Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«193 »
  • Post
  • Reply
DACK FAYDEN
Feb 25, 2013

Bear Witness

myron cope posted:

Is this part true? I've used LastPass and 1Password, would be nice to know if I shouldn't be
Yeah, given how little I vaguely remembered, the three being one good, one bad, and one annoyingly finicky but also good makes sense. Use with pride

(might get her a book, that's a darn good idea, even if it's less lazy than plugging in a USB and letting technology do the work)

Adbot
ADBOT LOVES YOU

The Scientist
Nov 6, 2009



Fallen Rib

OSU_Matthew posted:

Not that Iím aware of, but Iíve done a few and collectively this seems to be about as good a place as any to post it. I just did one last week that was a USB pcap and I had to translate the hex into HID keyboard characters to get a pastebin url, which contained the base64 encoded flag. Last one I did before that was at codemash, and you had to find the login for a url and then use the browser tools to find the base64 flag hidden in the header. Once I finish up bandit my next step is hackthebox.eu, so Iím definitely interested in whatever ctf youíre doing.

Also, as far as reverse engineering goes, ghidra was just released and is a fun one to install on a VM, and any.run is great for examining the execution of stuff. If itís powershell youíre trying to deobfuscate, cyber chef (https://gchq.github.io/CyberChef/?r...3A%22XOR%22%252) is pretty rad

I didn't have a specific CTF in mind when I posted that, but I'm participate in them casually with my school's Cybersecurity club when I have free time. We do hackthebox'es a lot, those are very fun.

And Ghidra is great, tho I have yet to completely explore it. The C decompilation is incredible. I have also contributed a little to the radare2 project, which I like alot. I have yet to checkout the Ghidra command line tool, I wonder if its comparable to radare2 - the command-line stuff is what attracted me to the latter.

bull3964
Nov 18, 2000

DO YOU HEAR THAT? THAT'S THE SOUND OF ME PATTING MYSELF ON THE BACK.

Well, this is concerning.

https://www.reuters.com/article/us-...eedName=topNews


quote:

“Based on our analysis, trojanized updates via URIs were deployed by ASUS’ live update server between June and late October 2018. These updates were digitally signed using two certificates from ASUS,” Duffourg said.

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate



Glad I switched to Clevo!

Pablo Bluth
Sep 7, 2007

I've made a huge mistake.


I got a haveibeenpwned email, as the dump from the previously announced 500px hack has now turned up.

fyallm
Feb 27, 2007


College Slice


Hereís a reddit forum from last yearr where ASUS users were talking about a suspicious software update ASUS was trying to install on their machines in June 2018:


https://www.reddit.com/r/ASUS/comme...o_some_mystery/



Awkward

Klyith
Aug 3, 2007

GBS Pledge Week



I'd think an obvious thing to do would be to show the problem to Google & Apple security guys so they can revoke the app -- as just shown with the facebook spy-4-bucks app, they have the ability to pull the master switch on a developer. That wouldn't protect the poo poo that's already in an unsecured webserver, but it would at least halt the damage.

wolrah
May 8, 2006
what?


Klyith posted:

I'd think an obvious thing to do would be to show the problem to Google & Apple security guys so they can revoke the app -- as just shown with the facebook spy-4-bucks app, they have the ability to pull the master switch on a developer. That wouldn't protect the poo poo that's already in an unsecured webserver, but it would at least halt the damage.
It's a tough call, because while that would stop new content from being added they're also trying to not tell the world where to look for this unsecured cache of private data is before it gets taken down. Having Google/Apple throw the master switch would make it obvious pretty quickly.

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate



Yes, they should go to the FBI. The only way to stop that cache of amateur child porn and intimate secrets from being hosted, when the admins are unreachable and the domain hosts shrug their shoulders, is most likely to have the feds raid it and unplug the servers.

Klyith
Aug 3, 2007

GBS Pledge Week


wolrah posted:

It's a tough call, because while that would stop new content from being added they're also trying to not tell the world where to look for this unsecured cache of private data is before it gets taken down. Having Google/Apple throw the master switch would make it obvious pretty quickly.

Now that they've published the article about it that's definitely true, but if they'd done it first and then published after? I don't pay enough attention to mobile app news, would a random lovely spyware app getting yanked attract a ton of attention?

And that would have at least stopped the ongoing damage. As things are now, when there's no truly effective penalties for exposing non-medical data no matter how private, I almost think that's the best that can be done.



Cup Runneth Over posted:

amateur child porn


Like, it's real lovely if pictures of kids were being rifled through by creeps, but that's some shaky legal ground there junior g-man.

Jabor
Jul 16, 2010

#1 Loser at SpaceChem

Hey, why don't you have a seat over there and tell us more about your theory of how these nude pictures of children technically aren't actually child porn.

Klyith
Aug 3, 2007

GBS Pledge Week


Jabor posted:

Hey, why don't you have a seat over there and tell us more about your theory of how these nude pictures of children technically aren't actually child porn.

Context. The same image can be CP is one context and innocent in another.

Let's not have this stupid discussion.

Volmarias
Dec 31, 2002


Klyith posted:

Context. The same image can be CP is one context and innocent in another.

Let's not have this stupid discussion.

That works for baby bath pictures, not for 13 year olds sexting each other and the pictures getting sucked in by poorly written spyware.

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate



Yeah it's amateur child porn dude. These are sexts by teenagers.

There's probably adult nudes on there as well, and there's plenty of other reasons it should be taken down, but that's the most salient and easiest to sell to a judge.

CLAM DOWN
Feb 13, 2007


RICKARUS

It's Moot baby!




This topic makes me super super super uncomfortable.

Sickening
Jul 15, 2007

Black Summer was the best summer.

Klyith posted:

Context. The same image can be CP is one context and innocent in another.

Let's not have this stupid discussion.

Context: you are a loving idiot.

evil_bunnY
Apr 2, 2003



CLAM DOWN posted:

This topic makes me super super super uncomfortable.
I mean spying on your kids is insanely creepy to begin with

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate



The app is also marketed to abusive partners, don't worry

CLAM DOWN
Feb 13, 2007


RICKARUS

It's Moot baby!




evil_bunnY posted:

I mean spying on your kids is insanely creepy to begin with

....yes?

Klyith
Aug 3, 2007

GBS Pledge Week


Volmarias posted:

That works for baby bath pictures, not for 13 year olds sexting each other and the pictures getting sucked in by poorly written spyware.

Cup Runneth Over posted:

These are sexts by teenagers.

Ok I'm an idiot, I apologize to the thread. I thought about the one thing, but not about that. (The article didn't say anything about that, I assume if they'd seen one in their random sample the FBI would have been an easy call.)


OTOH there is good news, it's down now.
https://motherboard.vice.com/en_us/...pyware-mobiispy

Cup Runneth Over
Aug 8, 2009

She said life's
too short to worry
She said life's
too long to wait
It's too short not
to love everybody
Life's too long to hate



Hooray, the power of journalistic pressure used for good!

incoherent
Apr 24, 2004

01010100011010000111001
00110100101101100011011
000110010101110010


See I don't know why Trump implied that Huawei is a threat due to state sponsored ties, they could of hammered home how incredibly inept they are.

https://arstechnica.com/information...ces-are-a-mess/

quote:

One major problem cited by the report is that a large portion of Huaweiís network gear still relies on version 5.5 of Wind Riverís VxWorks real-time operating system (RTOS), which has reached its ďend of lifeĒ and will soon no longer be supported. Huawei has bought a premium long-term support license from VxWorks, but that support runs out in 2020.

quote:

it was discovered that ďan unmanageable numberĒ of versions of the OpenSSL library were allowed to be used in productsóincluding some with known vulnerabilities.

quote:

The lack of consistent software builds means itís difficult (at best) to determine whether a bug found in one version of software has been fully patched in another build.

Methylethylaldehyde
Oct 23, 2004

BAKA BAKA


incoherent posted:

See I don't know why Trump implied that Huawei is a threat due to state sponsored ties, they could of hammered home how incredibly inept they are.

https://arstechnica.com/information...ces-are-a-mess/

In addition to China having a very difficult to diagnose and remove killswitch in all American 5g deployments and phones, you also have the same killswitch and remote code exploits available to any nation state actor or clever security researcher worldwide!

Volmarias
Dec 31, 2002


incoherent posted:

See I don't know why Trump implied that Huawei is a threat due to state sponsored ties, they could of hammered home how incredibly inept they are.

https://arstechnica.com/information...ces-are-a-mess/

Incompetence is just par for the course, though.

The Iron Rose
May 12, 2012

Cat Army


incoherent posted:

See I don't know why Trump implied that Huawei is a threat due to state sponsored ties, they could of hammered home how incredibly inept they are.

https://arstechnica.com/information...ces-are-a-mess/

In fairness this is always going to be 100% the case at any large organization. I've literally seen these exact problems at every company I've ever worked with.

The Scientist
Nov 6, 2009



Fallen Rib

University of Central Florida has their CTF this weekend:

https://2019.sunshinectf.org/

My school's little Cybersecurity club 100%'ed UCF's other, continuously-running CTF: https://ctf.hackucf.org/challenges which had some truly inspired challenges. That one would be a great place to start (if not just some guides on Binary Exploitation and Reverse Engineering in general). The CTF's page says that the event is in association with the InfoSec conference Bsides Orlando.

Anyway, I'm kinda stoked about this one, like I said my experience with their challenges has been that they are very well thought out but don't always require the most advanced BinEx techniques like advanced Heap exploitation, complex ROP chains, or like defeating aslr and stuff.

OSU_Matthew
Aug 23, 2010


Gun Saliva

The Scientist posted:

University of Central Florida has their CTF this weekend:

https://2019.sunshinectf.org/


This is awesome! Thanks for sharing!! Iíll poke into that this weekend.

In other news, have more massive data breaches!

https://www.wired.com/story/email-m...exposed-online/

The Scientist
Nov 6, 2009



Fallen Rib

Are there still any Blackhat zines or forums around?

I'm not a Blackhat by any means, it just makes for interesting reading.

RFC2324
Jun 7, 2012

Http 418


The Scientist posted:

Are there still any Blackhat zines or forums around?

I'm not a Blackhat by any means, it just makes for interesting reading.

alt2600 can still be bought at barnes and noble lol

OSU_Matthew
Aug 23, 2010


Gun Saliva

The Scientist posted:

Are there still any Blackhat zines or forums around?

I'm not a Blackhat by any means, it just makes for interesting reading.

Manyhats.club discord might be a good place to look. Also i think one of my coworkers gets a quarterly mini magazine with interesting hacks or something like that... Iíll see if i can find a link

CygnusCyg
Apr 4, 2019


Anyone wanna group up and do some CTFs together?

PlaidCTF is coming up in a few days http://plaidctf.com/ and the DEFCON Quals are coming up soon, also. https://www.oooverflow.io/dc-ctf-2019-quals/

Should be pretty fun.

The Scientist
Nov 6, 2009



Fallen Rib

OSU_Matthew posted:

Manyhats.club discord might be a good place to look. Also i think one of my coworkers gets a quarterly mini magazine with interesting hacks or something like that... I’ll see if i can find a link

Cool, just joined, thanks. The mini-magazine that you're describing sounds like 2600, which RFC2324 mentioned. Its good stuff, and I have read it off and on for years.


EDIT: if anyone else is looking for discords to join, checkout the r/reverseengineering discord: https://discord.gg/VpYAn8w

Although I do not condone anyone viewing reddit in lieu of SA.

CygnusCyg posted:

Anyone wanna group up and do some CTFs together?

PlaidCTF is coming up in a few days http://plaidctf.com/ and the DEFCON Quals are coming up soon, also. https://www.oooverflow.io/dc-ctf-2019-quals/

Should be pretty fun.

I will definitely be participating in this Plaid, though I'm not sure how well I will do. I have heard from experienced CTF's that this is a good one, but I bet will be challenging. We could use an existing discord server or something to live chat while we're working on them.

As for the DEFCON one, lol, doubt I'd get a single challenge. Might just spectate

The Scientist fucked around with this message at Apr 7, 2019 around 03:30

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

I really want to do more CTFs, but I really need to brush up on my pen testing skills

CLAM DOWN
Feb 13, 2007


RICKARUS

It's Moot baby!




I've done a bunch of Netwars and they're awesome fun

OSU_Matthew
Aug 23, 2010


Gun Saliva

CommieGIR posted:

I really want to do more CTFs, but I really need to brush up on my pen testing skills

Iím currently working through this for personal edification at this point, but this is a good resource for OSCP, which is all the hacky bits:

https://www.abatchy.com/2017/03/how...or-pwkoscp-noob

E:

The Scientist posted:

Cool, just joined, thanks. The mini-magazine that you're describing sounds like 2600, which RFC2324 mentioned. Its good stuff, and I have read it off and on for years.

Lmfao, RFC2324 is apparently HTPCP, or Hyper Text Coffee Pot Control Protocol

https://tools.ietf.org/html/rfc2324

I love engineers

OSU_Matthew fucked around with this message at Apr 7, 2019 around 05:07

RFC2324
Jun 7, 2012

Http 418


OSU_Matthew posted:

E:


Lmfao, RFC2324 is apparently HTPCP, or Hyper Text Coffee Pot Control Protocol

https://tools.ietf.org/html/rfc2324

I love engineers

I'm still disappointed that none of the internet enabled coffee pots actually use it

Volmarias
Dec 31, 2002


Username/av/post combo on point

CygnusCyg
Apr 4, 2019


CommieGIR posted:

I really want to do more CTFs, but I really need to brush up on my pen testing skills

Thats what I use CTF's for! The challenges are usually really fun and if you dont know how to do something, they encourage you to learn how (usually)!

There were a few of the 50 point challenges from CSAW last year that were teaching basic Pwnables and basic RE. Given, if you are new to the material it IS still a lot to take in, but if you are interested in it and want to learn CTFs can be a great way to get there.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!

Pillbug

OSU_Matthew posted:

Iím currently working through this for personal edification at this point, but this is a good resource for OSCP, which is all the hacky bits:
https://www.abatchy.com/2017/03/how...or-pwkoscp-noob

Gonna try this, I've been playing with Metaploit/Rapid 7s Metasploitable, but that's a CTF on EASY mode, you can get root right off the bat, and its open to every exploit under the sun.

I've got a virtual security lab with a bunch of flavors of Windows and Windows Server plus some RHEL and Debian boxes segregated by a PfSense VM and a Virtual Switch.

Adbot
ADBOT LOVES YOU

D. Ebdrup
Mar 13, 2009



CommieGIR posted:

Gonna try this, I've been playing with Metaploit/Rapid 7s Metasploitable, but that's a CTF on EASY mode, you can get root right off the bat, and its open to every exploit under the sun.

I've got a virtual security lab with a bunch of flavors of Windows and Windows Server plus some RHEL and Debian boxes segregated by a PfSense VM and a Virtual Switch.
I don't know if pfSense ships with netgraph modules, but if it does you can use ng_bridge(4) and ng_ether(4) to do switching (plus, there's ng_netflow if you need that). Alternatively, netmap can be used to create a vale(4) software switch that can easily do +70Gbps on relatively inexpensive hardware.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«193 »