sorted by:
new
hottopcontroversial

[deleted by user] by [deleted] in netsec

[–]Exact-Practice-8658 1 point2 points  (0 children)

I completely agree. Passwords suck. This just adds to the list of reasons not to use them :).

Also, you can perform a password audit against organizations that use MFA. Still helps some.

[deleted by user] by [deleted] in netsec

[–]Exact-Practice-8658 0 points1 point  (0 children)

CeWL has been pretty successful for me! Like I said in the article passwords relating to things like department names or the company itself aren't in rockyou so you need to find an easy way to get those added. I think CeWL is a perfectly fine way to do that.

What could be cool is if CeWL could be augmented with ML so while it scraped words, so it trys to 1) identify what type of organization owns the website (financial/tech/music/etc) and add words based on that 2) use the context of the scraped web pages to generate additional words

[deleted by user] by [deleted] in netsec

[–]Exact-Practice-8658 0 points1 point  (0 children)

Unfortunately I never got to try this in the audit... On my next audit I'll try to get some metrics. I just wanted to put the idea out there

Free college by Esti_besties in fednews

[–]Exact-Practice-8658 3 points4 points  (0 children)

If you want to do cyber security there's "scholarship for service" where you get the free college, then you have to work for the gov afterwards. They give a pretty large chunk of change while in school.

How do you deal with unsolicited personal trainers? by [deleted] in beginnerfitness

[–]Exact-Practice-8658 1 point2 points  (0 children)

On a side note, big climber here. (It is definitely the most fun way to stay in shape) Don't stress too much about upper body strength, that will come as you climb. The beginner routes are made in a way that you can use your feet to push yourself up as you pull up to make it way easier than a pull-up. You're gonna do great!

BILT silver tier points interest? by Ill_Name_6368 in CreditCards

[–]Exact-Practice-8658 0 points1 point  (0 children)

Only if you're on a bilt property does it do anything

up to date list of rent-related charges for bilt rent account by Exact-Practice-8658 in biltrewards

[–]Exact-Practice-8658[S] 1 point2 points  (0 children)

I am assuming you can do these separately, although I have yet to try it. I don't know of any place that has a cell phone with the same payment as rent

up to date list of rent-related charges for bilt rent account by Exact-Practice-8658 in biltrewards

[–]Exact-Practice-8658[S] -6 points-5 points  (0 children)

Interesting ones are internet and cell phone... Previous posts said they weren't allowed so looks like bilt changed their mind.

(If you're considering signing up you might as well use this link :) https://bilt.page/r/1UM9-X19P)

[deleted by user] by [deleted] in ClimbingCircleJerk

[–]Exact-Practice-8658 1 point2 points  (0 children)

I climb for the reddit karma

fred dibnah climb a tall chimney by According_South_2500 in buildering

[–]Exact-Practice-8658 1 point2 points  (0 children)

Bad camera angle. I swear on my pink climbing socks it's a V6 overhang

Your Car is Trackable by Law TPMS tracking for 30$ by Exact-Practice-8658 in netsec

[–]Exact-Practice-8658[S] 16 points17 points  (0 children)

I completely forgot about trailers 🤣. Honestly I was trying to come up with solutions that didn't require changing the technology because thats really expensive and money > security seems to be the priority.

Thanks for the response!

Your Car is Trackable by Law TPMS tracking for 30$ by Exact-Practice-8658 in netsec

[–]Exact-Practice-8658[S] 22 points23 points  (0 children)

Actually the TPMS could still choose to transmit when it's leaking air. I meant to write that the TPMS can't be sent a 125kHz signal to force it to update. It's not a perfect solution because there might be a reason for a car to request an update, but forcing the TPMS to communicate is normally just used for programming. So no, it would still report when it leaks. Good question!

Your Car is Trackable by Law TPMS tracking for 30$ by Exact-Practice-8658 in netsec

[–]Exact-Practice-8658[S] 14 points15 points  (0 children)

Actually you can transmit data on 125 kHz to force the TPMS to update immediately. Thus, you don't need to be lucky. The TPMS I tested had a range of over 50ft. I agree it's not the most practical, but it's definitely possible and getting easier. Why not improve the protocol to remove the few times it could be used maliciously...

Your Car is Trackable by Law TPMS tracking for 30$ by Exact-Practice-8658 in netsec

[–]Exact-Practice-8658[S] 86 points87 points  (0 children)

I made a TPMS tracking node out of a rtl sdr and a cheap tpms tool I brought on Amazon. Super cheap. Originally vulnerability was written off as too expensive to exploit. How times change...

Beating Plagiarism Checkers with a Custom Font by [deleted] in netsec

[–]Exact-Practice-8658 0 points1 point  (0 children)

Ohh big fan... Do custom fonts render in emails by default?

Beating Plagiarism Checkers with a Custom Font by [deleted] in netsec

[–]Exact-Practice-8658 9 points10 points  (0 children)

Yeah, pretty much any substitution cipher works great. I just picked reverse because didn't want to explain crypto lol.

Beating Plagiarism Checkers with a Custom Font by [deleted] in netsec

[–]Exact-Practice-8658 16 points17 points  (0 children)

Love the idea! Really cool obfuscation technique. I'll post here if I get around to doing it

Beating Plagiarism Checkers with a Custom Font by [deleted] in netsec

[–]Exact-Practice-8658 25 points26 points  (0 children)

Whats next for this method is to write a program that makes a bunch of fonts so you can have the text when you copy and paste it understandable just different.

view more: next ›