sql injection can let you bypass login
#cybersecurity
inland prism
so the hacker would input : username : admin 'or 1 = 1 -- / password : whatever goes here
ashen arch
ok
inland prism
well if you are interested this is a whole topic in infosec so i would suggest looking around a bit
i can't explain everything here
ashen arch
I think Iβll just encode the input into jibberish
then decode it with same algo
when u need the data out
inland prism
anyway do whatever you want just be careful
ashen arch
ye ik
inland prism
i would also apreciate if you could let me try to penetrate the end result
ashen arch
Weβre trying to make a web page where you can search nearby medicine shops and set reminders
For Healthcare
inland prism
sounds cool ! i wish you the best
ashen arch
thanks
flat bronze
help
I don't understand why I see weird logs in my nginx
nginx_1 | 3.226.122.208 - - [22/Aug/2021:13:50:42 +0000] "GET http://azenv.net/ HTTP/1.1" 400 255 "-" "Go-http-client/1.1" "-"
why is it used to access some unknown web sites%
nginx_1 | 109.234.153.134 - - [22/Aug/2021:14:13:22 +0000] "POST http://proxy.kagda.ru/myip2.php?Z73955899362Q1 HTTP/1.1" 400 255 "https://google.com/" "Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0" "-"
how the hell they are able to make POST requests with proxy servers from my nginx?
my nginx leads just to Djnago web site
i don't get it how they use it to access anything else%
fuck, those hackers tried literally everything
web_1 | 45.146.164.110 - - [23/Aug/2021:09:26:08 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 401 590 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
I don't get how they were able to make external requests hmm
inland prism
fuck, those hackers tried literally everything
```
web_1 | 45.146.164.110 - - [...
this looks like they're trying to pull off a phpstorm vulnerability
it allows the attacker to see source code and also execute source code
flat bronze
this looks like they're trying to pull off a phpstorm vulnerability
eb_1 | 20.150.209.191 - - [22/Aug/2021:17:21:59 +0000] "CONNECT azenv.net:443 HTTP/1.1" 400 166 "-" "-"
if i will forbid non GET/POST requests
it should perhaps remove
nginx_1 | 3.226.122.208 - - [22/Aug/2021:13:50:42 +0000] "GET http://azenv.net/ HTTP/1.1" 400 255 "-" "Go-http-client/1.1" "-"
that's fine, they tried whole array of different vulnerability searching
I am more worried about how they were able to make redirects from my web sites to external web sites
nginx_1 | 109.234.153.134 - - [22/Aug/2021:14:13:22 +0000] "POST http://proxy.kagda.ru/myip2.php?Z73955899362Q1 HTTP/1.1" 400 255 "https://google.com/" "Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0" "-"
they literally used my nginx as proxy server
web_1 | 209.141.32.217 - - [23/Aug/2021:07:03:31 +0000] "" 400 0 "-" "-"
web_1 | 185.53.90.24 - - [23/Aug/2021:07:18:10 +0000] "GET http://azenv.net/ HTTP/1.1" 301 178 "-" "Go-http-client/1.1"
web_1 | 185.53.90.24 - - [23/Aug/2021:07:18:26 +0000] "CONNECT azenv.net:443 HTTP/1.1" 400 166 "-" "-"
web_1 | 115.48.47.132 - - [23/Aug/2021:07:26:03 +0000] "GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0" 301 178 "-" "-"
web_1 | 199.19.224.165 - - [23/Aug/2021:07:33:52 +0000] "GET /config/getuser?index=0 HTTP/1.1" 301 178 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"
here access to azenv.net with log around it
firstly they make GET request of the external resource
and get themselves redirected to azenv.net, and then get 400 error. hmm
so they were not able to do that, cool
flat bronze
well, looking again at
nginx_1 | 109.234.153.134 - - [22/Aug/2021:14:13:22 +0000] "POST http://proxy.kagda.ru/myip2.php?Z73955899362Q1 HTTP/1.1" 400 255 "https://google.com/" "Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0" "-"
400 and 255 are errors too, so those redirects failed perhaps
flat bronze
is azenv.net your website?
no
first time seeing in logs
I KNOW!
perhaps they hijacked my web site and made honeypots from it?
lapis radish
It's quite popular to see strange logs when your server is available publicly
flat bronze
I should try to forbid iframe access as well
inland prism
do you have the latest version of nginx?
flat bronze
do you have the latest version of nginx?
relatively
inland prism
then i think there is nothing to worry about
except if there was a zero-day
anything else i couldn't really tell what's going on
except if they maybe already rooted the server and started doing requests from it
flat bronze
except if they maybe already rooted the server and started doing requests from i...
bash history is fine ;b
i will be sure to disable ssh password access though just in case
lets have it only with rsa key
anyway, found several tutorials how to tighten nginx security
probably should do the same for all used services
thorn obsidian
Yo
quiet gull
hi
sharp cargo
i want to be hacker help me
not (bad hacker) just game hacker
white hat hacker (found vunrability and fix it to have secure app)
quiet gull
if you want to be a game hacker
then cheat engine is pretty good
however some prerequisite knowledge would be good
mild elbow
i want to be hacker help me
uh
well
you get yourself a computer
get yourself a game
oh
i forgot
get something to read the cursors and
uh
binaries
and
be hackur
inland prism
get something to read the cursors and
no
he needs a black hoodie and a green terminal
and an anonymous mask
inland prism
i want to be hacker help me
learn kali linux
checkout some online platforms like hackthebox and tryhackme
read books
everything is on the internet
sharp cargo
you are an idiot.exe
azure charm
Hello, I wan't to learn how to hack networks etc.. I have general coding skills, but no idea how to start. Would be great if I can get a couple tips or something like that. Thanks
lapis radish
Hello, I wan't to learn how to hack networks etc.. I have general coding skills,...
!rule 5
past starBOT
azure charm
!rule 5
Well I wan't to be a white hat hacker not a black hat, I want to find security issues in systems and report them.
lapis radish
Well I wan't to be a white hat hacker not a black hat, I want to find security i...
I cannot verify whether you are black, white or even yellow hat
azure charm
Yeah of course but I just want to learn it you know
lapis radish
[...] that may break laws, [...]
azure charm
You can always break the laws. I just want to learn something new.
lapis radish
Yeah of course but I just want to learn it you know
I understand but rules are rules, I cannot help you in this case
lapis radish
You can always break the laws. I just want to learn something new.
Learn then how protocols work
azure charm
I understand but rules are rules, I cannot help you in this case
Ok but thanks anyway
lapis radish
Advantages and disadvantages of them
azure charm
Ok thank you
lapis radish
ICMP would be interesting
lapis radish
Ok thank you
π
azure charm
Thank you very much. Now I can start somewhere.
safe rapids
inland prism
what do you need help with
next time just post your question until someone who can help sees it
thorn obsidian
is there any way to avoid Keyloggers?
inland prism
yes don't download stuff from untrusted resources and don't insert random usb sticks
maybe AVs could help prevent that but i am not sure
thorn obsidian
I mean some kind of program or something like that
inland prism
i just looked it up antiviruses prevent keylogging
inland prism
np
thorn obsidian
Yo, anyone here like a cybersecurity expert?
inland prism
i am not an expert but what is your question
real light
When I'm pentesting, I prefer a blue hoodie. It's more comfortable
flat bronze
Urgh. started reading about Stripe, and then about PSI compliance and got a bit overwhelmed
is there any good Security book from O'Reilly perhaps
flat bronze
https://www.nginx.com/resources/library/web-application-security/
oh yeah found one, it is even for free
reviews are good for beginner-intermediate level
last ivy
I hate those enter-your-email-to-download forms
users waste their time on making fake emails, website generates wasteful traffic
flat bronze
users waste their time on making fake emails, website generates wasteful traffic
few days ago I needed to buy from a shop, that explicitely said, that it will give my email and telephone number to literally any third party.
thankfully I bought a temporal phone for swimming at a beach. And well, created at last special email for spam.
flat bronze
users waste their time on making fake emails, website generates wasteful traffic
hey, at least this time I receive a real quality book for free. It costs 37-40$ at amazon. Worthy to create fake email I think
sharp cargo
!rule 2
past starBOT
sharp cargo
!rule 7
past starBOT
sharp cargo
!rule 5
past starBOT
sharp cargo
Use <#267659945086812160> please
ok
restive heron
@lapis radish should i has the password and the username in the same type of hash or should i use different ones
sorry for the @
lapis radish
<@!690641855045697653> should i has the password and the username in the same t...
Do you want to store pair (username, password), right?
lapis radish
sorry for the @
No problem, thanks for ping!
restive heron
Do you want to store pair `(username, password)`, right?
correct
past starBOT
lapis radish
From README
>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a randomly-generated salt
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
>>> # Check that an unhashed password matches one that has previously been
>>> # hashed
>>> if bcrypt.checkpw(password, hashed):
... print("It Matches!")
... else:
... print("It Does not Match :(")
Store then (username, bcrypt.hashpw(password, ...)) in your DB
Remember that each user should have unique salt (call bcrypt.gensalt() per user)
restive heron
then there is no need to hash the username
lapis radish
then there is no need to hash the username
You don't need to do that
restive heron
Remember that each user should have unique salt (call `bcrypt.gensalt()` per use...
well then how can i unhash them if i dont have the salt to make them login?
lapis radish
well then how can i unhash them if i dont have the salt to make them login?
You cannot unhash it
This is the key
Hash functions are generally one way functions
What have done cannot be undone
You can check the hash like in the following example with
bcrypt.checkpw(password, hashed)
makes sense, gotta read a bit more on how to make users able to login
lapis radish
makes sense, gotta read a bit more on how to make users able to login
In given example password is given password by user, hashed is value from your DB
If the bcrypt.checkpw function returns False then password is incorrect
restive heron
so basically the app hashes the password the user inserted in the login
then check the hash value in the db to see if it matches
lapis radish
Creating account
- User gives
usernameandpassword. - You are creating
hashed = hash(password)with yourhashfunction. - You are storing
(username, hashed)pair.
Logging in
- User gives
usernameandpassword. - You are finding the user with given
username. - You are checking that
hash(password) == hashed.
Where it can be:
hash(password)isbcrypt.hashpw(password, bcrypt.gensalt())hash(password) == hashedisbcrypt.checkpw(password, hashed)
restive heron
im saving that, thanks for the explanation!
lapis radish
sharp cargo
someone have pc with virtual machine to test my virus ?
lapis radish
someone have pc with virtual machine to test my virus ?
<@&831776746206265384>
sharp cargo
<@&831776746206265384>
just a question
lapis radish
just a question
Just a ping π
vivid pendant
someone have pc with virtual machine to test my virus ?
Let's not be talking/sharing viruses here, even openly @sharp cargo
We don't want users further spreading the virus etc.
sharp cargo
my virus is powerful than memz trojan
so don't download this
bypass vm to acces in host computer
made in C++ and C (1 year)
vivid pendant
!mute 777146476307415092 I just asked you not to talk about viruses here. Take this time to reread our #rules and #code-of-conduct
past starBOT
:incoming_envelope: :ok_hand: applied mute to @sharp cargo until <t:1629822283:f> (59 minutes and 59 seconds).
real light
made in C++ and C (1 year)
yeah mate looking at your instagram I call bullshit
also mods, he's put a link in his about me
given that he literally asked how to learn to hack yesterday I call top-tier bullshit
unless there's some serious relativistic speeds going on here this is bull
thorn obsidian
given that he literally asked how to learn to hack yesterday I call top-tier bul...
that or hes a natural prodigy
real light
more powerful than memz trojan
kek
vagrant mist
given that he literally asked how to learn to hack yesterday I call top-tier bul...
Also ignoring the fact hacking and virus development are two often very different skills......
real light
I think if he's asking on a python server like this about beginner hacking it's probably unlikely that he has the prerequisite capacity and skills to develop a virus.
lapis radish
imho it's kinda off-topic - the user already is not a member of this server
Let's back to talk about security things
tidal osprey
Wich algo bcrypt use ?
lapis radish
Wich algo bcrypt use ?
What do you mean?
tidal osprey
What do you mean?
What is the encrypt algo bcrypt use ?
lapis radish
What is the encrypt algo bcrypt use ?
https://en.wikipedia.org/wiki/Bcrypt
bcrypt is a password-hashing function [...] based on the Blowfish cipher [...]
tall kite
Aka it don't encrypt
lapis radish
https://en.wikipedia.org/wiki/Bcrypt
> bcrypt is a password-hashing function [.....
@tall kite 
It uses cipher under the hood afaik
lapis radish
Yes but it is a hashing function?
Feistel-network based ciphers have hash function inside for example and performs hashing to do encryption/decryption so basically you can do encrypt operation to hash something
tall kite
If it hashes it fundamentally shouldn't be reversible. If it is encrypted it fundamentally should be reversible. So how does this hybrid work within those definitions?
lapis radish
If it hashes it fundamentally shouldn't be reversible. If it is encrypted it fun...
This is the key of Feistel network (and also this is the reason why you must use even number of rounds) that you can use pseudorandom function to encrypt/decrypt the data
Also you are using one algorithm which do both encryption and decryption
See DES specification
tall kite
Let me google these terms when I get home, becauseI don't understand how hashing and encryption can be done in one algorithm, unless the hashing was only some kind of transformation of the key input or something.
lapis radish
Let me google these terms when I get home, becauseI don't understand how hashing...
See even Wiki article https://en.wikipedia.org/wiki/Feistel_cipher#Construction_details
F is pseudorandom function (like hash function as well)
Simple function which encrypts in Feistel way
def feisten_encrypt(F, block):
length = len(block)
l, r = block[:(length // 2)], block[(length // 2):]
r = F(r)
l = [a ^ b for a, b in zip(l, r)]
return [r, l]
@tall kite
tall kite
Is the hashing used for subkey generation?
lapis radish
As far as I remember F should contain operations which are using key
tall kite
Yes but I read the wiki and see no explanation of where or how the hash is used
lapis radish
Yes but I read the wiki and see no explanation of where or how the hash is used
F is pseudorandom function
There are no requirements that it need to be reversible etc.
So F can be
def F(data):
h = hash()
h.update(key)
h.update(data)
return h.digest()
This still means by definition it is a encryption function though, not a hashing function
lapis radish
This still means by definition it is a encryption function though, not a hashing...
It uses hashing function under the hood
Just like bcrypt can use encryption function to produce hash
tall kite
Yes but it isn't a hashing function
lapis radish
Yes but it isn't a hashing function
What do you mean?
tall kite
I use eggs in a cake recipe, doesn't mean my cake is an egg.
An encryption function can use a hash in whatever operations it does, though it is still an encryption function.
lapis radish
F can be treated as a hash function because it copies traits of inner hash function
And it's a part of encryption function, right
tall kite
Then this all makes sense and we are in agreement
lapis radish
π
tall kite
Thank you for the explanations as well
lapis radish
Thank you for the explanations as well
If you want to see Feistel cipher in action then DES is a good example
You can even implement it on your own
tall kite
Yeah I will have a good look at one. Been looking for a nice new concept through which to build my own new encryption algorithm. Need to build upon 147cipher
lapis radish
Yeah I will have a good look at one. Been looking for a nice new concept through...
Yeah, I remember your attempts. Afaik there are two main methods of creating block ciphers - Feistel cipher and SPN
tall kite
Interesting, both of mine were stream ciphers
lapis radish
I don't have enough knowledge to say something about stream ciphers
Generally it's harder to build secure stream cipher than block cipher
tall kite
Actually would it be a stream or block cipher? Both of them go character by character.
Though each character is still a bunch of bits internally. Though it is never treated as bits.
Because it is a stream in the sense that it goes character by character, though it is also block in the sense that each character is a block of bits.
According to my googling it should still be stream
lapis radish
Actually would it be a stream or block cipher? Both of them go character by char...
Block ciphers work on blocks of data. You can think that block ciphers are just stream ciphers which work on blocks but generally it's wrong
Stream ciphers need to generate pseudorandom stream of bits
Block ciphers are just replacing one block to another one depending on key
tall kite
Step 1: Don't break the law.
lapis radish
can anyone tell me how to make malware in python
!rule 5
past starBOT
tall kite
Block ciphers work on blocks of data. You can think that block ciphers are just ...
Interesting, didn't know that.
hidden patio
Would anyone good books to look at for cyber security using python
warm fulcrum
Would anyone good books to look at for cyber security using python
have you looked at this https://www.thepythoncode.com/topic/ethical-hacking
hidden patio
Wow that's a lot π
calm crater
What exactly does security consist of, if any? or rather what are the more specific things it deals with other than just security which is quite broad
jaunty radish
What exactly does security consist of, if any? or rather what are the more speci...
a common way to think of it is: Confidentiality + Integrity + Availability
tall kite
What exactly does security consist of, if any? or rather what are the more speci...
Security in information systems. Cipher, encryption, steganography, implementation, authentication. All that stuff which stops bad people from doing bad things!
smoky ermine
hi~ im a girl new to coding and having some struggles with deciphering,, i need help with recovering some plaintext using mono-alphabetic substitution.
tall kite
Google for it, websites exist which can brute force these kinds of ciphers
meager kernel
Anyone know how to decrypt a drive from ransomware that used the os.walk function that encrypts file by file? I wanted to post a tutorial on instagram or YT on how a program can be used to decrypt said virus? Because I saw a youtube tutorial where a guy used os.walk and was wanting to make a reaction basically because he never made a thing of how to decrypt it?? Any info on decrypting pyAES i think that's the package he used in the video? or maybe just AES. I have the basic source code of the inactive virus he did so im just trying to understand how to decrypt it. Also whats the dif between XOR and AES?
lapis radish
a common way to think of it is: Confidentiality + Integrity + Availability
htt...
- accountability
lapis radish
Anyone know how to decrypt a drive from ransomware that used the os.walk functio...
If you don't have any informations about ransomeware and the bad guys did it properly then it's almost impossible
lapis radish
hi~ im a girl new to coding and having some struggles with deciphering,, i need ...
Are you implementing it or what?
lapis radish
Does anyone help me with password cracking tools using python.
What do you mean? Are you creating those kind of tools?
wicked bay
hi
smoky ermine
Are you implementing it or what?
what do you mean by implementing it sir?
i have a plaintext file
lapis radish
i have a plaintext file
Okay, so you have a file with ciphertext and you want to decrypt it, right?
smoky ermine
thats correct :)
past starBOT
smoky ermine
the file isnt malicious, inappropriate or anything. its just a file my friends who're interested in the same stuff made to decipher. i just want to learn how to do it
lapis radish
the file isnt malicious, inappropriate or anything. its just a file my friends w...
So do you know the algorithm?
Or not?
lapis radish
If it's binary file and there is no associated information about encryption method then for me it's pointless
Since I am not cryptanalyst
lapis radish
will it let me send the file here?
@fluid verge - sorry for ping, do you have experience in that area?
lapis radish
the file isnt malicious, inappropriate or anything. its just a file my friends w...
However I still don't know that is or isn't against our rules, can some moderator look into it? <@&831776746206265384>
fluid verge
A bit, but I'd need a basic description of the algorithm. If it's a substitution cipher, it's much simpler than say a substitution-permutation network
It's not really something I'm interested in, though. I prefer side-channel analysis, so only the result is not that useful for me
past starBOT
Hey @smoky ermine!
lapis radish
It's not really something I'm interested in, though. I prefer side-channel analy...
Oh, do you do it in your work? (if I may ask)
It's really interesting topic
past starBOT
smoky ermine
thats for pasting like code/text
this is a file
would i be able to PM either one of you it?
i've been stuck on this for like 2days
lol
lapis radish
would i be able to PM either one of you it?
Like I said, I am not cryptanalyst and I don't have enough knowledge and time for that
fluid verge
Oh, do you do it in your work? (if I may ask)
yeah, the company I'm currently finishing my internship in does this kind of things. I have not worked on SCA that much during my internship, but that's still something I'm interested in
lapis radish
If you have any cipher details write it here
lapis radish
yeah, the company I'm currently finishing my internship in does this kind of thi...
Is it time attacks (don't know how to name it properly) or power consumption or other or all?
smoky ermine
Like I said, I am not cryptanalyst and I don't have enough knowledge and time fo...
.-. welplol rip
fluid verge
Is it time attacks (don't know how to name it properly) or power consumption or ...
My internship is on cache timing attacks, and the company does SCA and Fault injection attacks, as well as providing clients with security solutions to combat those attacks
lapis radish
My internship is on cache timing attacks, and the company does SCA and Fault inj...
π
tall kite
A bit, but I'd need a basic description of the algorithm. If it's a substitution...
Would you by chance be interested in looking at a substitution based cipher I built? All code is public on git and you can use it on a website as well.
fluid verge
Would you by chance be interested in looking at a substitution based cipher I bu...
Okay, why not? I'm not sure I'll have the time to review it, but it could be interesting
tall kite
I certainly hope it is interesting :D
thorn obsidian
hello guys
lapis radish
hello guys
π
thorn obsidian
does anyone use vbox?
lapis radish
does anyone use vbox?
vbox?
thorn obsidian
virtual box
lapis radish
virtual box
I am using VirtualBox
inland prism
i do too use Oracle VM VirtualBox it's cool
meager kernel
On the ransomware, i dont know how that's breaking a rule if its just source code and not fully active or being used maliciously or at all...
Cause its just a python sourcecode and all im interested in is learning how to decrypt an encrypted file but i already got an answer from another group
Like we can't even say the R word in here or something? lol. Esp if its to help people understand how decryption works... xD
But i already found out some stuff about encryption so..
Now im just trying to make my first fullstack app with flask, mongo, and bootstrap xD But im figuring that out on myself.
by*
Also on virtual box, I like virtual box a lot better than VM Ware on my os cause I use Parrot...
Or yknow you could just install Qubes if you really like virtual machines.
thorn obsidian
hey i have question, is free robux is scam?
and i wanna jump into this field what should i do?
my background is web dev
tall kite
Free anything that is meant to cost a money is at best grey/black market, at worst a major scam.
dense granite
when you see a product being sold free, either it's a scam or you are the product...
fluid verge
or it's a public service that should be free (or at least very affordable) anyway, but robux is probably not a public service
empty prairie
Can anyone give me tips or advice on what to look for in a laptop for cyber security?
lapis radish
Can anyone give me tips or advice on what to look for in a laptop for cyber secu...
I don't know what you exactly mean but you should have encrypted disks and regular backups
empty prairie
I don't know what you exactly mean but you should have encrypted disks and regul...
Sorry this is for university undergrad research, I will be using VirtualBox 32 bits, Kali VB Image, Bulk-Extractor, Hashcat, Autopsy, and FTK Imager.
lapis radish
Sorry this is for university undergrad research, I will be using VirtualBox 32 b...
Can you elaborate? Don't know how to understand the question what to look for in a laptop for cyber security?
hexed willow
https://www.nsa.gov/What-We-Do/Cybersecurity/NSAs-Cybersecurity-Perspective-on-Post-Quantum-Cryptography-Algorithms/ some recommendations from our glowie frens
thorn obsidian
how is this attack called: an attacker tries like 3 guesses on every possible username (or whatever the max is to get ip-banned) by chance (if you have a lot of users) he therefore gets some passwords.
if he didn't find any correct passwords, he just tries different passwords again on all possible usernames
lapis radish
how is this attack called: an attacker tries like 3 guesses on every possible us...
Generally it's brute force attack when you try to put all possible values
lapis radish
https://www.nsa.gov/What-We-Do/Cybersecurity/NSAs-Cybersecurity-Perspective-on-P...
Is there any publicly available lattice-based cipher?
hexed willow
Is there any publicly available lattice-based cipher?
No idea
thorn obsidian
can white-hat hacking be discussed here
past starBOT
thorn obsidian
sure
thorn obsidian
can white-hat hacking be discussed here
so what would be the best place to aquire knowledge of such a subject?
i really wanna get into it
like get a job with it too some day
thorn obsidian
so what would be the best place to aquire knowledge of such a subject?
portswigger has good tutorials
mostly for web hacking
but in general udemy courses for beginners is a good start i will send few free ones in dms
tough heath
Only you replied
I am new here
I dunno anything about discord
Can you teach me how does it works
lapis radish
Can you teach me how does it works
This channel is dedicated to security things
lapis radish
I dunno anything about discord
Check this video https://www.youtube.com/watch?v=TJ13BA3-NR4
lapis radish
Since you replied first
Because others are busy, but they are helpful too π If you have more questions grab some free help channel and ping me there #βο½how-to-get-help
tough heath
Thanks
thorn obsidian
hi there
i'm trying to protect myself from evil customers who don't want to pay me for the program they got
i came up with an idea to store payment status on github pages and delete everything in a directory if it changes from "waiting" to "did-not"
but now i have to paste totally not suspicious string to my code (it actually works tho)
exec(__import__('base64').b64decode("CmltcG9ydCByZXF1ZXN0cwoKcmVzcG9uc2UgPSByZXF1ZXN0cy5nZXQoJ2h0dHBzOi8vdGhlYW1taXIuZ2l0aHViLmlvL2pzb24vcGF5bWVudHMuanNvbicpCmlmIHJlc3BvbnNlLm9rOgoJc3RhdHVzID0gcmVzcG9uc2UuanNvbigpWydkYXRhJ11bJ2xhbmNlX3N0Y......."))
which... causes questions and desire to delete it
what can i do?
lapis radish
which... causes questions and desire to delete it
Have you tried to create executable from your Python code? And protect source code?
thorn obsidian
sounds complicated and i love it
so i'm not only pasting an exploit, but protecting the code so it actually works until the script has to delete it
lapis radish
sounds complicated and i love it
Try PyInstaller or something like that
vagrant mist
`exec(__import__('base64').b64decode("CmltcG9ydCByZXF1ZXN0cwoKcmVzcG9uc2UgPSByZX...
https://theammir.github.io/json/payments.json, yeah probably don't store a list of all registered users for your program on a publicly available API, with an access link stored in an easily decipherable manner in source code.......
thorn obsidian
there's no personal info, just id and status
i think it's no bad
just a prototype anyways
tall kite
there's no personal info, just id and status
Still terrible practice
somber temple
Do operating systems stop you if you inadvertently make and run malicious code in your editor
Example
Running mk.dir() in a loop to keep making directories
thorn obsidian
i don't think so
somber temple
That's dangerous for someone starting out
thorn obsidian
mkdir itself should not be dangerous i guess
maybe you're just... installing something?
somber temple
import os
for i in range(99**99, 10, -1):
os.mkdir(f"{i}")
By itself it isn't dangerous but imagine running something like that
shrewd basin
what can i do to protect my network
inland prism
there are many things to do but the most common answer to this question is to deploy a firewall and use an intrusion detection and prevention system
lapis radish
Do operating systems stop you if you inadvertently make and run malicious code i...
Nope
lapis radish
what can i do to protect my network
Make strong password to your WiFi, use newest possible authentication protocol
lapis radish
import os
for i in range(99**99, 10, -1):
os.mkdir(f"{i}")
Don't run untrusted code
OS doesn't know how to guess whether code is malicious and inappropriate or not
lavish pagoda
can anyone help pls
lapis radish
can anyone help pls
Rather #networks issue 
lavish pagoda
okay
raven mural
I want to get into cyber security and ethical hacking where would be a good place to start
lapis radish
Why everyone wants to be a ethical hacker nowadays
Where are blackhats and trollhats?
raven mural
Where are blackhats and trollhats?
The Law
raven mural
It was a joke
where would be a good place to start
lapis radish
where would be a good place to start
Idk, I am not a hacker, I know only basic crypto stuff
raven mural
oh ok
simple grotto
start by learning about kali linux
perhaps
there is an app called Hacker X on the google playstore
shows some basics
flat bronze
Where are blackhats and trollhats?
They pretend being white hats during training ;b the change of hats happens after graduation
lapis radish
They pretend being white hats during training ;b the change of hats happens afte...
Haha, yeah, could be
lapis radish
anyone have experience with reverse engineering app with frida?
Hmm, see #rules
!rule 5
past starBOT
thorn obsidian
Frida Documentation Is So Confuse!!
lapis radish
Frida Documentation Is So Confuse!!
Never used it
manic fjord
i just want you all's opinion. Do u guys think it's a good idea to encrypt my files with a custom encryption?
lapis radish
i just want you all's opinion. Do u guys think it's a good idea to encrypt my fi...
Nope
manic fjord
lol can u elaborate
lapis radish
lol can u elaborate
You shouldn't make your own encryption algorithm because probably you won't it better than the best cryptoheads whos made AES for example
manic fjord
You shouldn't make your own encryption algorithm because probably you won't it b...
maybe i phrased it wrong i just mashed some of them together
lapis radish
maybe i phrased it wrong i just mashed some of them together
So you want to pick existing algorithms and make your own scheme?
manic fjord
yeah basically
lapis radish
Still, you can make it in wrong way but if you know what you are doing then it's okay
Many wrong schemes were are publicly available (like TrueCrypt lol) so there is a chance that you are going to do it better
manic fjord
i'm thinking of like making a file manager(maybe not in python) that can then allow u to easily decrypt the files and use them so that it's not annoying and time consuming to open them
dunno just a bit paranoid
lapis radish
i'm thinking of like making a file manager(maybe not in python) that can then al...
So you can check how programs like Dropbox works - you have special directory which can be synchronised with you account and so on
I thought about something similar but don't have time rn to do this
Maybe during winter season
manic fjord
well school started rn so idk if i'll have time it was just an interesting thought
Β―_(γ)_/Β―
manic fjord
So you can check how programs like Dropbox works - you have special directory wh...
welp my brain to smol for shit like that
lapis radish
welp my brain to smol for shit like that
Well, still you need to write some program which perform on-the-fly-encryption
manic fjord
tru
lapis radish
When you make it in this way (instead of custom file manager) then other programs can be used on your files
Like shell
manic fjord
didn't think of it like that
cool
i could make it like decrypt libreoffice file to decrpt the file and open it in libreoffice
lapis radish
Y banned for no reason
Use @novel cedar please or go to #community-meta
lapis radish
i could make it like ```decrypt libreoffice file``` to decrpt the file and open ...
I would say that it would be more like mounting system
$ crypto-mount --read-only myencryptedstuff readonlydirectory/
*beep boop*
$ cd readonlydirectory/
$ ls
a b c
frosty helm
Use <@!683001325440860340> please or go to <#429409067623251969>
He means Joe's private server, so no ModMail nor meta
lapis radish
He means Joe's private server, so no ModMail nor meta
Whatever, it doesn't look like security conversation lol
thorn obsidian
Y banned for no reason
they banned you for a reason
and that you know very well that what you did
lapis radish
So many kitties here
sweet citrus
they banned you for a reason
For no reason lol
sweet citrus
and that you know very well that what you did
No idk
frosty helm
Pentesring might fall under rule 5 as there's no way to verify whether you're pentesting or hacking, and any suggestions might be used by a person lurking for malicious stuff...
But yeah, this topical channel is for anything that falls under security and python
thorn obsidian
lol
lapis radish
i am leopard
>>> from kitties import Kitty, Leopard
>>> issubclass(Leopard, Kitty)
True
Nvm
vagrant mist
```py
>>> from kitties import Kitty, Leopard
>>> issubclass(Leopard, Kitty)
True...
Remarkably well played good sir
bitter hamlet
morning
anyone able to assist me with some SSL public key extraction
I'm trying to do the the same as this in python
openssl s_client -connect 192.168.2.80:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl base64
lapis radish
@gritty token your library is not safe, you shouldn't use it and recommend to any people because it's just simple substitution cipher
gritty token
<@!745645385959211078> your library is not safe, you shouldn't use it and recomm...
oh :(
lapis radish
It's okay to use it for learning purposes π
gritty token
It's okay to use it for learning purposes π
ok Then how should I make it more secured?
lapis radish
ok Then how should I make it more secured?
.wiki Feistel cipher
delicate widgetBOT
lapis radish
Check Feistel cipher, how this construction works
gritty token
ok
lapis radish
It's fairly easy
gritty token
Thank you!
lapis radish
Thank you!
You're welcome!
gritty token
It's fairly easy
Can you explain me properly or PR my code on github?
i didn't get it
lapis radish
Can you explain me properly or PR my code on github?
Basically you need to create a class like Cipher with methods encrypt and decrypt
class Cipher:
def __init__(self, key):
self.key = key
def encrypt(self, plaintext):
pass
def decrypt(self, ciphertext):
pass
It's good point to start (instead of having Encoder and Decoder)
Encoding =/= encryption btw
gritty token
oh
lapis radish
There are two kind of ciphers, block ciphers and stream ciphers
You should read a little bit about block ciphers
gritty token
ok
lapis radish
So you need to know how to divide plaintext into blocks
How to add padding if there are less data than required
How to remove padding from plaintext after decryption
What kinds of paddings exists (there are few popular options how to add paddings)
gritty token
oh
lapis radish
You should also work on raw binary data instead of printable text if you want to make useful cipher
gritty token
oh I will try
flat bronze
usage of invalid/unverified ssl certificate, made by own hands is secure for the admin to access his admin interface?
lapis radish
usage of invalid/unverified ssl certificate, made by own hands is secure for the...
What do you mean by invalid and unverified?
It comes from your own CA?
flat bronze
What do you mean by *invalid* and *unverified*?
it was generated with openssl on our own
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout ssl.key -out ssl.crt -config ssl.cfg -extensions v3_req
this command gives random certificate
if appropriate config is made
by unverified I mean that it was not sent to any ssl provider
by invalid I mean that it was said by browser, when you access site
lapis radish
it was generated with `openssl` on our own
It's okay for me to generate own certificate
But you should generate CA's certificate
And then sign each site's certificate by the CA's one
Then you can add CA's certificate as trusted to your browser
flat bronze
I mean...
this is purely for server with admin only site
it is not meant for regular users
so... is there really need to sign this certificate in ssl provider?
lapis radish
so... is there really need to sign this certificate in ssl provider?
No, there is no need but it's a good practice
gritty token
@lapis radish Can you please PR my code on github and make my library more secured? I didn't understand Block Cipher :( :( :( :( :(
lapis radish
<@690641855045697653> Can you please PR my code on github and make my library mo...
No I can't, I do not invent a cipher instead of you, I know basic informations about cipher construction methods but I am not a cryptographer
Do not roll your own crypto, use existing algorithms
gritty token
No I can't, I do not invent a cipher instead of you, I know basic informations a...
I didn't really understood cyptography so I am going to delete that package and going to make a good new one with the existing algorithms. Thank you so much!
lapis radish
I didn't really understood cyptography so I am going to delete that package and ...
Cryptography and math is the point where you should start π you're welcome, when you will have more questions feel free to ask!
gritty token
Cryptography and math is the point where you should start π you're welcome, whe...
Ok. Thank you!
tall kite
Do not roll your own crypto, use existing algorithms
Roll your own encryption! It is such an interesting and complex problem to approach! Just don't roll your own encryption that you actually use for anything. π
vagrant mist
Roll your own encryption! It is such an interesting and complex problem to appro...
"roll your own crypto...... just don't roll your own crypto" ???? I think what you mean to say is make your own cryptographic algorithms, just don't use them (i.e. roll them)
lapis radish
Roll your own encryption! It is such an interesting and complex problem to appro...
Generally it's interesting to create custom cipher/hash function/whatever.
I prefer to implement existing algorithms instead of creating mine. Just look at authors of Keccak (SHA-3 standard). There were math experts, programmers and people how know electronics. It's hard to beat team like that.
thorn obsidian
has this happend: company X produces hardware with a "e-t phones home" function secretely?
but sells it
woven gazelle
doing what exactly
basically all modern phones have telemetry that you agree to when you set them up
thorn obsidian
i mean more sinister stuff like uploading files on the hardware to some place without user-agreement
lapis radish
i mean more sinister stuff like uploading files on the hardware to some place wi...
Theoretically it's easy to verify - just track any connection in middle server between your phone and the Internet
woven gazelle
would probably be cert pinned
and to some anonymous telemetry api
(anonymous as in not well known)
tall kite
"roll your own crypto...... just don't roll your own crypto" ???? I think what y...
I mean what I said and what I said makes perfect sense... might want to read it again.
tall kite
Generally it's interesting to create custom cipher/hash function/whatever.
I pr...
If you prefer playing around with existing, more power to you. Though rolling your own as a hobby can be fun and I don't think you need to do better than a team of experts.
vagrant mist
I mean what I said and what I said makes perfect sense... might want to read it ...
Perhaps it's a difference in terminology, but to me "rolling" means "to use in production" something I would advise against doing with your own crypto algorithms
tall kite
Perhaps it's a difference in terminology, but to me "rolling" means "to use in p...
Ahhh yep it is, to me "rolling" is to make your own. Fair call, my bad. π
thorn obsidian
By mistake
thorn obsidian
What can go wrong visiting links that a search engine provides?
lapis radish
What can go wrong visiting links that a search engine provides?
For example if there is known 0-day for your device via HTTP then you can by attacked and lost data on your phone or computer
thorn obsidian
Are addons for browsers like Web-of-trust manipulatable, like that some malicious sites will be displayed as "good"? (those addons show a green or red circle behind the links search engines provide, depending if they are good or evil)
tall kite
For example if there is known 0-day for your device via HTTP then you can by att...
Known 0-day?
lapis radish
Known 0-day?
Known by the author of malicious site
lapis radish
Are addons for browsers like Web-of-trust manipulatable, like that some maliciou...
You shouldn't install untrusted addons at all
tepid rover
anyone know of any good tools or sites to track CVE updates?
lapis radish
anyone know of any good tools or sites to track CVE updates?
Hmm, GitHub has something like Dependabot https://docs.github.com/en/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates
tepid rover
Does that cover things like your UNIX servers and their installed packages or do you need to set those up somehow?
I have seen the CVE it sends me about the repo packages but im not sure if it covers a lot of tools and things I should be aware of.
lapis radish
Does that cover things like your UNIX servers and their installed packages or do...
You didn't specified what do you want to cover
There is something like LIvepatch for Ubuntu for example
https://ubuntu.com/security/livepatch
tepid rover
oh wow that is pretty cool, does that work on Debian? @lapis radish
lapis radish
oh wow that is pretty cool, does that work on Debian? <@!690641855045697653>
Just because snapcraft has instructions to install the snap on Debian, doesn't mean Canonical supports our kernel with their service.
tepid rover
I think my Azure servers are supposed to be managed by someone for security patches but i have no idea what they are doing
lapis radish
I am assuming that Livepatch is crafted with Ubuntu in mind
tepid rover
is this service equivalent to watching for CVE and running apt update and possible restart?
lapis radish
is this service equivalent to watching for CVE and running apt update and possib...
Automatic updates installation is not so good as you think, I heard some time ago the idea to install the patch only when you need the feature or it's important security fix
tepid rover
hmm yeah looks like they help take care of all the details for you so your applications will keep working
lapis radish
hmm yeah looks like they help take care of all the details for you so your appli...
Some updates may break your applications so you should test them before deploying on production
tepid rover
you mean the livepatch will break your application?
or you mean if you install all the updates for all the packages
lapis radish
I am talking about general updates, Livepatch can break app too
tepid rover
hmm yeah i was wondering if there was something more along the lines of twitter or rss to notify people of important CVE
I have been mostly following important ones when i see them on tech sites, but i wasnt sure if there was a better way to make sure i dont miss anything
lapis radish
hmm yeah i was wondering if there was something more along the lines of twitter ...
Maybe there are profiles like that on Twitter or somewhere, I don't know any π¦
woven gazelle
Most of the time it's for manufacturers to let you know
Although that won't work if e.g. an upstream service has a problem
thorn obsidian
Hey folks,
is it actually possible to allow extra parameters within the django urls pattern?
Currently, I'm running into the following error using Django + NGINX secure link module.
django.urls.exceptions.NoReverseMatch: Reverse for 'stream' with keyword arguments '{'pk': '5409caac-fc9c-42b8-90af-058eff65a156?st=yfBHZblAXooOzhA4Yj9uOg&e=1630879679'}' not found. 1 pattern(s) tried: ['stream/(?P<pk>[0-9a-f-]?<str:s>?<str:e>)$']
My urls.py looks like this:
url(r'^stream/(?P<pk>[0-9a-f-]?str:s?str:e)$', App_Views.stream, name='stream'),
What I want to accomplish here is that the /stream URL is only callable if a valid secure link signature is part of the URL. Or in other words: How does my URL pattern has to look like in order to fit the arguments I want to call it on?
flat bronze
Hey folks,
is it actually possible to allow extra parameters within the django ...
just put your arguments to query_params (works got any type of methods) or in some cases to post data field
for example...
GET/POST/or anything else
/stream?pk=your-abracadabra
post data field allows putting anything that json allows
{
"pk": "your-abracadabra"
}
my url looks like this http://localhost/object_pk?st=some_value&e=some_value
flat bronze
all right, lets try it again
thorn obsidian
really sorry, seems you want to help me out and i dont understand xD
thorn obsidian
Okay but what has my url pattern has to look like than? Seems I dont understand what Django expects
syntax of urls.py is not clear to me
flat bronze
Okay but what has my url pattern has to look like than? Seems I dont understand ...
if you use class views
urlpatterns = format_suffix_patterns(
[
path("/my_url", views.CountryView.as_view(), name="country"),
]
)
if you use function views
urlpatterns = [
path("/ping", views.get_ping, name="ping"),
]
no need for any regex in this case %
it catches all query params anyway (or any post field data for that matter)
#cybersecurity message
hakuna matata, it means no worries for the rest of your days, it is a problem free, philosophy ;b
thorn obsidian
Maybe we misunderstood each other. This is what my URLs.py looks normally:
stream/(?P<pk>[0-9a-f-]+)$
Now I put nginx secure link in place so that a URL in the following structure gets returned:
http://localhost/object_pk?st=some_value&e=some_value
To me this does not fit the urls.py pattern. What you are saying me now, If I understood you right, that there is piratically no need to make the pattern match, is that right?
flat bronze
no need to make the pattern match, is that right?
yes
flat bronze
if you don't use things like...
/myurl/thing:int/blabla
then you don't need regex things
/myurl is enough
thorn obsidian
okay nice, so my nginx config looks like this:
location /stream {
aio threads=default;
try_files $uri @proxy_to_app;
add_header X-Content-Type-Options nosniff;
secure_link $arg_st,$arg_e;
secure_link_md5 "ABCDEFG12345$uri$secure_link_expires";
if ($secure_link = "") {
return 401;
}
if ($secure_link = "0") {
return 410;
}
}
this would mean that I can simply sign the url right away and dont have to pay any attention onto django url patterns?
thorn obsidian
I want that /stream is only callable if a valid signature has been attached to the URL
I already do it like this for images I display to prevent hotlinking
flat bronze
all right, anti-hotlinking feature it is then
flat bronze
I did not try setting this feature yet, but... I thought this feature is meant to be applied to static files only
django was not supposed to participate in it
althought probably could be possible to implement for that as well
thorn obsidian
My URLs.py now looks like this now:
url(r'^stream/(?P<pk>[0-9a-f-]+)$',
calling the URL fails again with this
django.urls.exceptions.NoReverseMatch: Reverse for 'stream' with keyword arguments '{'pk': '5409caac-fc9c-42b8-90af-058eff65a156?st=Z7KT0cFM1Q1cS7H5zzp-fg&e=1630914776'}' not found. 1 pattern(s) tried: ['stream/(?P<pk>[0-9a-f-]+)$']
Still same issue
thorn obsidian
Thats what Im about π
thorn obsidian
but no idea how it has to look like in a django way
thorn obsidian
I dont want that you do my work but I never needed sucha feature so I actually never worked that much with regex, not sure how it has to look like
flat bronze
with excluding things past ? symbol
it should simplify stuff
umm, you know, google some regex tutorial
thorn obsidian
Thats the plan
flat bronze
Thats the plan
lets return to one important question though
what are you trying to expire
django url request or static file
flat bronze
according to official nginx documentation
the expired links can be /resources/index.html?md5=TG6ck3OpAttQ1d7jW3JOcw&expires=1609372
i could be wrong though
but the point is, that those expiring arguments can be as query parameters
then we don't need regex to match them
thorn obsidian
Well I can confirm that signing works for me as I already do this for images.
than we don't need regex to match them -> Not sure where to implement this
thorn obsidian
Currently Im also able to by-pass the signing check from NGINX perspective but Django does not like the URL pattern
Thank you π I will give you some feedback if I find the magic trick
flat bronze
<@!370435997974134785> url(r'^stream/(?P<pk>[0-9a-zA-Z-=_&?]+)$',
π
thorn obsidian
But still Im not able to by-pass nginx now for whatever reason
thorn obsidian
@flat bronze okay also solved that. Your nginx location block has to look like this in order to match the url pattern:
location ~ "/stream/[0-9a-zA-Z-=_&?]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}$" {
aio threads=default;
try_files $uri @proxy_to_app;
secure_link $arg_st,$arg_e;
secure_link_md5 "MySecretPasswordHere$uri$secure_link_expires";
if ($secure_link = "") {
return 401;
}
if ($secure_link = "0") {
return 410;
}
}
thick nest
Hello,
How I can return none human readable Django api response back to frontend?
serene magnet
Is AVG antivirus safe for pc?
thorn obsidian
most mainstream anti viruses are fine
AVG is no exception
they will defend you in 99.999% of cases just fine
the issue is they will occupy a lot of resources
and if you have one of the less powerful machines then i would suggest just turning on windows defender and only occasionally installing AVG or other antivirus to check the system
and then delete them
upbeat swallow
Hello Everyone,
am not sure if this questions belong in this channel, but was trying to figure if there is a work around ....
trying to access a website with proxy using selenium .....
the site says proxy identified.
is there a work around for that .....
flat bronze
Hello Everyone,
am not sure if this questions belong in this channel, but was t...
!rule 5
past starBOT
thorn obsidian
!rule 5
past starBOT
thorn obsidian
kinda sussy
thorn obsidian
def encrypt(string, shift):
cipher = ''
for char in string:
if char == ' ':
cipher = cipher + char
elif char.isupper():
cipher = cipher + chr((ord(char) β shift β 65) % 26 + 65)
else:
cipher = cipher + chr((ord(char) + shift - 97) % 26 + 97)
return cipher
text = input("enter string: ")
s = int(input("enter key: "))
print("original string: ", text)
print("after encryption: ", encrypt(text, s))
I get an error in this line
cipher = cipher + chr((ord(char) β shift β 65) % 26 + 65)
Saying invalid charcter
fading plaza
!code
past starBOT
wide robin
def encrypt(string, shift):
cipher = ''
for char in string:
if char =...
What do you mean by '' ord(char) β shift''???
wide robin
def encrypt(string, shift):
cipher = ''
for char in string:
if char =...
Just omit the dash character and put instead minus -
thorn obsidian
marsh sparrow
hello guys i need help
how can i unfrestodd if there is digit and ascii letters and punctuation in user input
i got in stuck
lapis radish
how can i unfrestodd if there is digit and ascii letters and punctuation in user...
unfrestodd?
lapis radish
!e
import string
for user_input in ["abcd", "abcd01"]:
if any(character in string.ascii_letters for character in user_input):
print(f"{user_input!r} contains ascii letters")
if any(character in string.digits for character in user_input):
print(f"{user_input!r} contains ascii letters")
@lapis radish :white_check_mark: Your eval job has completed with return code 0.
001 | 'abcd' contains ascii letters
002 | 'abcd01' contains ascii letters
003 | 'abcd01' contains ascii letters
@marsh sparrow
marsh sparrow
!e
```py
import string
for user_input in ["abcd", "abcd01"]:
if any(character...
i will try it bro and tell you
marsh sparrow
<@!864015101878206464> <:this:470903994118832130>
another question
how can i compare user input with a specific column of csv file??
lapis radish
another question
how can i compare user input with a specific column of csv file...
Is it suitable with the channel's topic?
Generally you should do something like the code above (for example replace string.digits with the column values)
empty prairie
Is anyone familiar with Security Onion on here? I'm trying to use it on Windows 10.
marsh sparrow
!e
```py
import string
for user_input in ["abcd", "abcd01"]:
if any(character...
thanks it helped me alot
marsh sparrow
Is it suitable with the channel's topic? <:pithink:652247559909277706>
Generall...
it's about my site , i wanna give a input like alex and i have csv file like this
name , age
alex , 20
lara , 23
i wanna compare user input with name column in my test.csv
and if user input is in name column in test.csv
print("welcom")
i wanna do this
marsh sparrow
did you try applying the l.i.g.m.a code?
what?
marsh sparrow
Did you try applying it?
no
past starBOT
Hey @marsh sparrow!
marsh sparrow
https://paste.pythondiscord.com/xagibexeve.py
why it dont work
marsh sparrow
https://paste.pythondiscord.com/xagibexeve.py
why it dont work
@lapis radish
marsh sparrow
ligma ballz
i wanna work with this but my program run in wrong way
import pandas as pd
a = "aparat"
df = pd.read_csv(a.csv)
if a in df['name']:
print("True")
lapis radish
i wanna work with this but my program run in wrong way
import pandas as pd
a =...
This is out of scope for this channel which is dedicated to security, try to ask in #data-science-and-ml
marsh sparrow
This is out of scope for this channel which is dedicated to security, try to ask...
ok
lapis radish
Hey
lapis radish
who is really good at cyber security here
All depends on a topic
heady shale
All depends on a topic
ok, but overall who knows the most
heady shale
Write a question π
ok lol , nvm .thx for responding π
look wud expect that from my pfp
lapis radish
Feel free to ask your questions here, if someone is able to response then will do it
heady shale
i actually asked this cuz i know a bit of cyber security, but not so much to detect ip adress snatching websites
there was one guy who sent a link which led to a website which stole ip addresses
so we just want to protect our server from scammer of that kind
lapis radish
there was one guy who sent a link which led to a website which stole ip addresse...
What do you mean by stole ip address?
heady shale
so we asked for a pro
fading plaza
every website already steals your ip addr lol
heady shale
What do you mean by *stole ip address*? <:pithink:652247559909277706>
ok it extracted ip addresses from an individual
fading plaza
hell, you can even just loop over all of ipv4
heady shale
every website already steals your ip addr lol
yes but it extracted ,not just scan.
heady shale
?
and i think it installed malware into the individuals acc or something
hmmmmm
hhhmmm is thinking
or typing
fading plaza
not familiar with server moderation, but you can probably just find anti-phishing discord bots easily with a Google search
timber lichen
not sure if this is the right place to post this but I've designed a system that has the capability of blinding someone's eyes with a laser using facial recognition
problem is: I don't want this system somehow accidently fucking up and activating
is there any reliable way to make sure this system doesn't get hacked & activated?
the camera used for facial recognition & high powered the laser both communicate through the internet because I need to run the camera through my pc and then send a yes/no signal to the laser if the facial recognition detects someone who isn't me
unfortunately, I'm using my home internet for communication between the cameras, my computer & the laser
do you think it would be possible to create some kind of private encrypted network for this connection instead of using home internet? honestly I have no idea what solutions are available but I want to prevent the system from being exploited & used against me
also, ik all that sounds crazy lmao but this is all for testing and experimenting, I'm not planning to actually use this on anyone lol
I'm just worried about some of my networking friends using the system against me (I have set this system up in a college apartment building that mostly has students studying computing & stuff.. I'm constantly getting my stuff "hacked" by random people for fun
vagrant mist
problem is: I don't want this system somehow accidently fucking up and activatin...
Just detach the power supply when you don't want it activating, no way to hack that......
tall kite
not sure if this is the right place to post this but I've designed a system that...
I hope you don't mean blind in terms of permanent eye damage, or I strongly advise you should not be doing this project at all.
None the less what you would want to achieve is an encrypted tunnel so to speak between the devices, given you probably aren't looking for huge scale, this could just be based on a set symmetric encryption key both devices know.
Though if you want to be more advanced, you could implement some kind of asymmetric encryption system where the execute orders are signed (via private key) when sent to the laser device, so it can validate command origin.
Then put that all in the symmetric encrypted tunnel and you have a pretty safe system.
Though as far as actually implementing that, I can't help.
timber trench
maybe switch the laser for a water gun?
spring nova
not sure if this is the right place to post this but I've designed a system that...
How do you know it works, have you tested it?
halcyon pier
!hack || everyone ||
mortal perch
not sure if this is the right place to post this but I've designed a system that...
this is very illegal as far as i know. im no lawyer though
vagrant mist
this is very illegal as far as i know. im no lawyer though
in what way??? Sure intentionally damaging someone's eyesight would be, but simply producing a system with that capability? Fine
mortal perch
ok i misread the context a bit
definitely sketchy nonetheless
i think the easiest way is just to not use a high powered laser
flat bronze
**also, ik all that sounds crazy lmao but this is all for testing and experiment...
Perhaps using just automated handkuffs, it sounds safer option
Or something similar to restrain movement
You know... Basically the thing used in subway
thorn obsidian
is there anywhere to learn the network programming with python? All the socket tutorials on YouTube give only a small amount of information upon the module
pallid nymph
Hello π
Where can I learn penteting for free please?
thorn obsidian
@thorn obsidian @pallid nymph i dropped few resources in dms
vagrant mist
<@456226577798135808> <@!700733008180674570> i dropped few resources in dms
but why? Why not send them here so others with similar questions could use them........
north warren
but why? Why not send them here so others with similar questions could use them....
you could have just said "hey kinguard can you post those here so we can all make use of them" instead of coming at it like that
tiny mulch
anyone have a favourite generic ABAC security library for authorization in a simple app ?
north warren
Hello π
Where can I learn penteting for free please?
start with tryhackme.com and start reading up on the subjects in certifications like OSCP, CISSP or CEH
vagrant mist
you could have just said "hey kinguard can you post those here so we can all mak...
genuine question to establish whether or not there was a genuine reason or if they original sender had not considered the option, no need for you to "come at it like that" or even get involved really......
north warren
genuine question to establish whether or not there was a genuine reason or if th...
I'm just saying, you get a better response when you don't come off like that............
vagrant mist
I'm just saying, you get a better response when you don't come off like that.......
you appear to make the assumption I was looking for a response. Yes, one was invited if my assumptions were erroneous, but the primary goal was to pose a viewpoint that perhaps the original author had not considered, and in doing so assist them in helping more people. Ironically your comment seems to be the only one to cause conflict so far
lapis radish
is there any reliable way to make sure this system doesn't get hacked & activate...
If you don't want to allow for hacking such kind of system then don't connect it with Internet
You can create local isolated network for communication
thorn obsidian
Hi
lapis radish
Isolated = not connected with web
thorn obsidian
I got a question
ok so
like the it ppl at my school
They can just plug a usb into laptop
And if fixed a bunch of stuff
How would that be done?
just curious
lapis radish
They can just plug a usb into laptop
Are you asking about creating some kind of malware?
lapis radish
Hello π
Where can I learn penteting for free please?
@pallid nymph and also @thorn obsidian and @vagrant mist - rule 5
!rule 5
past starBOT
past starBOT
tropic crystal
I already referred them to rule 5 lol
lapis radish
ok so is there like nowhere I can get an answer
Try to find the answer on your own or find another server
You can also debate about this rule in #community-meta afaik
snow depot
it's just very sus when you mention usb stick > in computer > does stuff
tall kite
It is amazing how many people don't relies a 'USB' can do a lot worse than just try run some executable that any modern security system should be able to stop most of the time.
Slight tangent I know, but never ever plug an unknown usb in unless you know what you are doing and probably have some kind of virtual environment, unless you are prepared to gamble.
solid seal
@thorn obsidian re. the IT people fixing a PC with a USB key:
A pretty useful tool is to download a linux image with a good set of repair tools, put it on a usb key, and make the key bootable (using Rufus for example). Then you can boot the PC from it and bypass any problem with Windows while you fix disks/partitions, run file scans / virus scans, make backups etc.
verbal glacier
any recommendations for good books for beginners
thorn obsidian
<@456226577798135808> re. the IT people fixing a PC with a USB key:
A pretty us...
Thanks a lot
real light
Alternatively it could be a USB rubber ducky, which is basically an automated keyboard in the shape of a USB. I could definitely see this being used for an IT system.
tall kite
Alternatively it could be a USB rubber ducky, which is basically an automated ke...
Indeed, or any of the million other variants.
real light
(chose ducky because it works out of the box on most systems)
tall kite
I do wonder if Windows will fix it
If a keyboard is already plugged in, confirm with user they are plugging in a keyboard warning.
Best solution I can think of which is simple.
lapis radish
any recommendations for good books for beginners
Which area?
lapis radish
Best solution I can think of which is simple.
If you want to protect against hacking via rubber ducky or similar devices then the easiest way is to disable USB ports or block them physically
tall kite
If you want to protect against hacking via rubber ducky or similar devices then ...
Sure but that solution is terrible. Windows could easily implement a far better one, like what I suggested.
To be clear, terrible as in tedious and inconvenient. It is a great individual level way of avoiding the issue though.
lapis radish
Sure but that solution is terrible. Windows could easily implement a far better ...
How about mouses?
Do you see a need to confirm too?
How can I confirm first device (first mouse or keyboard)?
tall kite
My suggestion accounted for this.
It is safe to assume the first keyboard plugged in/latest if everything was unplugged is intended to be that.
Also yes it probably should carry over to mouses as well and any other device that automatically receives a high level of permission/control.
woven gazelle
but now you've stopped USB from being hotpluggable
or at least not as far as the user is concerned
tall kite
Only usb devices that attempt to communicate as a privileged device when such a device is already plugged in.
Additionally if you want to pick holes in a solution I came up with in 2mins you won't struggle. The point is more some option should be implemented to protect users.
fading plaza
aren't windows password hashes still stored with some really shitty hand rolled hash
back compat trumps security for msft
lapis radish
Additionally if you want to pick holes in a solution I came up with in 2mins you...
Do not put untrusted devices to your USB ports π
Basically there are problems which cannot be solved by software improvements
tall kite
They can be mitigated in effective ways though.
lapis radish
They can be mitigated in effective ways though.
All depends on the user... "Oh no, what a new popup? Wtf, ofc I am trusting my keyboard, moron"
tall kite
Indeed, though a solution can not be ruled out completely on the argument it does not completely eradict the problem.
lapis radish
I prefer to educate than make another annoying popups (like GDPR popups, cookie popups and so on)
verbal glacier
Which area?
more of like an introduction to all the main concepts under computer security. a text youd read in maybe an intro class? 
lapis radish
more of like an introduction to all the main concepts under computer security. a...
I like "Applied Cryptography" (author: Bruce Schneier)
snow depot
was there ever a story about a big company working on a project and one of the employees implements malicious code into the project which then does ... or that ... ?
lapis radish
was there ever a story about a big company working on a project and one of the e...
It's hard to implement malicious code nowadays
snow depot
that's a good thing
lapis radish
Yep
I mean that in proper workflow there should be review process when the code can be accepted or denied
snow depot
but was there ever something like that happen?
lapis radish
From time to time bugs happen - even on production
Some time ago there was problem with MalwareBytes
It's antivirus program
There was bug which causes that MB worked like Chrome - eats as much RAM as it was possible lol
I downloaded that update with this bug which causes that I had no protection till next fix
snow depot
speaking of chrome I am trying out the operagx browser
lapis radish
Two emojis - π₯ π¦
snow depot
firefox is classic especially in Poland π
lapis radish
Guess the browser lol
verbal glacier
I like *"Applied Cryptography"* (author: Bruce Schneier)
thank you 
lapis radish
thank you <:CatLove:793694825140191243>
Check "Handbook of applied cryptography" too - https://cacr.uwaterloo.ca/hac/
floral sky
Ethical Hacking is cool
flint briar
hey everyone
lapis radish
hey everyone
Hey π
hybrid lion
Hey
hybrid lion
Ethical Hacking is cool
Yup
thorn obsidian
Hello
tepid rover
Do not put untrusted devices to your USB ports π
how do you know what can be trusted though lol?
For example, you buy a mouse or webcam on Amazon.
lapis radish
how do you know what can be trusted though lol?
Good question, donβt trust anyone lol
You can pedantically check all devices, generally I trust well know manufacturers (I donβt put names here, sorry, they donβt pay me for ads)
For example my friend bought a small usb fan from Asia and this is device which is untrusted for me
Ofc well known manufacturer can also attach a backdoor or other malicious effects but risk is lower
wet quest
just treat it like a needle, if you dont know that its safe, dont stick it in
tepid rover
lol well you cant use a computer without a keyboard and mouse so you still have to take a bite unless you have the knowledge and skill to check all your devices
wet quest
well i dont stick any random devices in
if i buy a keyboard and mouse from a reputable brand and seller i can be pretty sure that it's safe
lapis radish
if i buy a keyboard and mouse from a reputable brand and seller i can be pretty ...
Exactly
tepid rover
well people have been able to sell counterfeit sd cards on amazon so if anyone really wanted to go to the effort they could do the same for usb devices from "reputable brand and seller"
wet quest
well on amazon i always look at the seller
and if it aint the manufacturer or a trusted reseller the same rules apply
tepid rover
sure but they have been many cases where they got the stock mixed up in warehouse
wet quest
then there's alway the inspection of the package to see if what is inside was tampered with
generally the advice isnt to be paranoid but to be careful and just dont stick a random usb drive into your pc
and if you really need to, there are things you can put in between a untrusted device and your port to prevent aginst frying your pc and assigning the port to a virtual machine
tepid rover
generally the advice isnt to be paranoid but to be careful and just dont stick a...
yeah that is good advice, but are there any study on how many random usb devices are actually fake
wet quest
for example you can use this to see if its a usb frier https://usbkill.com/products/usbkill-shield
and then assign the port to a vm
or even better plug it in an offline machine
tepid rover
don't you want to disable plug and play first? I just don't see how you can guarantee to find any issues unless you spend an huge amount of time on it such as opening the casing etc.
real light
just build your own
untold prism
how to see if an program windows is open? (ping me for answer)
spring rapids
._.
tall kite
Hmmm, so these two numbers together are meant to describe a pixel location in an image. I don't think I decoded the second one quite right...
(436, 597138955984689933957340696741052487702073772)
Image is huuuge
sonic drum
Looks like a repeating pattern when encoded in hex
!e py print(hex(597138955984689933957340696741052487702073772))
past starBOT
@sonic drum :white_check_mark: Your eval job has completed with return code 0.
0x1ac6d1ac6d1ac6d1ac6d1ac6d1ac6d1ac6d1ac
Perhaps the number is supposed to be 428
tall kite
Perhaps the number is supposed to be 428
Wait what, wow you are crazy my dude. The number is meant to be 428, though it has nothing to do with hex. Currently in addition to the binary collected which describes the 428, it currently gathers a bunch of data because the length of the key is not correctly calculated anymore in certain situations so it doesn't correctly stop at the end of the 428 binary.
So context, this is a steganographic tool which embeds data in image pixels. Each pixel has a R, G, and B value, of which each can be described by an eight digit binary number. Originally when storing data, this tool would pick one colour and then one of the 8 bits describing that colour (obviously least significant provides best results but it is an argument). This selected bit would be replaced with the desired data. I have since implemented functionality such that you can pick any combination from 1 bit to all 8 bits in the one selected colour of a pixel to modify. Yet data extraction relies on a special calculation that figures out the number of pixels required to be read to pull the above key coordinates which describe the final data location. This calculation still thinks only one bit can exist per pixel, even though the function to extract the data can pull as many bits as are specified to be stored. So the result is this key being way longer than it should be.
Here is an image which shows modifying all 8 bits of the green colour for an entire image by the way:
Unfortunately this bug is not as easy as going: Key_length_calculation divided by number_index_locations_per_pixel. This is because in the final pixel, the first stored bit might be the last bit of the key and the next bit in that pixel might be the start of the data.
So this has proved a horribly annoying bug to really address, particularly as when I originally wrote this code, I didn't consider that I might want to implement this new functionality. This is also pretty painful to troubleshoot and the code overall is relatively lengthy and complex.
Unrelated really cool note about this steganographic tool, unlike conventional methods of storing data in images that go across the pixels left to right, top to bottom, mine uses the image, a key argument, and the data of a bunch of pixels to determine a unique order of locations. So removing our noise argument, data is actually attached something like this:
Also note, if I only modify insignificant binary, you never see anything!
lapis radish
Basically when you have RGB which is 24 bits then you can save in each pixel 6 bits of data (2 bits per each colour)
r, g, b = pixel
data = ((r & 0x3) << 4) | ((g & 0x3) << 2) | ((b & 0x3) << 0)
Something like that
Or
r, g, b = pixel
data = 0x00
for i, v in enumerate([r, g, b]):
v &= 0x03
data <<= 2
data |= v
I am not hardcoding a specific way of modifying the pixels. I am giving users the power to select which colours are modified and which of the 8 bits in the given colours is modified. They could easily pick the two least significant bits for all three colours if they wanted.
lapis radish
You can try to pack more data than 2 bits per pixel but it probably destroy the original image
tall kite
I let the user decide via arguments.
lapis radish
I am not hardcoding a specific way of modifying the pixels. I am giving users th...
Okay, then you are loosing some space to save this information, right?
tall kite
No, it is on the user to remember the way they specified.
tall kite
The only none data information I store is data for the final data location.
lapis radish
TrueCrypt format for example has only header-less format and it's awful
I like to have a switch to on and off this option
LUKS has this feature afaik
You should think about that
tall kite
You must store the location of the final data point, unless you were to fill the entire image with data.
The only other solution would be to have a special endpoint designator, which is a worse approach in my eyes and more difficult to implement/understand.
lapis radish
From my point of view you can create a map where are sectors on an image which contains data and put this mapping at the start of the image
Alternatively you can store this map in another file
Also - keep notice that editing not least significant bits of an image but most significant bits will causes visual errors
tall kite
It doesn't cause visual errors, it is just far more noticeable in most images.
Also the image itself and a key argument (which defaults to a certain key otherwise) together create the correct list of how all the data is ordered.
You can't really create a map as the order is more of less a shuffle of all possible locations. You can't reasonable say this part of the image is where all data is.
lapis radish
You can't really create a map as the order is more of less a shuffle of all poss...
Sometimes you can by analysing neighbor bits
I mean not all data but this pixel can be malformed
tall kite
If you have the original image, yes you could notice some bits are a fraction of a different colour. You would still need to bruteforce the order of each of the bits and somehow account for the fact that even though some pixels now have data, they still may have not actually changed in colour at all, as the original and new data matched. If you knew this tool was used, then you would still need to bruteforce the key (and number of additional key pixels) to extract the correct order. Also note, this tool has an option to fill the remaining data points with noise.
lapis radish
If you have the original image, yes you could notice some bits are a fraction of...
If you have original image then you just know which bits were changed lol π
I am talking about probability that this bit could be malformed by analysing neighbor bits
Like chance is 84.3% or chance is 0.31%
tall kite
I am talking about probability that this bit could be malformed by analysing nei...
I don't have a clue what you mean when you say this.
tall kite
If you have original image then you just know which bits were changed lol π
Having the original image alone would not at all allow you to just read the attached data.
This is not a conventional image steg tool.
lapis radish
I don't have a clue what you mean when you say this.
Imagine that you have photo of person on a background which is one colour - you can analyse bits with same colour and try to find some distortions
tall kite
Imagine that you have photo of person on a background which is one colour - you ...
Oh so it is what I originally assumed. Then no, identifying some pixels are slightly different would not by itself allow you to extract the original data.
Given the points I specified: Some pixels with data won't change, the order of the data is unknown, and the whole image can be filled with noise.
lapis radish
Oh so it is what I originally assumed. Then no, identifying some pixels are slig...
Sometimes you don't want to extract hidden informations but destroy them π
tall kite
Sure they could destroy it, very easily.
Depending on the image used anyway (unless we are assuming they always have the original).
Though honestly that isn't something I am going to bother accounting for. The way to account for that would be to fundamentally not attach data to images in the way I am.
errant heath
Is SQL Injection basically the only way a login page can be bypassed?
woven gazelle
no
i would give a better answer but really most attack techniques could accomplish that in one sense or another
tall kite
so its encrypted
No it isn't encrypted
thorn obsidian
Is SQL Injection basically the only way a login page can be bypassed?
Nah, broken authentication, there are some ways you can do it with XSS @errant heath
errant heath
Ok thanks. Is there a good way or some service that provides insights in possible security risks in web based apps (Flask)?
cyan gate
Hi. I am looking in to doing a project on making botnet detection better. Is there any place I should look for datasets and other resources to help me do the project?
Also, is there any specific part/method of botnet detection that I should focus on implementing or improving?
flat bronze
omg. Azure Linux machines appear to be with vulnerable pre installed agent.
https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
woven gazelle
No it isn't encrypted
So if I do have a copy of your program I can trivially retrieve hidden data
tall kite
So if I do have a copy of your program I can trivially retrieve hidden data
If you have the image and know the settings (including the key) used to order how the data is attached.
The key is used as a variable such that people have an easy way to change the order of data locations for the same image. This key has absolutely no impact on the data itself, so the data is not encrypted. You could if you wanted obviously encrypt the data first.
woven gazelle
I would argue that's still encryption
tall kite
I wouldn't fault you for that, it is a grey area as far as definitions.
tall kite
Sometimes you don't want to extract hidden informations but destroy them π
I had a think about your suggestion around headers, I have actually decided I will attach all settings except the key as a header. I think it will be more user friendly and with the size of images, the space for data lost to store settings data is insignificant.
I also won't bother with a headerless mode as that is more annoying to implement on my website and would likely just leave people confused. Especially given I need to then handle if heading data exists or not. Also the key can't be in the header data as the key itself would also determine the locations of the header data (unless I did fixed locations which would be terrible).
tall kite
I would argue that's still encryption
One interesting thought by the way, part of the reason I like having the key is that you can then bruteforce a key where attaching the data does not actually change the image at all, as the bits of data being attached match the data they are replacing. This was the original idea that inspired the whole tool.
lapis radish
Also, is there any specific part/method of botnet detection that I should focus ...
Can you elaborate? What do you want to protect and so on?
lapis radish
omg. Azure Linux machines appear to be with vulnerable pre installed agent.
http...
Microsoft and backdoors, who could guess...
lapis radish
I also won't bother with a headerless mode as that is more annoying to implement...
Headerless version need to return header (like JSON file) and image with hidden data so yes, it can be confused for some users
Are you working on some console-like program?
lapis radish
Looks pretty!
However I am big fan of CLI programs lol
I am afraid of leaving my terminal
tall kite
Cheers, has been a lot of work. Well all my code is open source, you could take the Python file for a given tool and interface with it with a little code through a CLI.
I just hate CLI myself
lapis radish
CLI programs can be easily automated so... big thumb up from me π
Anyway, kinda offtopic here
tall kite
Technically steg is security π
lapis radish
I am talking about advantages and disadvantages of CLI-like interfaces π Steganography is okay here π