

looking for some people to help write plugins for this tool https://github.com/backslash/AngstStealer/