|
Biomute posted:What would be a reasonably secure way to do email that does not require much from the receiver (no PGP etc)? I want to send an email and not have it be easily traceable back to me as the the sender for a third party monitoring the receiver. I don't mind if the receiver knows who I am or anything. Go the Maniford route, don't send the email, just save it in the drafts folder and send the login information instead  Is not securing the email per se, but if you're just shooting to send it from an alternative email address, VPN service to mask your public IP + private browsing session (not cookied and traceable back to you), + temporary email service like inboxbear, or of all things, Yahoo aliases/disposable email addresses. The Yahoo one is actually fairly decent, use a Google voice number or something to register for the Yahoo email.
|
#
¿
Nov 1, 2018 12:32
|
|
|
|
| # ¿ Apr 20, 2024 00:36 |
|
|
Wiggly Wayne DDS posted:not only is it bad advice this'll get flagged even faster - there's automated intel systems to alert on this very specific activity chain I was just being facetious... Though, in all fairness, the investigators only found out about Maniford doing that after the recipient confessed while being interviewed, right? evil_bunnY posted:This is all extremely potent bad advice, especially if you're worried about LE. You want a shared machine on a shared network with a payment system that cannot track you. With enough threads, you can trace nearly anything back. Your shared machine could have a session logged and traced back to a hotel room stay or library card or credit card/security footage at an internet cafe, etc, it's just an extra investigative step. Just out of curiosity though, would it be device information collected by the browser or traffic collected by the ISP that would be considered traceable in this case? The google number would be an easy trace, that was bad advice. Or potentially the VPN service provider collecting information (since it should otherwise be encrypted from the ISP)? I'm just curious where that chain specifically unravels. From personal experience, I've noticed different pricing on airlines while using VPN + incognito, as well as Google's captcha not being happy when it doesn't have adequate cookie/screenshot information to identify you. Unless it's crimes worthy of federal investigation, I'm presuming most LE is still pretty unsophisticated, considering the volume of death threats and blatant criminal activity occurring on a daily basis that gets ignored from LE, even when personally asked to step in.
|
|
#
¿
Nov 1, 2018 19:59
|
|
|
anthonypants posted:You should probably stop reading whatever articles you're getting linked to on Facebook that spell his name "Maniford". Haha, whoops, I thought I might have been typoing that. That'd be a result of listening to NPR and bad recollection on my part... I don't use Facebook :bigtran: Catatron Prime fucked around with this message at 22:32 on Nov 1, 2018 |
|
#
¿
Nov 1, 2018 22:26
|
|
|
One of my co-workers recommended the bandit series from over the wire, so I just wanted to pass it along here if anyone is looking for a good refresher or introduction to *nix command line and whatnot. That is all... 
|
|
#
¿
Nov 13, 2018 04:34
|
|
|
Do you guys have any daily podcasts you like to keep on top of the recent news and events while commuting? I'm looking for something akin to Krebs on Security, but podcast form. Thanks in advance!
|
|
#
¿
Dec 3, 2018 02:50
|
|
|
Proteus Jones posted:Risky Business is decent. Just listen with a critical ear. Proteus Jones posted:Risky Business is decent. Just listen with a critical ear. Thanks! Got it queued up!
|
|
#
¿
Dec 4, 2018 03:56
|
|
|
ignore the double post
Catatron Prime fucked around with this message at 18:56 on Dec 4, 2018 |
|
#
¿
Dec 4, 2018 18:53
|
|
|
Internet Explorer posted:It's too late, you've already been hacked! Well, that's the default assumption anyways, right? Thanks to Troy Hunt, I can easily see that every service I've ever touched has leaked my credentials or information on one way or another. Now I'm curious to see about shopping for my own information, just how much of it is floating around in a useful purchase format... And that also reminds me that I need to freeze my credit now that service is free... 
|
|
#
¿
Dec 4, 2018 18:56
|
|
|
Mystic Stylez posted:I'm going to sell one of my dad's computers and Android mobile phone, so I want to wipe them before doing that. Android's factory reset is pretty hit and miss with actually really deleting stuff. Cellebrite can recover a pretty shocking amount of crap off a factory reset Android. But, very few people are going to forensically examine your device to retrieve your cat photos. Google hard reset and your device model and you'll probably be fine. Encrypting the volume and resetting is also a good suggestion. While you're in recovery mode, wipe the cache partition and whatnot as well. With iPhone, do a soft reset with the settings menu. Once it finishes, turn it off, hold down the home or volume down key whole turning it on to get into DFU mode, and do a factory reinstall by plugging it into iTunes and following the prompts. I can confirm you're not going to find any data after doing that. That being said, I don't believe most people will bother going to that depth trying to recover anything off a used device. If you really care, software like Piceasoft will overwrite the free space after a factory reset for full data sanitation. I haven't really tried much, but my understanding of SSDs is that once the bit is flipped on the flash memory, it's gone forever. It's not the same recovery potential like platter hard drives. A full format (not just a quick one) should honestly do the trick, unless you're worried about state level actors, in which case you're screwed anyways. I don't think you would substantially impact the lifecycle by a single pass erase. Hard drive, a full format or two is probably good enough. Encrypt and wipe the drive for extra peace of mind. Try using some file recovery software to verify the deed is done.
|
|
#
¿
Dec 16, 2018 19:36
|
|
|
Gromit posted:Have you done this with Cellebrite yourself? I've used it a lot on phones, but I don't recall trying it on a factory resetted phone, and certainly not on enough different makes/models to be a representative set. But if you've noticed it yourself I'd love to hear more detail. Yup, at my last job we were able to pull things like pictures of whiteboards, contacts information and messages, and some other stuff with Cellebrite on a variety of factory reset Androids. This was on devices that had been certified as clean by the company or agency's IT too. Even old blackberries wouldn't fully delete apps and some other information when doing the "secure" reset. We didn't even put those through Cellebrite at the time, we just opened it up and boom there's your texts, phone number, and several apps you have to manually delete or overwrite. I don't recall whether we found anything on iOS before doing a full reimage, but they had the fewest issues on the forensic end. I would imagine newer androids with full encryption would be better, I just haven't seen the forensic examination to say so.
|
|
#
¿
Dec 20, 2018 15:09
|
|
|
apseudonym posted:When was the last time you tried this? Last time I personally tried this was about a year ago. But, just as a caveat, the phones tested were probably about twoish years old at that point, like Galaxy six and a few other models I don't specifically remember off the top of my head. Unfortunately I don't work there anymore so I couldn't tell you what things are like currently, other than a general takeaway and the resulting process for securely erasing devices based on the findings. I don't believe we were able to find any test files on windows phones, though that ship has sailed anyways. To me it's more interesting from the perspective that everything is a dumpster fire 
|
|
#
¿
Dec 21, 2018 15:31
|
|
|
apseudonym posted:The S6 was just before the mandatory encryption requirements, if my memory serves, but I would have expected them to have had it (though given my experience with celbrite's Android claims they probably talked up the SD card something fierce since that isn't wiped in a factory reset). Right, YMMV and I'm sure newer phones and versions of Android are better about this, especially with mandatory encryption. Not to mention that as a threat vector, someone forensically testing your used factory reset devices outside of an interested state actor is probably pretty drat slim when there are so many easier ways to target an organization or individual. This is more from a point of interest regarding what a dumpster fire things are, and to just be careful/be aware that older devices can be leaky in ways you didn't even think of.
|
|
#
¿
Dec 23, 2018 14:46
|
|
|
Anyone else here signed up for Kringlecon this year? The recorded talks are pretty good, definitely worth checking out if you weren't previously aware of it. ...that is all...
|
|
#
¿
Dec 28, 2018 14:52
|
|
|
TinTower posted:Happy birthday, everyone. Wow, you were also born January first 1900? That’s amazing! Thought I was the only one
|
|
#
¿
Jan 1, 2019 22:49
|
|
|
Mystic Stylez posted:I'm going to ask some very dumb questions, but please bear with me. It’s already been answered, but yes, that’s trivial. Assume everything you do over the network is logged and easily searchable, or filtered with notifications for visiting certain websites. If he really wanted to, he could measure productivity with your browsing habits and see how much time you spend actively browsing the web and where with automatic reporting. That being said, it’s probably very unlikely with such a small company, but there you have it. Nobody has the time to waste with even basic IT stuff at a small company, but many owners are also neurotic, paranoid, and weird. As already mentioned, a VM is a great option, and Oracle Virtualbox is free and easy to use if you have a good general knowledge of computers. A second laptop is also not a bad idea as well. astr0man posted:So the NSA is finally declassifying their internal reverse engineering tool: https://www.rsaconference.com/events/us19/agenda/sessions/16608-come-get-your-free-nsa-reverse-engineering-tool This is awesome! Can’t wait to get my hands on this 
|
|
#
¿
Jan 4, 2019 08:23
|
|
|
Lambert posted:Big Beautiful Passwords for everything. 
|
|
#
¿
Jan 17, 2019 15:41
|
|
|
Darchangel posted:What a bunch of children. It's hilarious how they accuse everyone else of being thin-skinned and butthurt, but can't take any questioning themselves. Can't have any dissent in their  I work on a fairly diverse team and we’re extremely lucky to have several women and people originally from places like Ethiopia, and they are hands down some of the smartest and nicest people on the team. Entitled, misogynistic, and racist behavior like that is extremely discouraging. If people are that closed minded about society, I would absolutely expect them to be similarly bereft of the capability to keep up with the changes in technology.
|
|
#
¿
Jan 25, 2019 00:05
|
|
|
CLAM DOWN posted:This field doesn't operate on your hyperbolic assumptions and biases. Yes..... but then you see stuff like this: https://futurism.com/cybersecurity-c-toc-ibm/amp/ taqueso posted:It's the continue code for the last level of Battle Toads NES. It’s already been answered, but just to elaborate, base 64 encodes characters into blocks of four, hence the equal signs for padding to fill out the last block of four. Whenever you see trailing equal signs like that, it’s usually base64 encoded, which can be decoded with Notepad++. I usually see it through attempts to pass prohibited characters through XSS filters, eg <> or /
|
|
#
¿
Feb 27, 2019 07:28
|
|
|
I saw one earlier this year that searched out other miners by name, killed their process id one by one, and then did some other fun stuff like check system utilization and only run below a certain threshold. I’ll see if I can dig it up, that was just great in so many ways. Diva Cupcake posted:Nessus Home and OpenVAS. Nessus is obviously a bit more user friendly. OpenVAS and Nmap are the two I see most frequently being used on a day to day basis. Golismero is a handy interface for launching OpenVAS and generating reports if you have a Kali VM.
|
|
#
¿
Mar 1, 2019 12:11
|
|
|
D. Ebdrup posted:You may wanna pay a little attention to what's blanked and what isn't blanked. Or not. It's not as if hexidecimals can be translated into IPs or anything like that. Trend Micro certainly doesn't seem to think so. I’m seeing a pcap containing a
|
|
#
¿
Mar 1, 2019 21:34
|
|
|
Docjowles posted:It hasn't actually happened, but I live in constant fear of Slack stealing focus and making me dump important credentials into a public channel. When I'm typing a password I always triple check that the correct app has focus out of total paranoia. Only really good for windows OS, but KeepAss’ auto type feature is loving fantastic. You pick a target window in the database entry for that credential, and then next time you log in, Ctrl-alt-a auto types the credentials when you have the correct window or login url pulled up. 
|
|
#
¿
Mar 17, 2019 14:19
|
|
|
Docjowles posted:My Dick 5 hash algorithm (TM) Cup Runneth Over posted:Short and rarely used anymore, eh? 
|
|
#
¿
Mar 21, 2019 00:06
|
|
|
The Scientist posted:Is there a thread for reverse engineering/vulnerability discovery/exploit development, especially in the context of Capture The Flag competitions? Not that I’m aware of, but I’ve done a few and collectively this seems to be about as good a place as any to post it. I just did one last week that was a USB pcap and I had to translate the hex into HID keyboard characters to get a pastebin url, which contained the base64 encoded flag. Last one I did before that was at codemash, and you had to find the login for a url and then use the browser tools to find the base64 flag hidden in the header. Once I finish up bandit my next step is hackthebox.eu, so I’m definitely interested in whatever ctf you’re doing. Also, as far as reverse engineering goes, ghidra was just released and is a fun one to install on a VM, and any.run is great for examining the execution of stuff. If it’s powershell you’re trying to deobfuscate, cyber chef (https://gchq.github.io/CyberChef/?recipe=%5B%7B%22op%22%3A%22XOR%22%252) is pretty rad
|
|
#
¿
Mar 23, 2019 06:28
|
|
|
The Scientist posted:University of Central Florida has their CTF this weekend: This is awesome! Thanks for sharing!! I’ll poke into that this weekend. In other news, have more massive data breaches! https://www.wired.com/story/email-marketing-company-809-million-records-exposed-online/
|
|
#
¿
Apr 2, 2019 01:03
|
|
|
The Scientist posted:Are there still any Blackhat zines or forums around? Manyhats.club discord might be a good place to look. Also i think one of my coworkers gets a quarterly mini magazine with interesting hacks or something like that... I’ll see if i can find a link
|
|
#
¿
Apr 6, 2019 06:32
|
|
|
CommieGIR posted:I really want to do more CTFs, but I really need to brush up on my pen testing skills I’m currently working through this for personal edification at this point, but this is a good resource for OSCP, which is all the hacky bits: https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob E: The Scientist posted:Cool, just joined, thanks. The mini-magazine that you're describing sounds like 2600, which RFC2324 mentioned. Its good stuff, and I have read it off and on for years. Lmfao, RFC2324 is apparently HTPCP, or Hyper Text Coffee Pot Control Protocol https://tools.ietf.org/html/rfc2324 I love engineers 
Catatron Prime fucked around with this message at 06:07 on Apr 7, 2019 |
|
#
¿
Apr 7, 2019 05:34
|
|
|
xThrasheRx posted:https://www.bbc.com/news/business-47724438  Security through obscurity doesn’t work worth a drat... that’s like hiding your SSID, useless for anyone or any script actually looking. Also his solution to the evil internets hackzorz is to just remove all the computers from the internet entirely? The gently caress did I just read? Catatron Prime fucked around with this message at 16:27 on Apr 12, 2019 |
|
#
¿
Apr 12, 2019 13:19
|
|
|
Anyone out in Vegas for hacker summer camp this week?
|
|
#
¿
Aug 7, 2019 08:50
|
|
|
CommieGIR posted:Keepass for local DB. I like Keepass. KeePass chat regarding some auto type issues people had a few pages back— Some of the best features aren’t super intuitive at first, but the ctrl+v autotype that pumps credentials wherever the cursor bar is (eg messaging window or browser url bar) can be fixed with ctrl+alt+a autotype, which is locked to a specific window. You just have to set this up with each credential by going into the auto fill tab for each credential and selecting the source from the drop down menu of active windows. This way, so long as KeePass is open in the background, you can single press keyboard shortcut auto log in to whatever and this works ridiculously well. Another great feature if your domain doesn’t have a seamless SSO, you can insert field references for passwords. That way, you only have to have one set of credentials to update for your work domain, and everything can populate off that.
|
|
#
¿
Aug 15, 2019 03:45
|
|
|
Nalin posted:CTRL+ALT+A autotype by default will look to see if any window titles contains the words of the entry's title. You don't HAVE to pick the specific window title in the entry unless you turn that option off or if you want different auto-type sequences for different individual windows. Both of which are good to know! I’ve never quite gotten it to work properly without setting it up individually, and I’ll have to give the browser plugin a shot. I need to play around with self hosting bitwarden and maybe make the migration if that works out. This might be more of a home lab question, but what all does everyone have setup on their home network for open source IDS, log analysis, etc? I was looking at installing snort on one of the new Pi 4s and setting up HELK on my ESXi nuc server just to play around with some different tools. I’d also like to set up a virtual appliance to do regular vulnerability management scans beyond cron jobbing a golismero openvas scan off my Ubuntu server, and wasn’t sure what might be best tool for local network stuff. I’d also like to set up some sort of port mirroring or inline capture engine to run a whole network packet capture, either tcpdump or some dedicated hardware. I’m not opposed to purchasing new or dedicated hardware to make all this happen if anyone has any specific recommendations they could share. Thanks in advance! E: Going to install the security onion virtual appliance and go from there. Any insight or other suggestions are very much appreciated! Catatron Prime fucked around with this message at 02:38 on Aug 23, 2019 |
|
#
¿
Aug 19, 2019 18:39
|
|
|
Any y'all heading out to hacker summer camp this week? FYI: Black hat is doing free business hall passes for defcon attendees if you're already registered. Doesn't look like Rapid7 is doing any parties, but there's a bunch of other vendors hosting stuff. Blue team village released all their workshop signups, and they're all virtual this year. Some good stuff on malware deobfuscation and windows forensics.
|
|
#
¿
Aug 1, 2021 23:50
|
|
|
CLAM DOWN posted:America is insane for having in-person conferences right now. Well, I'll be masked and vaxxed, so  Wouldn't really be so much of a problem if it weren't for the chuds scared of needles.
|
|
#
¿
Aug 2, 2021 00:06
|
|
|
AlternateAccount posted:Pretty sure it was 4 of the 5 hospitalizations who were vaccinated. Well, there was also some other critical analysis missing from the news with regards to the recent Massachusetts outbreak
|
|
#
¿
Aug 2, 2021 00:53
|
|
|
CLAM DOWN posted:It really doesn't make it any smarter if you're masked and vaxxed. It's a crowd and your country is having an enormous surge because you ARE full of chuds. In case you haven't checked lately, the whole world has gone insane. It's not just limited to America, but we're just the easiest ones to point fingers at and laugh at. Glass houses and all. Humanity is stuck with Covid, same way as we're still stuck with the 1918 influenza bug as one of the miscellaneous flu strands that rears up each year. I don't know about you lot, but being stuck at home here for the last year and a half has been depressing as gently caress. I personally had a really lovely bout with covid last February, which took months to feel like a halfway normal person again. Throughout the pandemic I've followed the CDC's guidance, and this will be no different. I'm fully vaccinated and I'll be wearing a mask. The Pfizer and Moderna vaccines have proven themselves especially effective against the Delta variant, even with the people who did catch a breakthrough case in Massachusetts. On a personal note, I'll just say that my mental health especially is at an all time low. Something has to change, because I'm not sure how much longer I can keep doing this.
|
|
#
¿
Aug 2, 2021 13:03
|
|
|
|
| # ¿ Apr 20, 2024 00:36 |
|
|
Print Nightmare is back, and it does indeed bypass EDR controls https://twitter.com/GossiTheDog/status/1425193153691279365?s=20
|
|
#
¿
Aug 12, 2021 16:53
|
|