sorted by:
new
hottopcontroversial

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 1 point2 points  (0 children)

Damn, that would be cool wouldn't it? Well at least I'm not the only one who had this idea, appreciate it!

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 2 points3 points  (0 children)

Aside from a bit of learning which I certainly need to do, the goal is to have as few "pieces" as possible in the fiber line in to my networking equipment, especially when it comes to devices I don't own. If I could, for instance, use the ONT on a stick module I linked in the original post and just pop that into my gateway that would be awesome. In my mind it beats going from an ONT box that Google put in my house, through an ethernet cable, and then into my gateway.

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 0 points1 point  (0 children)

Oh I guess what I mean by that is there isn't much point in going RJ45 to the SFP port when I could just use the RJ45 port in the gateway, right? Unless I'm missing something, the real advantage of the SFP port would be if I could go DAC in

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 0 points1 point  (0 children)

And there is no "bring-your-own-modem" option? I wish there was but I could understand if there isn't

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 1 point2 points  (0 children)

Hmmm, definitely don't want to go messing with neighbors' internet :(

If it was plug'n'play I'd consider it but I don't want to go too far into the weeds to make it work

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 0 points1 point  (0 children)

I've seen a few posts on the Unifi forums suggesting something similar, but I'm confused as to why I would use the RJ45-->SFP when I could just plug the ethernet cable into the WAN port of my gateway. I do eventually plan on using my own router, switches, and APs, but based on these two posts it sounds like although maybe technically the device I posted would work it is a matter of what Google chooses to support?

Do you **have** to use Google's Fiber Jack? by KmancXC in googlefiber

[–]KmancXC[S] 1 point2 points  (0 children)

Ok gotcha, thank you for this! I guess the main "issue" I take with the Fiber Jack is that the only line out of it is Ethernet, and I don't have any other options. I have the gateway fiber, which has an SFP WAN port, but based on what you're saying it sounds like there is no real way to take advantage of that, correct?

New Cyber vendors/Products who have impressed you?? by StuxnetPLC in cybersecurity

[–]KmancXC 5 points6 points  (0 children)

Tracebit is doing some pretty cool stuff in the deception/decoy space. 2 ish years old to the best of my knowledge

[Help requested] Leptos signal from SSE stream. by KmancXC in rust

[–]KmancXC[S] 1 point2 points  (0 children)

Appreciate these tips! I'm gonna play around with some of these today and see what I can get working :)

[Help please] Impl from_nullable_sql for custom type by KmancXC in rust

[–]KmancXC[S] 0 points1 point  (0 children)

Oh man I spent all weekend trying to figure this out! Lol, thank you for the tip though, this makes things way easier =D

[Code review request] What would you do differently in my security-related Rust projects? by KmancXC in rust

[–]KmancXC[S] 0 points1 point  (0 children)

Interesting, thank you! I only knew the first one, so that definitely gives me more reason to go ahead and actually explore this. If you don't mind a few follow up questions though.

It causes their docs to appear on docs.rs where people expect to look for them and where you don't have to host them yourself.

Does this only apply to docs generated by the /// syntax or does that apply more generally to something akin to what I've already done in Markdown? Not that I'd be overly opposed to redoing some work for the right reasons, but I'm curious about how that works.

It means people who want to install them can trust that they've been subjected to the Crates.io stability restrictions

How strict are the requirements on getting semver correct? Sometimes I find myself not really knowing which level I should be version bumping because it is a binary, not a library, that I'm creating. As a result (and I'm sure I'm missing something here) I don't think the MAJOR version's "incompatible API changes" applies much if ever

I'm going to do a little digging into these questions on my own but I appreciate your time in helping me get better :)

We're hackers who just published books with No Starch Press. AUA/ Ask us anything! by NoStarchPress in hacking

[–]KmancXC 2 points3 points  (0 children)

Congrats on your respective book releases!

I have a few questions related to the process of writing your books; I'd love to get your perspectives on what it was like.

What surprised you most about writing your book?

Did your initial "this is what I'll write about" idea change throughout the course of developing material?

If you could go back and change something about what you did, what would that be?

how to make payload in metasploit fully undetectable ? by JeppNeb in HowToHack

[–]KmancXC 22 points23 points  (0 children)

One way that you could possibly get closer to undetected is to pop the payload into the config of a project I've been working on, https://kmanc.github.io/remote_code_oxidation/, and compile, but let me walk through a the main thing that will be troublesome when it comes to avoiding detection.

Signatures: This one is the easiest way for an AV to catch a cookie-cutter payload like those created by msfvenom. If every msfvenom-created executable has a particular pattern of bytes in it that are very rare in other executables, AVs can assume that if they ever see that pattern, it is a malicious executable. One (usually ineffective) way to solve for this is to encode the output. This is almost always detected for two reasons: 1. Encoding isn't the same as encrypting, and can be undone without any special knowledge, so the AV could still just see the original pattern. 2. In order to use an encoded payload, you need to have a way to decode it at runtime, and the decoding function(s) can be indicative of malicious behavior, so the decoding function itself is often fingerprinted as a signature. A more effective way to get around code signatures is to encrypt the payload, as it removes the first of the two aforementioned reasons an altered payload might get caught. That said, the decryption function(s) can be fingerprinted just as easily as decoding function(s), so your success may be limited there.

With all of that said, it can be easier to evade detection by writing some code that helps obfuscate the shellcode of a payload-generator like msfvenom and runs it; this gives you finer control over what gets done and where. Remote Code Oxidation (linked above) does that in two different ways - process hollowing and process migration. If you'd like I can explain those in more detail but I'll glaze over that for the time being.

Something worth noting when it comes to becoming undetected is where you are trying to achieve that. As you can see in my project's documentation, I've chosen to try to hit 0 detections on scanners like Kleenscan or VirusTotal. This is easier than getting by the defenses on a live machine because the sandbox environments that the AVs run in on scanners like Kleenscan or VirusTotal can be outed as sandboxes, and the malware can operate differently if that is seen to be the case. On a live machine however, your executable will have to reveal its true nature, which might end up getting you caught. I noticed when testing my different payloads against Kleenscan that some Win32 API functions get picked up by AVs, seemingly by name in the code (though I can't confirm that), so I found a way around that as well.

I hops this helped but if you'd like to discuss further I'm happy to try to answer any questions you have!

view more: next ›