see protoc

👀

These questions are more appropriate for #dev-contrib

oh

well

the reason I didn't ask there is I'm trying to host it myself and use it for my own purposes

not exactly contribute

but ye, will do

yeah, dev contrib is for any discussion with our projects

My script integrates with an API which needs an access token. I’ve read about levels of security(https://stackoverflow.com/a/12461944) and I’m hoping to at least reach the level “Security provided by encryption that can be broken with some effort.” or better yet “Security provided by encryption that is impractical to break given current hardware.”

So I’m thinking I’ll encrypt this access token, put this encrypted token in a config file/environment variable. And then in the script, I would decrypt it back before using it for the API.

I wonder if this really does make it more secure, and if so, how? Can’t the attacker just look into the script and see how the access token is decrypted back? Is it possible somehow that someone can have access to the config file/environment variable without having access to the script which sits in the same machine?

It's very unlikely that an attacker could compromise this storage file or database and not be able to do similarly damaging things anyway

However better options do exist for things like credentials

Which expire etc

Are you referring to services such as Hashicorp Vault, etc.?

That's what I was thinking, too. So what use is it being encrypted?

I'd presume I need to ask here. Whats a secure way of setting up a network for a website to fetch files from different computers (linked) and post on the main site aka Node-1

Please ping me since these channels like to fill up fast 🙂

https://www.youtube.com/watch?v=nKJmgE-dYds

This is a great talk

yo

Is it a good idea to do logins with plain-text credentials as form data ie. Pressing "Login" will send a POST to the server mysupersecuredserver.com with payload username=johndoe&password=mysupersecretpassword&token=definitelyrandomtoken?

(It's suspiciously specific, yes; no I'm not running attacks against this server as this is my campus' server, funny businesses risks getting me expelled)

Hashing should be done server side if that's your question, remember to don't expose the credentials in the url, send them as json.

Why should hashing be done server-side and not client-side?

all your base are belong to us!

Good afternoon everyone

Hi everyone , is it possible to make a worm that spreads over the LAN in python ?

Yes

It isn't plain text if that is going over HTTPS

i started doing some cryptography and i made a caeser cipher program which works perfectly. i wanna move on to something a little harder, and i was told to look at a substitution cipher which is a "more generalized caeser cipher" but all i get in search resaults in caeser cipher lol. am i looking for the wrong thing

!rule 5 @worldly condor

@icy drum in a caesar the ciphertext alphabet is a certain shift from the plaintext alphabet

eg pt=ABCEFGHIJKLMNOPQRSTUVWXYZ ct=BCDEFGHIJKLMNOPQRSTUVWXYZA

but for generalized monoalphabetic substitution ciphers

the ciphertext alphabet can be any permutation

eg pt alphabet = ABCDEFGHIJKLMNOPQRSTUVWXYZ ct alphabet = LFJTQVEOUNZXIGBARSPWHMCKY

but you're still just substituting values from the plaintext alphabet for the corresponding values in the ciphertext alphabet, the only change is the restriction on the ciphertext alphabet

If you have password and gives it to the server then server makes hash(password) and store it in some database - then no one knows about real password because it's stored in hashed form. From the other side you can send hash(password) to the server - then server can store it in database without hashing again. Your hash(password) is now a plaintext because you don't need to know password to authenticate - you can just use hash(password) stolen from the database

does anybody know something about kali linux and ethical hacking?

I don't think you're allowed to ask about that

why?

Because it may conflict with the rules

Rule 5

ooh

pkay

okay

Thanks

Yep yep

Try asking in the HackTheBox discord

Okay but if you use the code for good purposees would it be okay hten?

then*

Like being a white hat hacker

Well I can't definitively say, it would be better to ask a mod

As far as I know you are not permitted to ask for help for something that could be interpreted as malicious

Okay then i will do so

Thanks for the help

Is this correct <@&267629731250176001>

!rule 5

Yea, that's correct

While your intentions may be good, there is no way for us to verify that.

So we err on the side of caution, and don't allow discussion of it here

Ok thank you for the help then i know where to ask and where not to ask;)

thank you

Hello. I have a project which consists of creating an IDS system with python. but I don't really have a complete idea of the problem. I would like to know if it is possible to carry out this project and if so, which library could I use?

so far i can only capture packets with socket and struct. so I can't figure out how to continue to detect intrusions.

please please help me. I am taking all the proposals

thank you very much

so can I get help with hacking here?

hello i want to get started in cyber security with python. I am pretty much an intermediate beginner. I did all the beginner stuff like OOP loops, conditions, strings, etc etc. Should i complete the intermediate stuff like lambda, decorators, generators and other stuff or should i just go onto learning cyber security

You are on the right track in terms of being able to capture packets and reading them in. The next logical step I would say is identify a couple of rules that you want to alert on. An IDS is supposed to detect a potential intrusion based on a set of rules. So I would recommend looking up a few rules that you can implement in python as you read in those packets. A good example of an open source IDS/IPS software is Snort which also has an open source list of rules.

if you have a good understanding of programming in general and you want to learn a bit more about cybersecurity + python, I would recommend you pick up the black hat python book

i had a built something like that with a couple of buddies. used machine learning to create a behavior based IDS.

with kaggle datasets

So usually, you're not supposed to push secrets and environment variable to github, for security reasons, right?

Is there another way you guys prefer moving/backing-up those files?

You should never ever push secrets to GitHub

And you shouldn't have to back them up

Rly? How about creating encrypted backup?

What if you forget an api key? Lose a file in a crash?

ok thanks!

API keys arent meant to be remembered. A good practice when it comes to API keys should be rotating them frequently. This is a good practice to keep in mind to make sure that you are capable of rotating your keys so that if you do "lose" them, you can revoke lost or compromised keys and generate new ones

Hi all,
I am trying to decode some specific fields (already encoded base64) across the collections while retrieving from mongodb using pymongo. Is there anyway to achieve this in pymongo / python? Any help would be appreciated.

Why is this a channel then

there are other aspects of computer security besides 'how 2 hack instagram account??'

You generate a new one

did you read the channel description at all

I thought that rule applied to things like encryption @fading plaza

And this was just useless

Sry

encryption is not black-hat?

wut

can some1 help me with this https://cdn.discordapp.com/attachments/820532449179074571/821938828318998598/unknown-109.png

what the actual fuck

@untold sable wrong channel btw

just vscode or other apps?

notepad

dark theme

Of course not

but it can be used for it

a knife can be used for crimes

does using a knife automatically make one a criminal?

no

you're agreeing with jony

but possession of a lock pick is illegal in some countries for example

and possession of nuclear weapons is probably illegal even in the us

Hi, can anyone recommend a hex editor? I want to understand a binary format (gettext .mo) better. Not for security, but I thought maybe someone has an idea anyway.

hexedit works fine

HI,
can somebody tell what does passphrase do in encryption ?

making toast with butter is a crime now

windows?

or linux?

You can generate encryption/decryption key from the passphrase in symmetrical cryptography

hi,
I'm trying to decompile an py2exe exe file.
what's the best way to do it ?

Ghidra

https://github.com/matiasb/unpy2exe

then uncompyle6/decompyle3 the pyc file

tks,
it was actually a pyinstaller exe file so I had to use:
https://sourceforge.net/projects/pyinstallerextractor/files/latest/download

another question,
I extracted my exe and got the main file with no extension, I know it's the main file because of a stack trace in the app:

how can I get meta info about the file content so that I can use the right decompyler ?
(uncompyle6 tells me it's not a python file)

Anybody have thoughts on CD/DVD malware? I (UNINTENTIONALLY) bought a counterfeit windows disc that’s undoubtably of high production cost and although I checked it in a USB booted Linux partition, I’m concerned about micro-code and bios malware now

They're rare

might want to remove the 'counterfeit windows disc' part of that and replace it with 'indeterminate dodgy bootable CD I want to use'

a la rule 5

i think it is

I already got into it with everybody in the other channel. It was BNIB, trusted seller, and elaborately faked disc that passed most of the disc securities so it was completely unintentional

But now I’m left trying to figure out how bad something like this is going to be

so it's a bootable installer disc?

with an embedded license key?

presumably 10

If you're concerned, look into the possibility of extracting the key. Then download an official image from Microsoft and activate it with the extracted key.

Thanks for the interest...
It's an OEM install disc. The envelope packaging had small, insignificant typos, and the actual disc itself is of the special embedded hologram type, with mirrored images on the reverse. I'd say 9/10 things checked out according to https://howtotell.com, but when I inserted the disc it was simply called "WINDOWS 10", which I know is unusual. So I verified the checksums and they are not valid according to other sources.

While fortunately I did not install it, I'm concerned some sort of code could have executed simply by inserting the disc and/or browsing the file system. I checked autorun.inf which seems legit, so it's not an Autorun virus AFAIK. But I don't get why it's such an elaborate fake

Not just a fake, but the contained data must be compromised seeing as checksum internet searches returned no relevant results

Frankly, I'm worried about micro-code viruses and other such deep level hardware infections

If it contains the key then isn't every copy inherently going to have a different checksum

Hmm, that's something to consider. Do you mean a product key? The product key is included on the inner envelope though, it could be included from a real disc, or itself be a fake. It's difficult to tell

And I would assume the checksums would be consistent for each build, with the user having to activate their copy themselves.

Okay, so the key is not embedded in the installation files? You just have on a piece of paper?

A sticker, yea

Well if you just care about installing it, then like I said, you can get the image legally for free from Microsoft. If you're just curious about the legitimacy of the cd anyway then I don't have an answer.

The disc was apparently produced in January of this year, with version 2004 (20H2 came out in Oct 2020...), but the fact that it's so new makes me even more concerned over how it doesn't meet all the disc verification points

Yeah, thanks anyway

😩

hi guys,
I decompyled a pyinstaller exe file,
I've got pyd, pyc files that's ok but I've got the main file without extension.
how can I get information about what kind of file this is ?
I'm sure it's python ish ( I see it in the error stack as frozen file)

are you on linux or windows?

if linux, file might be able to help

give binwalk a go if you have zero idea

tks, I'm on windows but will use WSL should work

ok tks,
My other option is to get the file from memory when the app is running

well file seems to not know much about it:

Anyone have any experience with the OSCP?

are there any inherent security issues with authenticating via user/pass per request over https, either using http basic auth or form data? I could make my own oauth provider, but I'm currently only trying to secure a single endpoint

your best bet is using form data to get a token or session cokie

I thought cookie would be vulnerable to csrf though

I wanted to do it programmatically, without an actual form

you want to avoid basic auth because that is basically a cleartext set of fixed creds that can be re-used

hmm

yeah csrf is a different vulnerability that you would have to address after receiving the token

well I would compare argon2id salted hashes, rather than comparing plaintext

I just want the simplest method

i shouls prolly explain what im doing

I wrote a web extension to communicate with a daemon to archive a webpage
I want to make it so you have to authenticate the daemon
It's basically just POSTing a single url so I don't want to do full oauth for this

ok so you're making a POST request to an endpoint and you just want to authentcate that request right

yea

there might be something like 5 users in a sqlite database

creating an entire oauth provider for this seems unnecessary

yea i would agree

i'd go that user/pw route

issue short lived sessions

and you can add on anti-csrf tokens to your post requests

and then you won't have the csrf ssue

yea

alright, thanks

no probs

actually, is there any point in having a session at all? if i just passed the user/pass every time, i wouldnt have to worry about csrf, bc there'd be no cookies

itd be p much stateless

@keen prairie

i mean ig i could if i wanted to

and i could hand a new csrf token each request

yea you can do that

but then do you really want to pass in a user/pass everytime on the offchance the connection is unsafe

like if your client is somehow being MITM at some point in their application experience after they've logged in, then the only thing being passed back n forth is the session cookie and not the user/pw

Is it possible to use binary exploitations in semi interpreted and compiled languages like Java?

whats a binary exploitation

Let's say a buffer overflow attack that is done to code that is compiled

python recently had a vulnerability due to misuse of... I think it was scanf..... so.... sure?

Wait woah, how would a binary exploitation work on an interpreted language, or was it some other form of exploit?

scanf seems like a c function

ah, it was sprintf, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177

is that right, ill check it out thanks

you can try it yourself:

>>> import ctypes
>>> x=ctypes.c_double.from_param(1e300)
>>> repr(x)

gives an illegal instruction error and crashes python on MacOS. Linux doesn't seem to mind...

can you explain to me what it does?

It doesn't crash on windows it seems but i have no idea what it's doing

string representation of x seems to be a null character / zero width space, but thats just an assumption from what i can see

the interpreter is using the sprintf function at some point in the underflying implementation of c_double , and apparently not properly checking the input because it is corrupting the interpreters call stack

Is that so, what is 1e300?

Is it a memory address

its a big floating point number

oh

This must mean that if we craft the payload in a certain way, we could affect certain parts of the callstack to avoid crashes?

https://inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf

Would it?

absolutely, that is a classical security bug, it is also very hard to actually exploit in a reliable and consistent way

Oh right, my only question left is, is it common for people to use ctypes in python?

That is the only way it seems to exploit python, native python would be way too dynamic and unoptimized to be messing with the call stack

it depends who you ask. In general it is used very often, but a lot of people are not actually aware of it. it is used for language bindings that wrap c libraries, which happens a lot in lower level libraries in python

That is very informative, thank you very much

I am hosting my RSA library on github, please check it out at https://github.com/Z-40/MicroRSA

Any help/suggestions for improving MicroRSA are welcome

how would i make a login panel

im beginner in python

@thorn obsidian web, or where?

in python

using SQL

!warn 715650369799323719 please don't post copy pasta in this server

:ok_hand: applied warning to @thorn obsidian.

First of all - add setup.py or something

Secondly - add some tests

How can I use onionshare in my python client code so that the code can send files to a tor server or a server that also uses onionshare? and it would be best if I could implement onionshare in the client so that I don't have to have the lib installed on the pc, has advantages if I convert the project later. I'm still trying it out locally on my pc, that is, sending files and connecting via tor, but I want to use onionshare so that everyone can send files anonymously to my tor server with the client code. would be nice if someone could explain that to me

Stem

https://stem.torproject.org/

@thorn obsidian thats not help me, i want to use onionshare

You can't easily do that

OnionShare has no API

Maybe you can subprocess.run it

its also a modul: onionshare_cli

How do I compress a 100 tb bomb?

um

!rule 5

sad

I wanted a 100 tb bomb

Go to a pen testing server

thats blackhatty

you're going to get banned from pentest servers lol

compress 100tb up to 10mb, lol

How do i get started to pen testing?

any tips

I thought zip bombs don't work on modern windows.

Go to TryHackMe, its a site that gives classes on that kinda stuff. Hack The Box is also a good place to practice if you have some experience. Vulnhub is another site to get VMs for pen testing practice.

NetworkChuck is a good youtuber who does streams where you can ask questions about pen testing and network security.

@timid jolt Thanks for the help. I want to work on the back end of things so this should really help to gain some knowledge of how to think like a hacker to a certain degree.

I forgot to mention that you should start using Linux and getting familiar with it.(If you aren't already). You should also get familiar with different Operating systems, hardware, and programming language. It will help when trying to find exploits for different platforms.

@timid jolt I'm trying to make a VM so i can download and learn Manjaro linux. After I learn and complete some more projects for python I'm gonna learn C++. I didn't think about learning different hardware.

@timid jolt It does make sense though. Like you said "It will help me trying to find exploits for different platforms"

@light vigil What i mean by hardware is stuff like making computers or devices designed for hacking.

@timid jolt I thought you meant learn how servers works. That also makes sense. I know of bot scrapping, Trojan horses, and ransom ware. Even though a scrapping bot isn't hacking, it can be used to gather information from the person device.

That too

@summer stump for your help man that really helped me out.

Your welcome

hey can anyone help me with a project well if so please dm me

Project I've been working on

Seems like it is against rule 5, please don’t share it here

hello

i come here to ask a serious and very alarming topic

i am in danger

i believe i am in danger

in terms of my security on the internet

now

i got a dm from a random person from the unity discord server (i share a server with them) and they told me that i am in danger, that 4chan users are after me because of my "toxic" twitter account. now i deleted my twitter account, bu i am worried. this person who messaged me, can he be trying to hack me? I didnt give any personal info, but can he hack me? Should i be worried? 4chan is a pretty dark place.

thank you for helping me

the thing is is that i forgot the guy's username so i cant report to discord. I dont know what to do i am worried

As soon as they don't have personal information and you didn't open any link/downloaded any program from them, you can stay sure nothing can happen :) @lunar agate

very good! thank yoU!

this was a troll

yeah the guy was prolly trolling lol. whats strange is that he knew my twitter account.

hi,
I'm trying to decompile a pyc file with decompyle3 or uncompile6 ,
but I'm always having this issue:

Parse error at or near `JUMP_FORWARD' instruction at offset 2872

# decompyle3 version 3.3.2
# Python bytecode 3.7 (3394)
# Decompiled from: Python 3.7.2 (tags/v3.7.2:9a3ffc0492, Dec 23 2018, 22:20:52) [MSC v.1916 32 bit (Intel)]
# Compiled at: 2021-03-26 23:07:36
# Size of source mod 2**32: 23702 bytes
Instruction context:

 L. 240  2866_2868  CONTINUE_LOOP      2292  'to 2292'
              2870_0  COME_FROM          2864  '2864'
                2870  POP_BLOCK
->              2872  JUMP_FORWARD       3004  'to 3004'
              2874_0  COME_FROM_EXCEPT   2514  '2514'

is there a way to fix this ?
I can't find a solution

If one has a static IP, then what benefit is there to reducing other fingerprinting surfaces?

Since by design my IP is available to websites, why would they not use that to identify me over looking at my user agent, language header, and other stuff?

Or why would they even need any of that other stuff? For users on small home networks, IPs are already unique enough aren't they? Granted, I suppose it can't know if that's the case.

ips change relatively often, and many users use a vpn

also if there are 4 people in your household, just using IPs would significantly damage attempts at fingerprinting

given that you lose a lot of the targeting potential

and if the ip they get is the IP of a coffee shop or school or something then even more so

if you made a complete software and you want to protect the source code so then you have to encrypt it, and by doing that you need to implement a key to decode the script. So my question is how you protect the key.

Do you mean that you have some encrypted volume with source code? You can print the key and store it in the vault - and it's not a joke.

If it is static, sure, although you work under the assumption that it isn't shared

thank you when I was thinking about it I was stuck in a loop of encrypting every solution of the cipher.

Anyone worked with this repo https://github.com/corkami/mitra

should I encrypt a database that stores no sensitive information (that means no passwords, ip addresses or anything: just UUIDs and program's settings info).
it's stored in a file on the server that the program runs in.
common sense tells me it's redundant, but not too sure.

if user's made changes to the file

how would it affect the server? if there is no direct effect then it's probably redundant.

why would you encrypt it

doesn't stop people exploiting a vulnerability in your program

if they have access to the server by some other route, they can just delete the database

I have a program that is utilizing Pyppetteer, and what it does is go to a url, copy the source code, and render it in a headless browser like a screenshot

unfortuneately it is running on the same IP for too long and is getting bot flagged

I would like to use it through rotating proxies and was wondering if anyone had any know-how of them or pyppetteer specifically?

aye

ask away

Hi amm, a friend of mine just entered in a fake steam link, and he got his account stealed, now he has three proccess that keep respawning everytime he tries to kill them, It wasnt pishing I guess, because he says that the page didnt ask for any information, was that made using Javascript? Anyone knows if there is something to worry about those proccess?

fair point thanks

The website didnt ask for any kind of information, he just opened the link and then he recieved some emails about the change of the email account, etc

And also three "browser subproccess" without any icons

I told him to use recovery and the problem seems solved, but I'm still guessing how that kind of attack works xd

The subproccess dissapeared when he run windows recovery

Ran*

Sorry my english is bad

Recov

Everything seems normal now

Lol

Nothing, its just weird? Only running a Javascript in the browser can make someone to download stuff

Lol, I'll google that

I didn't know

thx u so much

Have a good day too

https://discord.ly/huncho

my anti-nuke bot

Anybody know today if microcode viruses are much of a thing? Bought a Windows disc that turned out to have wrong checksums (must be counterfeit disc). I haven’t installed anything but I looked at it in a USB booted Ubuntu, worried my hardware is infected now

Doesn’t linux load it’s own open-source drivers? Surely my hardware has not been affected

Keyboard, mouse, DVD drive, capture card , speakers, etc

I checked it without a HDD attached but I know bios infections are a thing

hey guys i just published my own RSA package on pypi

and the key generation is 5x faster than the original rsa library

you can install it by running: pip install u-micro-rsa==2021.1

Speed is not the only thing that you should to take care about 🙂 how about timing attacks for example?

I have used blinding to prevent timing attacks

🆗

Is this possible to have key online in memory? I don't want to save it and read again and again when I want to encrypt or decrypt something @dusty geyser

what do you mean by having the key online in memory

I see that in decrypt you have following structure

def decrypt(...):
  ...
  if ...:
    raise ...
  elif ...:
    raise ...
  elif ...:
    raise ...

As far as I know pylint should suggest

def decrypt(...):
  ...
  if ...:
    raise ...
  if ...:
    raise ...
  if ...:
    raise ...
  ...

You have load_pem_pub for example inside encrypt function

I want to load key and have key object

ok

i can add that today

Like you have two objects: PrivateKey and PublicKey

yes

You can create public from private, encrypt using public and decrypt using private and so on 🙂

yes

that is a great idea

You can write some unit tests too - it should be easier to do it with in-memory object rather than using temporary files to save and load keys

However good job!

thank you for the idea

Your welcome

hi, is simple-crypt module good to use?

How do I add a simple pass phrase to a QR code, so that the user would need to auth before getting the info

Encrypt encoded information?

I would rather use cryptography.io

It’s a link in the qrcode and I want the user to auth with a passphrase

It’s a once of link, nothing permanent

So user has QR code, doing scan and you want to ask about passphrase before open link?

Yes

Is this QR code generated by your application?

I’m thinking a simple user input with an if condition

Yes I have coded a Qrcode generator already

So in my opinion you should encrypt link before encoding and then after scanning ask about passphrase, decrypt and check result

If it looks like link (for example starts with https://) then passphrase is correct

It’s not an (https://) link, it’s a unique link from another app which I want to qrcode with a passphrase.

So once you auth with the passphrase you can access the link

I don't know how can you protect link in another way, you can always scan QR code with different application and you don't need to put passphrase as far as I understand

No problem

I'm not trying to protect the link only access to the link, if this helps

python just released a fully-developed official pep that'll change booleans forever?!?!?!? and it's gonna be implemented in 3.11

link -> https://docs.google.com/document/d/1gvq4rdMVzrEFAlVCSPvGs4mstI8831seOEDpwiRRWW4

I feel today's date might have something to do with it

@lapis radish could i add the following code into the qr-code generator to assist with my query:

import re

p= input("Who Started the Group CTBR:")

def main():
passwd = 'Geek12@'
reg = "^(?=.[a-z])(?=.[A-Z])(?=.\d)(?=.[@$!%#?&])[A-Za-z\d@$!#%?&]{6,20}$"

# compiling regex
pat = re.compile(reg)
  
# searching regex                 
mat = re.search(pat, passwd)
  
# validating conditions
if p:
    print("Password is valid.")
else:
    print("Password invalid !!")

Driver Code

if name == 'main':
main()

I don't know what are you doing

the main() is the password validation function, it will take the user input run through the reg to match the input to the password that is coded. the if conditions validate whether they match or not and would either return access to the link or not.

untidy yes but the concept of what I'm trying to achieve is here, could this work?

Why do you need regex? You can just simply do if p == password:

Thanks I just needed confirmation whether i could use a simple if statement

but where would the condition be place in the code, before the generation of the qr-code or after

You can however it's not very secure

its cool i dont need it to be complex

If you want to secure generation with password then generate QR code only when password is correct

can anyone explain me the concept of regex?

module

It's not related with security However regular expressions are useful when you want to parse data

i = int(re.sub(r"[^01]", "", binary_repr), 2)

what does this statement do?

remove anything thats not a 0 or 1 from the string, then convert to an int

Regex, or regular expressions, are a system of string parsing/filtering. There are lots of good tutorials out there on regular expression for python.

Oo thanks

just released micro_rsa version 2021.4

guys i have one small doubt in jwt , after the successful authentication jwt is returned to the frontend , so imagine that jwt data contains the authenticated user's username ```
{
username : someone,
expires : 162834123
}

@fiery hill that is why a JWT should only be sent by a server & used by a client using https tls

i see , so if it is used in http it wont be encrypted and theres a potential breach right

Yep

yes?

@glad gull Do you have something to tell the moderation team, or was that on accident?

Is there any text/voice channel that has AI?

sorry I am slow at typing

There's nothing in any of our bots that implements Artificial Intelligence.

no in the server

Also no

oh ok

hwt

hello

Hello folks, smol question: should signatures always be salted?

I am making a tool that will be used to manage keys, the whole data file will be signed with the master key to avoid tampering

I don't see much point in this tbh

.

.

HI

how to become a hacker

Hi, what's your question, or remark, or whatever? @main ledge

there are (probably) some wonderful guides for ethical hacking online

however, we won't help you for the black-hat part of hacking, because of rule 5

!rule 5

i wanted to know if anyone got any server or ..... for learning ceh $ pwk

or any thing that help in learning c security

hi what does that they them mean in ur name? @fluid verge

those are my pronouns

hum... sorry, I'm not qualified for this, I'll let the others answer that

they indicate ur gender or?

yep

😘

tnx

i just started learning python

same

and im watching some videos around the net

im wondering how to become a gray hat hacker

any advice?????

if you just started learning i think it take some years

ah i got all the time in the world

we need to learn linux

im young

ceh

pwk

sans

ah i really dont know what to start first tbh

network

mcsa

i was just writing some codes and watching videos

and some others

if you have any specific question, there are the helps channels, if you want general advice, maybe try on the #python-discussion channel. for networking thingies there's #networks

but im kinda scared to explore deeper since its dangerous

thanks bro

why dangerous

this channel should be for security subjects only (because of rule 7)

idk im scared of police breaking into my house if i try some hacking

like ive seen people buy vpns i have one too but really have no idea if it protecting me

!rule 7

oh crap, im sorry

best thing to do to not have police breaking your front door is to stick to white-hat, probably (even though that may not be enough sometimes because some companies are quite annoying sometimes)

to become a white ethical hacker you still need to learn all hacking ways

all color hats

well i was just wondering how to do some tiny hackings not like taking money from someone etc. just want to have fun but ye

should probably watch some self protection videos

does anyone try to view source of video malware?

video called "hello your computer has virus"

found it

video switches format(yuv420p) of the video to unknown format(yuv444p) which your cpu or gpu can't decode it

I've done some OSINT related infosec volunteering helping find missing people, but other than that I'm not proficient in the security field. I like to lurk this channel sometimes when I'm not learning Data Science related skills.

I find somewhat funny how many times you guys have to say what the rule 5 is.

Hi y'all , total noob in here starting out with python for the second time , I'm doing the Al Seiwart course on automating the boring stuff and I found it utterly boring , what advice can you give me to endure it?

I think I found it that way because I'm not getting the practical sense of it ( and also is tone is boring )

However I found interesting the applications for Python in Hacking , any tips or advice for a total newbie ? Looking for a mentor/friend right here

I cannot help you much pointing where, but try a more practical approach on a project on your own. I would start reading on network and how it works.

I have done this but again , just reading and reading the theory and fundamentals is tedious 😦

You need the theory to put into practice friend. I'd suggest looking for different branching on the field and learn a bit on what they do and see if that interests you so much that it feels less like studying.

perhaps try picking a project, just get started and youll quickly find out what you don't know. maybe this will help motivate you?

@mortal perch I know it might sound as a trite question but I rather ask to a human than read some listicle;

What would be a good project for a total newbie?

it's got to be something that interests you if you want to learn through this method

you have to want to complete the project

so i cant tell you 😄

Simple program I made, it works well. The focus of this simple program was to write clean code, something I struggle with on the daily, could somebody rank my code on a scale from 1 to 10 in terms of neatness and how clean it is? and give me tips on how to make this code cleaner and tips overall that apply to any code I write. (IDK if this is a good channel to put it in but i cant find any other one thats relevant srry)

if __name__ == '__main__':

    count = 0
    user_responses = {}

    while True:

        user_last_name = input("\nPick A Last Name: ")
        user_responses["Last Name"] = user_last_name
        user_noun = input("\nPick A Noun: ")
        user_responses["Noun"] = user_noun
        user_verb = input("\nPick A Verb: ")
        user_responses["Verb"] = user_verb
        user_pronoun = input("\nPick A Pronoun: ")
        user_responses["Pronoun"] = user_pronoun
        user_adjective = input("\nPick A Adjective: ")
        user_responses["Adjective"] = user_adjective
        print("\n")

        for i in user_responses.values():

            vowels = ['a', 'i', 'e', 'o', 'u', 'A', 'I', 'E', 'O', 'U']
            try:
                i = int(i)
            except ValueError:
                pass

            if isinstance(i, str) and i.isspace() or i == "":
                print("Please try again whitespace or a empty input is not a valid input")
            elif isinstance(i, int) or isinstance(i, float):
                print("Please try again '{}' is not a word, its a number".format(i))
            elif len([x for x in i if x not in vowels]) == len(i):
                print("Please try again '{}' is not a word".format(i))
            else:
                i.strip()
                count += 1

            if count == 5:
                print(
                    f"\n \n Dr.{user_last_name.capitalize()}, {user_verb.lower()} ran to the emergency room, after a "
                    f"citizen had called 911 due to him claiming he swallowed \n a {user_noun.lower()}. "
                    f"{user_pronoun.lower()} was scared for the upcoming surgery {user_pronoun.lower()} to perform")
                break
        if count < 5:
            continue
        elif count >= 5:
            break

For a general code review, please ask in a general help channel. For a "security" code review, please ask specifically for a security review

aii

Linux, hacking foundamentals, pentesting, kali, virtual box, cross site scripting.

I have a question. Do you guys prefer to have Kali in a partition or in a USB?

When you acquire more knowledge, try some pages like Rootme, they have CTF's and some challenges about hacking

You can practice in those pages and you won't be harming anyone

You gotta be careful with what you do

nice pfp ahahahah elliot

thanks will look forward to those thingies

?

just nvm

saw ur pfp

its elliot from mr robot

ik

wlliot is the type of guy to look you dead in the eyes and read your soul

sorry but what theme is this

its darcula

within jetbrains

!rules

So i am currently trying to make a Asymmetric Encrypter but i can't get this one thing to work,

which one thing

!rule 6

the part i commented in the code.

Hi, i'm making a diary/journaling program, and i'm wondering how to impliment token authorization/creation into my Flask api server and sqllite3 database.

Right now, my current understanding of it is that it's like a password, and I should store it in my database and double-check against it.
That seems horribly and terribly insecure, so could anyone explain what exactly tokens are, and how to impliment authorization and creation.

Thanks in advance.

hey

when i try to dos my web server

there are no get requests on the server side and the server doesnt slow down AT ALL

pls help

im hosting the server locally

on my machine

and trying to ddos it from my vm

Where do you want to use tokens?

!rule 5
We cannot verify that you are performing DoS on your server or not however helping in attacking other persons is unallowed

well i do only wanna ddos myself

but rules are rules ig...

Anyway, you should see decreased requests / second metric on your local server

Maybe the problem is with measuring this metric

so what's the problem

seems like your comment says exactly what you need to do

Well it's not finding the file

so why did you remove the part where it tries to open the file

and what error does it give

when i put the placeholder/file name in the it says there is no file with that name

where are you running the program and where is the file name

I am curious, how does it work if one requests a security review of an encryption algorithm? How detailed would it be?

Analyst should verify that algorithm is unbreakable for any known attacks (except brute-force ofc)

Would this apply to novice created algorithms as well? That sounds like an amazing opportunity to learn that I would really appreciate.

I think that you shouldn't roll your own crypto

It's difficult to create secure algorithm

Because you don't know what you don't know

I completely agree, but I am doing it as a fun hobby. I don't intend to rely upon it for any security reason.

You can check some old algorithms like DES and attacks which break this algorithms

Read about construction methods

How attacker can break those schemes

There are cryptanalysis methods which break even unknown encryption algorithms as far as I know

The algorithm I created is a symmetric substitution based algorithm. Though each character is shifted by an individually generated amount on an individually generated character set (derived from the key). The shift of the previous character also impacts the shift of the next character.

By unknown I mean undocumented

To be extra fun as well, it embeds time of encryption into the ciphertext in a way derived from the key, and any change in time also completely changes the resulting ciphertext.

How about time-* or power-consumption attacks? 😉

I had never heard of a power-consumption attack. From my rapid Googling, my understanding is this attempts to use the actual operations/what hardware does to understand/break it. I have limited understanding of how this works but with sufficient understanding of all the values generated by the algorithm and being able to pull those numbers, you could undo it (presuming you pulled the character sets as well). Though it would seem easier to find a way to get the key which is an inherent risk with any symmetric encryption algorithm.

I'd say that it's best described as "attacks are not significantly better than a brute force attack"

Right, it's pretty nice explanation what I understand under unbreakable

is this site safe, malwayre bytes kept blocking it
ive checked some online website checkers but it showed it as safe, however the domain name and the http is not giving off good vibes

.topic

https://stackoverflow.com/questions/67017349/convert-js-aes-256-encryption-function-to-python

Anyone able to help with this?

What's a good way to protect my code from being uncovered?

I used pyarmor before but I jsut don't feel like it's good enough.

I've seen people share ways to crack it.

why are you worried about your code being uncovered?

^

hello , I've been doing a little linux kernel debugging lately , and I came across this thread_info structure which is supposedly stored at the bottom of the kernel stack , does anyone have an idea of how to get the actual address of this structure using gdb?

Hello! Is anyone familiar with multi prime RSA decryption and can help me with a small issue?

#help-popcorn

using MongoDB with mongoose for a real world application, I need a way to hash and salt a user password. Perhaps I googled bad, but are there packages that can help me with that so I dont have to rely on my bad code for something that has to be secure?

Also, what is the best way to secure a user from a dictionary attack?
My ideas would be to

1. require a strong password (you know the usual, 8+ letters, at least 1 number, letter, special char)
2. have a dictionary of most common passwords myself - not allow a user to set a password if it is contained in that dictionary
3. have a "Failed Login Attempts Lockout" - not sure how to implement that tho.

You can use bcrypt to hash and verify stored passwords

!pypi bcrypt

Okay, you cannot protect users from their passwords - you can force password complexity or password rotation but it doesn't work. Really.

You can inform user that choosen password is weak and that's all. If someone has cat as a password for example and there is requirement to have at least 6 characters so one can create catcat or cat123. It just doesn't work.

You can protect passwords against offline attacks - just use strong hash function like bcrypt or Argon2 or any other well-known secure algorithm.

You can also protect users against online attacks however it can be dangerous.
For example you can block login after 5 failed attempts. Blockade is for next 5 minutes - and even when someone put valid credentials then is not able to login.
How about next 5 failed attempts? We can block account for not next 5 minutes but 15. As you can see the account is blocked also for the owner.

Oh, forget about 2. point. So, how about different languages? How many dictionaries do you want to store? There are known dictionaries from leaks (like RockYou). You can also add some basic rules like you cannot use password as a password as well as password1 or Password.
It can be costly to generate and store all those bad-passwords.

I mean it is still useful to require a min_length to reduce the risk of brute force and special chars against dictionary, but I get your point. I am also a sinner in that regard for "not important" websites and/or when googles password manager does not suggest me secure password (how dare I to use google smh)...

offline attack is new to me - I guess it refers to brute-forcing a weak hash (that is not salted?)

I see the problem with the "failed attempts lockout" - perhaps block IP wise - but for the risk of this attack happening and the consequence (it is a tinder-like messenger - but the chats will be way less intimate) I guess it would be over engineering.

I would use a dictionary from a leak like you said - I dont see how it is costly to check the password against a list of perhaps 10k passwords, O(1) in most cases with a hashmap.

Thanks for the help!

2/MFA would be an option as well, but then we are back at the cost/use factor

I love speaking about minimum password length. Let say you know nothing about me and my password is just я - it's Russian letter which literally means I. It's one letter however if you don't know that I am familiar with Russian you can try and try and try and maybe never guess my password. It also apply to Chinese for example and letter 我. For me the case is not the length of password but being unpredictable.

Offline attacks means that I get password hash (for example I hack your servers and download your database) and I don't need to have access to your systems. I can print this hash on a paper and manually put to some system which has no Internet connection - and then apply dictionary attack or even brute-force attack.

Problem with blocking IP is that you almost always cannot block specified user because of NAT.

I think that English dictionary has more than 10K rows. As far as I remember it can take even 100 GiB when you try to apply some simple rules starting with relatively small 100 MiB wordlist.

MFA is relatively cheap and nice solution. However there are addons for browsers to easily access TOPT codes. It's ridiculous.

You cannot protect users from themselves.

Regarding to offline attacks - you cannot do nothing when I get hash of the password. Only what you can do is to choose secure (and slow for example) algorithm but you must do it before I get access to the hash.

It's the case - you don't have any control, you cannot try to disturb me and so on

thanks for all the information, I will think about that!
I dont really fear offline attacks much for the project, I will be hosting on cloud (heroku/AWS), DB credentials will lay there as env variables and will be hidden completely (even me as authorized user cant see them) - they would need to hack AWS to get them.
@lapis radish

Clouds sometimes give rain (of data) 🌧️ 🙂

You can rely on your provider security but you shouldn't - what if you have such kind of bug in your application which allows to attack your database by using SQL injection? In this scenario attacker doesn't need to know password credentials, right?

There are something like in-depth security systems where you have several layers of protection, each layer protects you in different way and even when you have a hole in the wall then next wall gives you one more chance to protect data.

Oh, it's defence in depth, not in-depth security 😦
https://en.wikipedia.org/wiki/Defense_in_depth_(computing)

Don't know yet all those fancy English terms

Is SQLi still a thing to worry about now that we have prepared statements?

Some time ago there was a buffer overflow bug in one SSH implementation so I must say "yes"

It's part of defence in depth

I mean, I still have to worry about unauthorized GraphQL access asking for recources that are private

First layer is a library, second layer is being a smart guy who know that code can contain bugs

I know nothing about securing access to GraphQL

GraphQL is new for me as well, so I cant answer that - but a quick search showed that Apollo Client which I will be using has authorization and authentication

So, I came here a few days ago with an issue involving a trojan and got it removed via windows security however it seems to have found its way back after having been removed and ceasing use of the browser it came from. Anyone able to help me?

hey could anyone give a brief idea about how to get into cysec? Like for dev and SWE all we need to do is ds algo, know development and stuff and you get in, is there a similar path or roadmap that would help me get into a cysec domain?
Thoughts? lemme know

if a trojan was active before removal, chances are high it hidden itself inside your machine by duplicating its script.
For the future, (if not doing already) - create backups. A simple way to at least keep the most valuable data is to use google backup and sync. If you are fine with paying some money, most NAS device support software that allows you to setup the backup once and forget about it, saving every file change

So I'm looking to understand more around the topic of pkcs12, jwt, and certificates. Are points where to deep dive into that?
More specifically trying to setup a server to server authentication flow where I'm given a certificate & a clientid.
Their page just contains C# example code like

var clientId = "";
var audience = "";
var certificate = new X509Certificate2(@"path\to\Cert.p12", "certificate password");

var now = DateTime.UtcNow;

var securityKey = new X509SecurityKey(certificate);

var signingCredentials = new SigningCredentials(
    securityKey,
    SecurityAlgorithms.RsaSha256
);

var token = new JwtSecurityToken(
        clientId,
        audience,
        new List<Claim>()
        {
                new Claim("jti", Guid.NewGuid().ToString()),
                new Claim(JwtClaimTypes.Subject, clientId),
                new Claim(JwtClaimTypes.IssuedAt, now.ToEpochTime().ToString(), ClaimValueTypes.Integer64)
        },
        now,
        now.AddMinutes(1),
        signingCredentials
    );

var tokenHandler = new JwtSecurityTokenHandler();
tokenHandler.WriteToken(token);
``` Which doesn't help me really.

I've tried writing something myself, which ended up like-

import jwt
import os
import requests
import uuid
from cryptography.hazmat.primitives.serialization import pkcs12, PrivateFormat, NoEncryption, Encoding
from datetime import datetime, timedelta, timezone
from pathlib import Path

JWT_ALGORITHM = "RS256"
CERTIFICATE_FILE_NAME = "SoftRigCert.p12"
CLIENT_ID = os.getenv("CLIENT_ID")
TOKEN_URL = "https://test-login.softrig.com/connect/token"

now = datetime.now(timezone.utc)
pk, *_ = pkcs12.load_key_and_certificates(
    Path(CERTIFICATE_FILE_NAME).read_bytes(),
    bytes(os.getenv("CERT_PASSWORD"), "utf-8"))

payload = {
    'subject': CLIENT_ID,
    'iss': CLIENT_ID,
    'exp': now + timedelta(minutes=1),
    'nbf': now,
    'iat': now,
    'jti': str(uuid.uuid4()),
    'aud': TOKEN_URL
}

jwt_token = jwt.encode(payload, pk, algorithm=JWT_ALGORITHM)
body = {
    'client_id': CLIENT_ID,
    'scope': 'AppFramework.All',
    'grant_type': 'client_credentials',
    'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
    'client_assertion': jwt_token
}

res = requests.post(TOKEN_URL, body)```

Never used JWT. In my case (I have central server and several worker servers) workers authenticate with client certificates. From the central server side I am checking their indentities not by IPs or other traits but checking client certififacte.

From what I've gathered they use certificates to sign a payload to connect/token, to get the actual jwt with my access_token

ughhhhh i want voice perms SO BAD

how do I put my code in the box

What is the box?

oh I didn't know that you were supposed to add the backticks

!code

Are you asking about this?

yes I was thanks for helping!!!

.topic

Network steganography examples

https://tenor.com/view/rip-chat-chat-dead-dead-chat-inactive-gif-18754855

Great video! https://www.youtube.com/watch?v=RzWB5jL5RX0&ab_channel=Computerphile

Hello , I've been doing a little linux kernel debugging, and the vmlinux I have is stripped ,is there a way I can get the debug symbols for a particular kernel version?

Why do not compile own kernel?

how would you hash something using MD5

Are you asking for library?

yep

You can use hashlib.md5 for example

!e

import hashlib
md5 = hashlib.md5()
md5.update(b"data to hash")
print("digest", md5.hexdigest())

@lapis radish :white_check_mark: Your eval job has completed with return code 0.

digest e4c56399c19543c4ebb53d925bfcba18

i would'nt use MD5 for any cryptographically sensitive application lmao

it was meant to be used as a safe algorithm, but it apparently failed

so it's mostly used for checking the integrity of software and ensuring unadultration

i suggest using something like SHA-256 or something along those lines

I just want to use to practice hashing algorithms

oooh

noice

lemme give you another example for sha i have

does hashlib contain all the hashing algorithms

I would say that all depends on the usage case

I don't think so

does it contain the SHA family

There are a lot of hash functions, hashlib probably contains only most used

!e

import hashlib
print(hashlib.algorithms_available)

@lapis radish :white_check_mark: Your eval job has completed with return code 0.

{'sha384', 'shake_128', 'blake2s', 'sha3_256', 'sha1', 'md5-sha1', 'sha3_224', 'sha3_384', 'sha224', 'blake2b', 'sha3_512', 'whirlpool', 'ripemd160', 'sm3', 'md4', 'sha256', 'shake_256', 'sha512_224', 'sha512_256', 'sha512', 'md5'}

As you can see there are some of them

Hey @near abyss!

absolutely

As you noticed - MD5 is a nice choice for checking data integrity

yeah

@dawn flax heres one more example for you to check out

import hashlib
import base64


def hashit(le_string):

    the_hash = base64.b64encode(hashlib.sha1(le_string.encode()).digest()).decode('utf-8')

    return the_hash [ : -1]

string_to_hash = str(input('enter the string you want to hash'))
hash = hashit(string_to_hash)
print(hash)

hashing is pretty fascinating, don't you think?

Why do you use base64 instead of plain hexdigest?

what is hexdigest

lmao

Yeah, sure! In my spare time I am trying to make optimized version of MD5 🙂

just a inner itch to do weird stuff

whoooaaa

cool

what is hexdigest

Digest is a byte-like output, hexdigest is a string in hex representation

the .hexdigest() returns the data in a hexadecimal form

Like you have \x00 byte and you cannot print it as a string, however you can print 00 and say that it's a hex form of your binary data

Here you have Wiki article: https://en.wikipedia.org/wiki/Hexadecimal

good job @lapis radish

when I tryed this code py import hashlib md5 = hashlib.md5() md5.update(b"data to hash") print("digest", md5.hexdigest()) without the hex in digest it returned this ```py
b'\xc5\x06o\xff\xa7\xee\x8e\x9a \x13\xc6+F\\x99=\x14\x9d\x8b4\xe6+9Lb\xc8\xecf\xe0\xeb\x1c\xb3'

this explains it

yeah

!e

import hashlib
md5 = hashlib.md5()
md5.update(b"data to hash")
digest = md5.digest()
hexdigest = md5.hexdigest()
print("digest", digest, type(digest))
print("hex digest", hexdigest, type(hexdigest))

@lapis radish :white_check_mark: Your eval job has completed with return code 0.

001 | digest b'\xe4\xc5c\x99\xc1\x95C\xc4\xeb\xb5=\x92[\xfc\xba\x18' <class 'bytes'>
002 | hex digest e4c56399c19543c4ebb53d925bfcba18 <class 'str'>

As you can see .digest returns object of type bytes when .hexdigest returns a str object

noice

.hexdigest is useful when you want to pretty print output, .digest is rather for later data manipulation

are these the only type of digests

i have no idea i other forms of digests exist

bcrypt for example has different type of an output

$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy
\__/\/ \____________________/\_____________________________/
 Alg Cost      Salt                        Hash

what is cost

!pypi bcrypt

Cost is a factor to slow the algorithm

I see is that factor suppose to be high or low

It depends what you need, if you want to increase security you should use high values like 13-16

and that makes the algorithm slow

yeah, so its harder to bruteforce

2^cost is number of inner algorithm iterations

the very reason for the cost factor to exist

how would you calculate how long it would it take to bruteforce using the cost factor

All depends of the key-space

look, the higher the cost factor you set to hash, the longer it will take for the algorithm to generate your hash, the cost factor is not something to be used for brute forcing

I mean that you cannot get specified cost and say that

it would take a year for the attacker to break my hash
You don't know nothing about attacker's hardware and also you don't know nothing about password generation methods

all you can do is try your best to make it difficult or tedious for the attacker to brute force your hash

Right, it's what I said during other conversation - the key of making good password is to make it unpredictable

Like you can set your password as это не я (this is not me) however it's unbreakable till the attacker will try the Russian alphabet

When you mix different languages when you are making password is really hard to crack during wordlist and brute-force attacks

wrong channel use a different one

ooooh that's a good point you made, using symbols from another language does really boost your password's strength

i'll try implementing this in the password manager i'm working on which also generates passwords

what if you reversed the word and added all sorts of transformations to the password would it help the strength

There are well-known rules that are applied during attack so simple reversing is easy to break

I mean during the hashing

I don’t even know my password from password manager 😂 Random 64 characters for plenty of accounts is not easy to remember

I know

could you use ciphers in the hashing would that help in anyway

Ciphers are for protecting data (when you want to retrieve plaintext later)
Hash functions are also one-way functions - it literally means that you don't want to get real input from the hash

As far as I remember Dropbox uses AES to proctect users' passwords however generally ciphers are dedicated for different use-case

bruh that's what a password manager is for, it remembers long, secure password for you lmao

Right, I mean that's why I don't care about the symbols used to create a password

the difference between is, the data encrypted with a cipher is meant to be decrypted with a password, while string passed through a hash function are irreversible (that's why hash functions are called one way functions)

what you're saying is if increasing the complexity of the plain text would improve the irreversibility of a hash function

which is partially right since hashing encrypted text would just add another layer of security even after hashing while hashing is not to be taken for some kind of encryption lmao

ye lol, got it

that is what I want to accomplish yes

and I want to add strength to the password

You should use constructions like PBKDF2 rather than adding cipher before hashing the password

how does PBKDF2 hash the password

we cannot call PBKDF2 a hash function exactly

what is it then

the "KDF" in PBKDF2 means "Key Derivation Function"

it's about elongating a password in order to make it stronger

it used to turn a password like "Mango" into a longer, complex password

it's nature is similar to a hash function, but it's purpose and mechanisms are unlike a hash funciton

Can you mix PBKDF2 with sha256 and would that be secure

yeah

one thing, i'm not really sure if more functions = more security

one can even go first encrypting a string with AES, then by DES, then pass it through SHA, then through PBKDF2, then through MD5

more functions = more implementations = more potential leaks

yeah kinda

while that could mean security in some sense, but the output of all this will be of no use since the whole point of encrypting something is to get the original data back at some point after giving it the password

this is one way encryption for passwords not two way encryption

the moment you pass something through a hash func, it becomes irreversible (tho reversible by extreme brute forcing and stuff, but that's not what a normal user would do everytime who just wants to keep his data secure for the time being)

yeah you got it

I think you cannot say one-way encryption

If it's one-way then it's not an encryption at all

bro hashing is the foreign cousin of encryption

yeah i missed that lmao

Creating a hash is a different operation than creating a ciphertext

there are "one-way functions with trapdoors" (I think that was coined by Diffie and Hellman), but it's a part of asymmetric encryption

It looks similar however the traits are different

to have a secure hash, you need it to not be reversible

Right

look, hashing is "supposed to be one way" (well, it is one way, but since attacks exist for cracking hashes, it's viable, but takes huge amounts of computing power not in the hands of everyone) while encryption is securing data with a password

and getting your encrypted data back when you want to

which is basically what you don't want in encryption: you want encryption to be reversible if you know the trapdoor

well the definition of cryptography is to hide the contents of message while everyone knows that their is a message but they don't know what it is. Same thing can be applied to passwords

no, the goals of cryptography are not only to hide messages

I mean to hide the contents of a message

what you're thinking is, "if hash funcitons can be reversed to find the original text, it's same is encryption"

which is not the case

no I wasn't thinking that I was thinking there in the same family but totally different

while hashing and encryption, both do hide the data, the only difference is that, hash funcs dont give you back your original text while encryption does, with the password

yeah kinda

that is what I mean't

yeah lol

hash functions collapse a huge input space into a relatively tiny output space

encryption functions basically remap an input space into itself

absolutely

@dawn flax what are your views now?

what do you mean

although they aim at "hiding" data (which is not truly the case for hash functions either), their approaches are completely different

lmao your views on hash funcs and encryption lol

yeah

well encryption is scrambling the contents of input in a certain way to the point where it can be recovered . while hashing is a one way function which scrambles the content to the point where it can't be recovered at all

...it can't be recovered at all

that is what I mean

Even when you guess that for input I you can get hash H you are not sure that it was the real input

as always in cryptography, "can't be recovered" = "can't be recovered easier than brute-forcing it"

Oh that explains it

It's not about what I am talking about, I am talking that hash functions are surjective functions

You can have H = hash(I) and also H = hash(J)

what is surjective

You will never know whether the real input was I, J or unknown X

a function is surjective if for every possible output, there is at least one input that gives the result

From Wikipedia https://en.wikipedia.org/wiki/Surjective_function

When you look at C you don't know which input is real - 3 and 4 are both correct

which is not completely sufficient to say that you can't recover the input

I mean that you cannot recover the real input

You can find such input which gives same output

That's true

you technically cannot even guarantee that a hash function has a collision on all its outputs

Right, however hash functions generally have fixed output (like 256-bit version of SHA-2) so you should assume that there can be pair of inputs in space 2^64 which gives same output (case for SHA-2 256)

Oh, it is pigeonhole principle, right?

there is a collision for some output. is there a collision for each output? no idea, and that's the point of my remark, yeah

Is it possible to use stenography in security ?

There is a probability that there is no valid input for one, selected output

or that there is an unlucky one that has all the collisions

I heard about some usage to quietly steal data

is it viable

Yes, but I don't want to talk about it because it can break rule 5

!rule 5

As far as I know there are only academic researchers in this field and never seen commercial implementation of any steganography system

Maybe others have different experience

how though this is about cyber-security. and we are just discussing if it is viable or not

are there different forms of stenography

wait, are you talking stenography or steganography?

I am writing about steganography

yeah I meant steganography but it keeps auto-correcting to stenography

okay, keep going 👍

You can hide data inside images, audio and even network flow

I wrote my master thesis about network steganography

nice!

ooo show us I am curious about your thesis if you are comfortable about sharing it

Yeah, however my steganographic system was useless and only for demonstration 😂

I wrote it in my native language and I am still trying to find some time to translate it to the English 😦

what is your native language?

Polish 🇵🇱

oh okay

However I can shortly describe that there are three forms of networks stegranography. You can manipulate packet data (like ICMP ping payload), you can manipulate packet flow (for example rearrange TCP packets in different order) or mix both of the forms

Second and third methods are most difficult to detect but you cannot transport many data through this channels (like 1 bit per packet or even less)

when your finish translating the thesis can you please DM me the file of your thesis

I can send you one of the articles from my bibliography

sure

Done

thank you

👍

what in the fuck are these people tryna do to my flask server, and should i be worried?

yeah looks like some kind of attempt to hack the server

Someone thinks that it's PHP server, is it?

Looks like trying to attack by using known vulnerabilities

imma be honest idk what php is

app = flask.Flask(__name__)

@app.route('/')
def index():
    return html["index"]

@app.route('/eggpath')
def eggpath():
    return html["eggpath"]

@app.route('/eggpath/api', methods=['get'])
def api():
    a = request.args
    if not ('sPkmn' in a and 'tPkmn' in a):
        return "Error: provide sPkmn and tPkmn"
    else:
        try:
            l = []
            for i in nx.all_shortest_paths(graph, a["sPkmn"].capitalize(), a["tPkmn"].capitalize()):
                p = []
                for j in i:
                    if j in pokemon:
                        p.append(j)
                l.append(p)

            print(l)
        except Exception as e:
            return jsonify([str(e)])

        return jsonify(l)

app.run("0.0.0.0", port="80")
``` this is my entire flask setup, index, and eggpath arent even populated, they're just empty files

Popular programming language (Wordpress for example is CMS written in PHP)

ah, well, then, no i suppose

How about IPs? Does attacker have one IP address or many?

theres a bunch of IPs doing it

From one country or many countries?

https://tenor.com/view/khacker-on-pay-load-gif-15982849

germany, china, us, from the ones i checked

Xd

also a bunch of this

Anything important on it if so just disconnect it

Hackertyper?

You can try to hide behind some WAF

wdym

whats WAF?

Web Application Firewall, Cloudflare is one of few

I'm off to bed night peeps. Lol love that

would it be possible to setup clouflare infront of a flask server?

and, more importantly, does it cost anything?

As far as I know you can configure it regardless of your server software

There is free plan
https://www.cloudflare.com/plans/

rip, free one doesnt include WAF

Yep it's useless

thought you were going to bed lmao

You would need this one

yeah. i cant afford another $20/m :/

Well I guess you will be letting the Chinese hackers get you then

Anyway goodnight

gn

how did they even find me? my domain isnt even indexed

how tf do i force a new public ip, i restarted my router and they gave me the same one

fuck, i bet VM use MAC addresses to assign IPs dont they

Look at Shodan and similar search engines

it isnt on shodan

theres literally 0 links to it, anywhere on the web, its uncrawlable

unless, godaddy exposes it, which, i doubt they do

is there something i can self host to do the WAF part, and combine with cloudflare's free package?

It's not expensive to blast something to every ip on the internet and people do it all the time

It's an unfortunate detail of having a webserver exposed, and a very good argument as to why you should treat your web connected system security seriously

I would not be particularly concerned. You're using a well-secured framework (flask) presumably on top of something else designed to interface with the internet (like nginx or wsgi). If you're using flasks internal dev server for this you really shouldn't.

What you're seeing is people trying arbitrary php exploits across all the servers on the internet checking to see if you're vulnerable

Since you're running python, this doesn't apply to you

While cloudflares WAF will probably block these, that's defense in depth and you don't necessarily need it.

Here's some examples from my web server:

--snip-- "GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0" 404 3 "-" "-" 0.000273
--snip-- "GET / HTTP/1.0" 307 0 "-" "NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com" 0.000177
--snip-- "GET /TP/index.php HTTP/1.1" 302 145 "-"
--snip-- "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 401 581

As you can see, pretty similar

This webserver actually isn't visible on the net at all, it 401's everything, but that doesn't stop them

What you should do is take this time to ensure you've got everything set up right:
Ensure you're using an industry standard webserver (nginx/apache/etc)
Ensure you've properly secured your server itself (there are many guides on this, I can link some if you want)
Ensure you don't have any known vulnerable services running
Ensure you don't have any databases exposed to the internet

those links would be brill, yeah, honestly no idea what im doing, didn't even think ppl bothered brute forcing IPs, thought an unindexed domain wouldn't give me any problems. clearly i was wrong.

just running an arbitrary flask service?

https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uwsgi-and-nginx-on-ubuntu-20-04

Digitaloceans is pretty good

The start of it has links to steps that guide you through "I have a vps now what" to actually getting it running

If you're just running with an IP, that's fine. Keep in mind that the nginx location block taht would take the domain, can also take an IP

hi guys, i'm developing a reverse shell, but when i insert "dir" on the server, it print the directory on one line...
How split that in organized multiple lines?

this is true

Not really related to python or code, I hope it's OK to ask anyways

Should I be worried about my Firewall blocking incoming network connection attempts by kinda random IPs on "random" UDP ports?
I checked up the IPs and they are 90% from different IP/Cloud services, able to being abused. the leftover IPs state that it's my own gateway and DNS/DHCP Server.
I checked at https://www.ionos.com/digitalguide/server/know-how/tcp-ports-and-udp-ports/ for the ports that are tried to being accessed, but it's none of them.

It's happening since a month, but I just noticed it today because I, up to this point, got not notifications about that happening.. Idk why I suddenly got one today.
It even happened, as of the timestamps in my firewall, when having no WiFi connection or when my device is powered off.

My device also sometimes doesn't properly shut down, screen turns black but the hardware is still running until the battery turns empty, I highly doubt that it's related in anyway.
I also tried to look up / remember what I did on my device at the days before this thing started, but srsly nothing suspicious, I'm pretty careful with my web activity and downloads.

One could think it's just something related to Cookies or a Random thing, but what worries me is that this just started happening some time ago, not for the whole lifetime of my device.
I am using my phones Hotspot for WiFi on my device, but still, if that's the issue, it should've been persisting for the lifetime of my device, since I never used something else for WiFi..

Was just about to make myself a Bootstick for another OS, but if may current OS is corrupted in any way, that would be very very stupid, I am even thinking about formatting my whole device and reinstalling the OS from scratch, but that would grant me a huge loss of files, since I wouldn't know (if something happens to be corrupted) what exactly that thing is, so I can't just put the files onto an USB Drive and put them back on my device after reinstalling 😶

Hopefully someone of you folks can tell me that I'm just too worried about nothing and there are no problems going on

The other thing is, I receive spam SMS on my phone since, I think, the same time, containing links to malicious downloads (never opened one of those, instantly did a google research and it stated that it's some Android "virus" that's kinda common at the moment)

Does anyone have experience using hmac library? I'm having trouble understanding what the parameters really want from me. Right now I'm feeding it this: ```py
digest = hmac.new(bytes(signature.encode()), hashlib.sha256)

and I eventually I want to get the hexdigest by doing this:

h = digest.hexdigest()

but I keep getting this error from the digest = ... line:

TypeError: Missing required parameter 'digestmod'.

signature is a secret key provided to me as a long string

Should I be worried about my Firewall blocking incoming network connection attempts by kinda random IPs on "random" UDP ports? that is a big red flag

download Wireshark and do some Packet Anaylsis to see what type of requests being made and do a OSINT investigation on these IP's as much as you can

also use wireshark to monitor these incoming connection attempts

@twin coral im pretty sure this is a pretty common occurence

probably just bots scanning random ips

how can you tell it is bots scanning IP's when it is blocking connection attempts (also I'm a newbie at this)

digestmod is the digest name, digest constructor or module for the HMAC object to use
Use values like sha256 or sha3_384

!e

import hmac
h = hmac.new(b"key", digestmod="sha256")
h.update(b"data")
print(h.hexdigest())

@lapis radish :white_check_mark: Your eval job has completed with return code 0.

5031fe3d989c6d1537a013fa6e739da23463fdaec3b70137d828e36ace221bd0

@dawn flax
Thanks for the advice!
Will Wireshark be able to monitor the packages if my laptop doesn't support Monitor Mode at all?

@twin coral btw idt you need wireshark, if your firewall blocks it you cant even see it in wireshark (not that I think ws will help)