|
I mean, if you're good you'll be piggybacking off someone else's ip
|
# ? Jan 13, 2020 21:48 |
|
|
# ? Apr 28, 2024 18:19 |
|
CRIP EATIN BREAD posted:I mean, if you're good you'll be piggybacking off someone else's ip just like in the computer hacking simulator, uplink
|
# ? Jan 13, 2020 21:58 |
|
sounds fake and dumb, and their responses to people calling them out make them sound even faker and dumber.
|
# ? Jan 13, 2020 21:59 |
|
redleader posted:just like in the computer hacking simulator, uplink using exploited boxes as a tunnel isnt uncommon at all
|
# ? Jan 13, 2020 22:00 |
|
in that this person posting this tweet is basically saying "welp, i got a nasty letter in the mail from <return address>, it must have come from their house!" also if they were able to resolve the ip to some domain that's even more likely its an exploited box somewhere
|
# ? Jan 13, 2020 22:03 |
|
tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught"
|
# ? Jan 13, 2020 22:04 |
|
I bet there is one somewhere
|
# ? Jan 13, 2020 22:06 |
|
taqueso posted:I bet there is one somewhere https://www.wikihow.com/Not-Get-Caught-After-Hacking-Into-a-Computer
|
# ? Jan 13, 2020 22:07 |
|
Cocoa Crispies posted:tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught" my_crimes.txt is a good what not to do guide
|
# ? Jan 13, 2020 22:16 |
|
CRIP EATIN BREAD posted:also if they were able to resolve the ip to some domain that's even more likely its an exploited box somewhere Yeah, the only places I’d expect to see a non-ISP reverse DNS would be mail servers. Maybe some obscure hosting for somebody big enough to use non-shared hosting but small enough to have a script kiddie take over their server.
|
# ? Jan 13, 2020 22:16 |
|
|
# ? Jan 13, 2020 22:22 |
|
https://www.youtube.com/watch?v=BpOJCb_gW8c
|
# ? Jan 13, 2020 22:26 |
|
Cocoa Crispies posted:tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught" as this tweet makes clear, the main precaution you need to take is to stop your computer broadcasting an ip address this is also a good defensive measure to make it harder for people to hack you
|
# ? Jan 13, 2020 22:48 |
|
Some of those cheap online webhosts that give you a VM & shell on a dreadfully overcommitted host have really easy reverse lookup configuration. I can easily imagine someone who knows enough to be dangerous setting one up (including that) then later reusing the same host as their "hacker" platform after carefully connecting to it via tor or VPN so that they'd be untraceable. Basically everyone who gets caught gets caught because of bad opsec, right?
|
# ? Jan 13, 2020 22:48 |
|
yeah im going with stdh based purely on the rest of that dude's lovely tweets
|
# ? Jan 13, 2020 22:56 |
|
Cocoa Crispies posted:tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught" https://youtu.be/S8GPTvq1m-w
|
# ? Jan 13, 2020 23:01 |
|
James Baud posted:Some of those cheap online webhosts that give you a VM & shell on a dreadfully overcommitted host have really easy reverse lookup configuration. lol yeah back a few years ago there was someone who got doxxed really bad because they had a bunch of personal poo poo on the machine that was also their web host which is why back when i was doing a lot of def con stuff i made sure we simply did not run a website where we kept personal information
|
# ? Jan 13, 2020 23:21 |
|
hung up on that cable modem cablehaunt poo poo dns rebinding attacks farts.info gives you some janky js, it asks owned.farts.info for CORS poo poo, and it resolves to the same host as farts.info, and attacker gets to say "yeah cors yolo, go nuts" then the farts.info js starts sending XHRs and websockets against owned.farts.info that eventually rebinds to 127.0.0.1 why the gently caress isn't the web browser gonna trash the CORS result once the addrinfo changes from "public internet ip" to "localhost" or "non-routable address" what janky poo poo will this break taht doesn't deserve to be broken
|
# ? Jan 13, 2020 23:48 |
|
after the last several discussions of enterprise software making use of local “web servers” and resources and the reluctance of a browser vendor to say “yeah, nah” we will see this kind of thing for a while I bet never trust by IP alone if you can in any way afford to do so
|
# ? Jan 13, 2020 23:51 |
|
I was just wondering about why mitigating DNS-rebinding attacks in general isn't considered in scope for browsers (which do all their own DNS) in the last week or so too. I imagine it would break CDNs who don't use anycast, but there are lots of other security policies you can opt into so why not one about this? Rebinds re: only non-routable IPs seems even safer.
|
# ? Jan 13, 2020 23:58 |
|
James Baud posted:Rebinds re: only non-routable IPs seems even safer. rebinding between public, localhost, and the different prefixes for non-routables shouldn't keep CORS results, yeah
|
# ? Jan 14, 2020 00:02 |
|
Mozilla tried public->nonpublic restrictions more than 5 years ago and it broke stuff, and Chrome has had an additional preflight requirement for public->nonpublic CORSy requests in the build but behind a test flag for a few years as well. I wouldn’t want to be the one who decided to change that default today. rebinding protection as a subset might be safer, as long as it doesn’t fall afoul of selecting on-net CDN elements and such
|
# ? Jan 14, 2020 00:59 |
|
Cocoa Crispies posted:tbf, there's not like a guide book to hacking that covers important doing crimes stuff like "not getting caught"
|
# ? Jan 14, 2020 01:43 |
|
https://www.wikihow.com/Make-It-Look-Like-You-Are-Hacking quote:Question
|
# ? Jan 14, 2020 06:02 |
|
okay one more https://www.wikihow.com/Look-Like-a-Computer-Cracker the whole thing is excellent but i especially love the warnings: quote:
|
# ? Jan 14, 2020 07:00 |
|
Jabor posted:Here's how it works: Oh lord this is so dumb
|
# ? Jan 14, 2020 13:01 |
|
graph posted:wait, whats up with netscalers I assume you looked it up by now, but there’s a directory traversal vuln in Citrix adc and gateway products that basically shells them. Citrix published a workaround that’s ok for now but no patch. last Friday some Indian team dropped a simple exploit on github and over the weekend basically everyone who hasn’t mitigated is probably rooted. ironically the first thing skids do is try to run coinminers on them, because of course.
|
# ? Jan 14, 2020 13:30 |
|
also apparently there’s going to be an apocalyptic patch for core Windows crypto dropped today too. have fun folks
|
# ? Jan 14, 2020 13:33 |
|
ewiley posted:also apparently there’s going to be an apocalyptic patch for core Windows crypto dropped today too. does it speed it all up so compromised windows servers can run crypto miners as efficiently as compromised linux servers
|
# ? Jan 14, 2020 13:40 |
|
ewiley posted:also apparently there’s going to be an apocalyptic patch for core Windows crypto dropped today too. today should be a good selection of updates, but tomorrow is when things get interesting
|
# ? Jan 14, 2020 14:30 |
|
ewiley posted:also apparently there’s going to be an apocalyptic patch for core Windows crypto dropped today too. yeah, this one looks spicy
|
# ? Jan 14, 2020 15:12 |
|
rooting for chaos https://twitter.com/taviso/status/1217117892786831360 https://twitter.com/briankrebs/status/1217114698115698688
|
# ? Jan 14, 2020 17:18 |
|
Diva Cupcake posted:rooting for chaos Don't update your Xboxes.
|
# ? Jan 14, 2020 17:35 |
|
don't mind me just refreshing https://portal.msrc.microsoft.com/en-us/security-guidance https://twitter.com/hashcat/status/1217121542485815297 https://twitter.com/dlitchfield/status/1217128076485644288 Subjunctive posted:Mozilla tried public->nonpublic restrictions more than 5 years ago and it broke stuff, and Chrome has had an additional preflight requirement for public->nonpublic CORSy requests in the build but behind a test flag for a few years as well. I wouldn’t want to be the one who decided to change that default today. https://twitter.com/justinschuh/status/1217124854861914114 Wiggly Wayne DDS fucked around with this message at 18:03 on Jan 14, 2020 |
# ? Jan 14, 2020 17:58 |
|
Wiggly Wayne DDS posted:don't mind me just refreshing https://portal.msrc.microsoft.com/en-us/security-guidance oh wow usenix enigma getting some real Content
|
# ? Jan 14, 2020 18:21 |
|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601quote:An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. i wonder when we'll see this being exploited on the xbox
|
# ? Jan 14, 2020 18:57 |
|
https://twitter.com/taviso/status/1217146026923978752
|
# ? Jan 14, 2020 19:22 |
|
Lain Iwakura posted:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 lol the link is timing out now
|
# ? Jan 14, 2020 19:30 |
|
ooooh boy
|
# ? Jan 14, 2020 19:33 |
|
|
# ? Apr 28, 2024 18:19 |
|
they finally managed to give everyone vxd
|
# ? Jan 14, 2020 19:34 |