|
GreenNight posted:If I dump all the code in this thread will he sue SA? I think I speak for all non mods when I say “do it and let’s find out lol” It’ll be like that time somebody printed the DVD encryption key on a t shirt.
|
# ? Feb 23, 2019 04:47 |
|
|
# ? Apr 25, 2024 00:34 |
|
Bring it on
|
# ? Feb 23, 2019 04:50 |
|
v2.11 https://pastebin.com/i0vN7UkG
|
# ? Feb 23, 2019 05:08 |
|
Sickening posted:I have seen the script before and don't I remember a single thing about the script that gave me the impression that it did anything groundbreaking. Useful? Absolutely. Widely used? It did catch on anywhere people were talking about wsus. So unique that it needed to be monetized? Developing a script like that and getting it tested and touching production servers ? That will get into the low four figures in most corporate environments. Even if you're a Powershell expert already, that'll take some real time to research just exactly what you want it to do. And do you have a test environment with a WSUS in it ? If not, you have to spin that up, get it working, and do some useful tests. Than can easily take days from multiple people. In the positive news department, I did our first PoC for using qemu to virtualize lab machines. We have literally hundreds of systems controlling instruments running XP and Win 7 Pro (and our Win 7 Pro image sucked). Many of these machines can't be replaced or even re-imaged because the vendor for the instrument they control no longer exists, or wants $10,000 to have someone come out to reinstall the software - and that not necessarily as soon as next week. We're going to capture images of those machines and virtualize them. Lab downtime for software issues will be a thing of the past, just revert to the last good checkpoint and start the run over again. Qemu on Centos 7 will save us an extra Windows license vws doing it in Hyper-V. Today I demonstrated a guest OS controlling a USB device connected to the host machine. Okay, it was just a USB DVD drive, but the Win7 VM saw it and was able to eject the drive tray. That's trivial. Next week, we book some time with a lab manager and try it with a nanodot sampler. That's money. We've got a long way to go, but we have seen the future for Research, and it's virtual. Oh, and firewall-cmd is the poo poo, the absolute greatest poo poo, for someone who had to hand-roll iptables configs back in the day. e. The WSUS script is 5000 lines of Powershell ? High four- to low five-figures to develop in-house. Low 4-figures to grok and test it, but still much less than doing your own solution from scratch.
|
# ? Feb 23, 2019 05:25 |
|
I’m not reading through that mess. Someone highlight the funny parts.
|
# ? Feb 23, 2019 05:37 |
|
angry armadillo posted:I am trying to work out if one of the helpdesk guy does this because he doesn't know the answer or if he believes the things he says. I'm going to say that he actually believes what he says. He went on a rant the other day about how the whole dev team are basically idiots and only he knows what's best. Anyway just from what little my boss has said I can tell his opinion of the person is not great. How long he lasts is what I'm really curious about.
|
# ? Feb 23, 2019 05:42 |
|
Jesus wtf
|
# ? Feb 23, 2019 06:36 |
|
Page has been removed, what sort of drama happened here?
|
# ? Feb 23, 2019 13:34 |
|
|
# ? Feb 23, 2019 13:54 |
|
I didn't know this, but recruiters will snitch on you. One of tech leads? I guess was sitting in on an interview, and our company does the schtick where the HR and management leave and the interviewee can just ask what ever of a potential higher up co-worker, while theoretically less being pressured about asking "polite" questions. So the dude pressured the tech lead in to answering the "whats a negative thing about working here", question, and honestly it is pretty cool working here, so I would be hard pressed to think of one. I do know the answer isn't in half jest, "Yea, one of the execs can be kind of a d-bag, but he doesn't come in much so it'll be fine." especially to someone who doesn't work here, but the Interviewee told his recruiting company, who told the exec in question, who then wanted the dudes head on a platter. What I wonder is, why did the recruiter think that was a good route to take? At best nothing comes of it, except maybe one of the execs likes your candidates a bit more, and at worse you've hosed yourself, because anyone who liked the dude that got canned who has a say in recruitment is gonna dumpster any of your clients out of spite. In repentance the recruiters in question have been leaving breakfast in our kitchen for the last week. Defenestrategy fucked around with this message at 15:30 on Feb 23, 2019 |
# ? Feb 23, 2019 15:18 |
|
Defenestrategy posted:What I wonder is, why did the recruiter think that was a good route to take? At best nothing comes of it, except maybe one of the execs likes your candidates a bit more, and at worse you've hosed yourself, because anyone who liked the dude that got canned who has a say in recruitment is gonna dumpster any of your clients out of spite. In repentance the recruiters in question have been leaving breakfast in our kitchen for the last week. Yeah this makes up for deliberately trying to ruin someone's life.
|
# ? Feb 23, 2019 18:34 |
|
Boy, that sure did disappear fast.
|
# ? Feb 23, 2019 23:09 |
|
Narcs itt
|
# ? Feb 23, 2019 23:27 |
|
GreenNight posted:Narcs itt Dudes probably trollin around on pastebin looking for it a few times a day.
|
# ? Feb 23, 2019 23:49 |
|
He probably has a script that scrapes pastebin, a lot of people do.
|
# ? Feb 23, 2019 23:57 |
|
Wibla posted:He probably has a script that scrapes pastebin, a lot of people do. Heh, If you take all the comments out, change up the order of various tasks, and then post it on pastebun, what kind of case does he have to take it down? This person is using similar calls to default windows commandlets, take down my intellectual property!
|
# ? Feb 24, 2019 00:40 |
|
I am putting a Eula on all of my 6 line powershell script. All of you have been warned. Don’t you dare be trying to copy my get-aduser original content. All of you putting together ipconfig batch scripts are in notice too!
|
# ? Feb 24, 2019 00:46 |
|
Sickening posted:I am putting a Eula on all of my 6 line powershell script. All of you have been warned. you're going down
|
# ? Feb 24, 2019 00:58 |
|
code:
|
# ? Feb 24, 2019 01:11 |
|
Methanar posted:
*changes it to sbin*
|
# ? Feb 24, 2019 01:21 |
|
What’s in the loving paste bin. Put it in a post here
|
# ? Feb 24, 2019 01:40 |
|
Sepist posted:*changes it to sbin* #!/bin/env python
|
# ? Feb 24, 2019 01:44 |
|
code:
|
# ? Feb 24, 2019 02:03 |
|
code:
cat <(docker run bash $(cat << EOF > /dev/stdout echo hello EOF ) ) > /dev/null Methanar fucked around with this message at 02:50 on Feb 24, 2019 |
# ? Feb 24, 2019 02:44 |
|
Nerds
|
# ? Feb 24, 2019 03:49 |
|
Tetramin posted:What’s in the loving paste bin. Put it in a post here its loving huge, it would take up several posts
|
# ? Feb 24, 2019 04:15 |
|
It was 5k lines of crappy code in a single file. E: I once supported Perl code that shelled out to perl. It was awesome. jaegerx fucked around with this message at 04:33 on Feb 24, 2019 |
# ? Feb 24, 2019 04:27 |
|
I once embedded a Perl script in unreachable lines past the end of a bash script, don't @ me
|
# ? Feb 24, 2019 05:41 |
|
code:
|
# ? Feb 24, 2019 05:47 |
|
Vulture Culture posted:I once embedded a Perl script in unreachable lines past the end of a bash script, don't @ me Why <?php shell_exec(' cat lol.sh | grep -A999 "#!/usr/bin/perl" | perl '); ?> I've written a series of shell scripts that pipe poo poo into a gnu expect interpreter that controls like 50KW worth of electrical circuits. Methanar fucked around with this message at 06:03 on Feb 24, 2019 |
# ? Feb 24, 2019 05:58 |
|
Methanar posted:I've written a series of shell scripts that pipe poo poo into a gnu expect interpreter that controls like 50KW worth of electrical circuits. It worries me that someone let you do this.
|
# ? Feb 24, 2019 06:09 |
|
CLAM DOWN posted:It worries me that someone let you do this. I don’t even trust this guy to rake my rocks.
|
# ? Feb 24, 2019 06:14 |
|
Methanar posted:
How do you think many businesses log in to their banks?
|
# ? Feb 24, 2019 13:01 |
|
Methanar posted:I've written a series of shell scripts that pipe poo poo into a gnu expect interpreter that controls like 50KW worth of electrical circuits. Fuuuuck.
|
# ? Feb 24, 2019 15:33 |
|
So, All the InfoSec guys on twitter are telling me to stop focusing on 0-Days and start focusing more on IT Hygiene. Not that 0-Days aren't important but that in the terms of most medium-large businesses that aren't the military, government or otherwise a likely target of hackers being organized is much more important than we once realized. Thoughts?
|
# ? Feb 24, 2019 20:17 |
|
As in, as a career?
|
# ? Feb 24, 2019 20:24 |
|
jaegerx posted:It was 5k lines of crappy code in a single file. I remember seeing one of my co-workers having a Perl script that shelled out to the Perl interpreter. I was like "WHY?" and he was like, "What, it works " translation: I copied this from the Internet and have no idea what it does cheque_some fucked around with this message at 20:53 on Feb 24, 2019 |
# ? Feb 24, 2019 20:51 |
|
Tab8715 posted:So, Yes it is likely that focusing on patching, best practices for network design, following least privilege principles, auditing current permissions, and monitoring for all of the above to ensure it doesn't change is a better use of your time. You are 1000x more likely to have a problem because a server has 3389 exposed to the internet and you have a weak administrator account password with the default name. Or a user downloaded malware that takes advantage of a vulnerability that should have been patched a year ago.
|
# ? Feb 24, 2019 21:54 |
|
Tab8715 posted:So, I’d agree with them
|
# ? Feb 24, 2019 22:33 |
|
|
# ? Apr 25, 2024 00:34 |
|
lampey posted:Yes it is likely that focusing on patching, best practices for network design, following least privilege principles, auditing current permissions, and monitoring for all of the above to ensure it doesn't change is a better use of your time. You are 1000x more likely to have a problem because a server has 3389 exposed to the internet and you have a weak administrator account password with the default name. Or a user downloaded malware that takes advantage of a vulnerability that should have been patched a year ago. skipdogg posted:I’d agree with them
|
# ? Feb 24, 2019 22:43 |