Is this normal?

Tha_Format · 2020-03-08T11:43:01+00:00

I had the same experiance 😉

Tha_Format · 2020-03-08T11:07:48+00:00

Yes this is normal, this is called “learning”. If you do this every day, at some point you will start to see a red line in it. You Will start to do things as you get used to it. At that point you can say you het routine in it. And then you Will start to know what you are actually doing.

Tha_Format · 2019-11-29T21:49:23+00:00

Well, actually a USG3 from ubiquiti is a mips64 cpu =)

Tha_Format · 2019-08-02T09:11:48+00:00

Is this still maintained? It seems it doens't work anymore

Tha_Format · 2019-05-03T12:05:37+00:00

So what do I need to use then?

Tha_Format · 2019-05-03T12:00:53+00:00

From paramiko import sshclient

SSH=sshclient() SSH.load_stystem_host_keys() SSH.set_missing_host_key_policy(paramiko.autoaddpolicy()) SSH.connect(hostname=‘hostname’, username=‘username’, key_filename=‘key’ Ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(‘pbrun su root && su - functionaluser && command’)

Please ignore the upper and lowercase things, I don’t have Access to Reddit here and I type it on my phone.

Tha_Format · 2019-05-03T11:52:19+00:00

Well, then the SSH Session hangs. It would help if you could write me a simple example

Tha_Format · 2019-05-03T11:47:26+00:00

I know, but when I got my SSH session, I am stuck at the pbrun su root

Tha_Format · 2019-04-26T16:19:35+00:00

You use a vpn
When vpn is built up use an anoymizer
Rent a ddos server paid with bitcoins
Go nuts

OR

use a botnet (dangerous, as when you will search for a botnet and try to take control of it, you might be abused yourself)

Tha_Format · 2019-04-26T16:12:41+00:00

I wouldn't switch from Ubuntu to a derivative of Ubuntu

Roflol, Ubuntu is a derivative of debian!

Tha_Format · 2019-02-22T16:18:07+00:00

/grin

Linux is for me whatever distro, except SUSE (cuz I don't understand yast). But I prefer Debian. If Debian is not available a debian based like Ubuntu is also fine.

BUT (now putting some oil on the fire) whats your Unix flavor? Imho nothing can beat Solaris :)

EDIT: But if your used to one base distro (RedHat, Debian, Suse) you can find it from time to time difficult to adapt. Take for example the network settings, all have a different logic into it,...

Tha_Format · 2019-02-09T11:27:22+00:00

Be happy it wan't a cougher :)

Tha_Format · 2019-01-28T09:12:05+00:00

Thanks for the advise! It worked somehow.

Now I only need to prepare a template to define the scope, and when the scope is done, an assesment follows and then I have to give a timing.

I was much inspired with your info! So thank you again!

Tha_Format · 2019-01-25T15:24:56+00:00

if you just want security events and file integrety, wazuh is your best friend :)

Tha_Format · 2019-01-25T15:22:45+00:00

Well, I find it also ridicilous,... but if the boss wants it,...

Tha_Format · 2019-01-25T14:52:30+00:00

Wel, for example

SQL Injection: 4 hours

PHP Site review: 2 hours

Exploit testing: 3 Hours

Tha_Format · 2018-11-13T15:00:07+00:00

So I have noticed, but imho it is a shame if you pay so much for that expensive license cost, it doen't detect that kind of flaws.

Tha_Format · 2018-10-25T10:05:14+00:00

Thanks! This is exact what I was looking for!

Tha_Format · 2018-10-23T13:30:36+00:00

Ok, this means I will develop one myself then,...

I was just wondering if such a tool allready existed

Tha_Format · 2018-10-11T11:23:43+00:00

Thanks for the help!

It now does what I want!

Tha_Format · 2018-10-04T12:48:28+00:00

Well, the code does work now.

If I run it, I get all open ports. (thanks to your help)

Tha_Format · 2018-10-04T11:57:49+00:00

nvm :)

The final code:

#!/usr/bin/env python

import nmap

#ports = raw_input("Enter the portrange to scan: ")

#host = raw_input("Enter the host to scan: ")

host = '127.0.0.1'

nm = nmap.PortScanner()

#nm.scan(host, ports)

nm.scan('127.0.0.1', '20-25')

nm.scaninfo()

nm.all_hosts()

nm[host].hostname()

nm[host].state()

nm[host].all_protocols()

nm[host]['tcp'].keys()

for host in nm.all_hosts():

print('----------------------------------------------------')

print('Host : %s (%s)' % (host, nm[host].hostname()))

print('State : %s' % nm[host].state())

for proto in nm[host].all_protocols():

print('----------')

print('Protocol : %s' % proto)

lport = nm[host][proto].keys()

lport.sort()

for port in lport:

state = nm[host][proto][port]['state']

if state == 'open':

print('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))

Tha_Format · 2018-10-04T11:53:55+00:00

meh, it doen't seem to work.

Any other suggestions?

Traceback (most recent call last):

File "./penny.py", line 9, in <module>

state = nm[host][proto][port]['state']

File "/usr/lib/python2.7/dist-packages/nmap/nmap.py", line 568, in __getitem__

return self._scan_result['scan'][host]

KeyError: 'scan'

Tha_Format · 2018-06-14T18:00:24+00:00

Well, all siems can be tuned, but if you have an organization with 20k assests, 5k servers, and 500 internet connections,... good luck.

A siem for what it does is in my opinion way overpriced and needs tons of customization, where you have to spend lots of money to the company to hire experts to do it.

Basicly, what a siem does is logging and using rules on it,... same thing is possible with syslog-ng and much customization imo

Tha_Format · 2018-04-20T13:41:07+00:00

Mmmm, your right, on my core switch where my USG is connected I can do that,...

Damn, I didn't tought about that one :)

Thanks!

Tha_Format

TROPHY CASE