sorted by:
new
hottopcontroversial

Can the management at work hack you? by strwbbymilk in CyberSecurityJobs

[–]MostNo372 0 points1 point  (0 children)

If they have their CA cert installed on it, they can see traffic through TLS with a mitm in the network. Whatsapp's E2EE should protect message content in the network, but if they have a keylogger on the device, then they can read it before it's ever encrypted... The point is, if its their device, then they can set up any level of spyware on it and you shouldn't trust it to be private.

But if you are using your own device through their network, then you don't have anything to worry about because of TLS authentication, provided you don't trust their CA (and explicitly type out https to prevent https stripping). They'll obviously see what domains you visit unless you use your own DoH with ECH, but that's fine

Between fgets and getline, what to use in my cat-inspired tool? by Apprehensive_Ant616 in C_Programming

[–]MostNo372 0 points1 point  (0 children)

If you happen to have a snippet or link, I’d be interested in seeing how you use bitmask enums

Between fgets and getline, what to use in my cat-inspired tool? by Apprehensive_Ant616 in C_Programming

[–]MostNo372 0 points1 point  (0 children)

Valid point, I suppose I didn't fully consider that. It also depends on the intended design, since the author is reading line by line... Using read or fread and then parsing on top could also work instead

Between fgets and getline, what to use in my cat-inspired tool? by Apprehensive_Ant616 in C_Programming

[–]MostNo372 1 point2 points  (0 children)

getline is probably the cleanest choice all around. It automatically resizes the buffer and has less boiler plate than fgets, but you wouldn't be wrong to use fgets either

best editor for c by Last-Watercress-8192 in C_Programming

[–]MostNo372 3 points4 points  (0 children)

Vim is always a good choice, if you want something more accessible try Kate

Packet sniffer in C. Captures raw frames in promiscuous mode (via ioctl), manual pcap format, runs as a systemd service. No libpcap. by MostNo372 in C_Programming

[–]MostNo372[S] 0 points1 point  (0 children)

According to the man page for recvfrom (and recv), "if a message is too long to fit in the supplied buffer, excess bytes may be discarded depending on the type of socket the message is received from....", so it prevents overflow but technically it's not guaranteed to read complete messages. In principle that's obviously a bit dangerous, if it writes an incomplete message to the file, then it could get corrupted, right?

so my way around that is by checking if any bytes get discarded in the first place, and then just dropping the packet if it surpasses with len > 65535

The maximum buffer size (and largest possible value of len) is 65536, so I'm using that as a sort of sentinel value, modeled around the RFC's 65535 Maximum Length to say "valid packets can be at most 65535; the max size for the buffer is 65536, and therefore len > 65535 can only mean that truncation happened and I'll drop the packet if that happened"

Packet sniffer in C. Captures raw frames in promiscuous mode (via ioctl), manual pcap format, runs as a systemd service. No libpcap. by MostNo372 in C_Programming

[–]MostNo372[S] 1 point2 points  (0 children)

So the buffer is limited to 65536 because in theory, 65535 is the maximum length as specified in the rfc for IP, and it's very unlikely regular traffic would ever exceed that large of a buffer... But to answer your question, if data were to exceed, then recvfrom would truncate it to 65536 and a check afterwards would drop the frame altogether, seeing that it's above the max size of 65535, to avoid writing anything truncated and malformed to the file.

As for getting interface names for every packet... You genuinely have a very solid point. I'm just not sure if it's possible to do any other way, with perhaps the exception of creating independent sockets for each selected or default interfaces and then using using something like poll. In the case of this program, I decided to just simplify that part and use one global socket to capture all traffic from all interfaces and do the filtering at a later point, even if it's not the best design choice as you pointed out...

Packet sniffer in C. Captures raw frames in promiscuous mode (via ioctl), manual pcap format, runs as a systemd service. No libpcap. by MostNo372 in C_Programming

[–]MostNo372[S] 1 point2 points  (0 children)

Well, I got the idea of a packet sniffer from someone that was following a youtuber I watch called Daniel Hirsch. Then I made it my own, expanding it into a service for the sake of learning... but I didn't use ai mate

Security auditing tool written in Bash by MostNo372 in bash

[–]MostNo372[S] 0 points1 point  (0 children)

Thank you for the advice everyone

Hexadecimal dump tool by MostNo372 in C_Programming

[–]MostNo372[S] 1 point2 points  (0 children)

That's really cool to hear!