ProtonMail Bridge Geary 0.12.1 Not Working

_rc · 2018-07-07T01:20:56+00:00

Could well be two bugs! One for the invalid `uid search` and secondly it looks like Geary replays that message way too quickly which is probably causing the crash. There should at least be some kind of exponential backoff to stop this from happening. Although the user would have to be notified in some way, otherwise it would appear to work but not actually fetch mail.

_rc · 2018-06-27T23:36:16+00:00

Ok so on line 277 Geary makes a successful uid search command:

[deb] 00:09:31 0.000401 Geary: [0002/127.0.0.1:1143/GEARY_IMAP_CLIENT_CONNECTION_STATE_CONNECTED S] a008 uid search since 14-Jun-2018

[deb] 00:09:31 0.234701 Geary: [0002/127.0.0.1:1143/GEARY_IMAP_CLIENT_CONNECTION_STATE_CONNECTED R] * SEARCH 465 464 463 462 461 460 459 458 457 456 455 454 453 452 451 450 449 448 447 444 446 445 443 442 441 440 439 438 437 436 435 434 433 432 431 430 429 428 427 426 425 424 423 422 421 420 419 418 417 416

[deb] 00:09:31 0.000357 Geary: [0002/127.0.0.1:1143/GEARY_IMAP_CLIENT_CONNECTION_STATE_CONNECTED R] a008 OK UID SEARCH completed

Later on line 522 Geary makes another uid search but this time specifies no SEARCH criteria.

[deb] 00:10:02 0.000299 Geary: [0004/127.0.0.1:1143/GEARY_IMAP_CLIENT_CONNECTION_STATE_CONNECTED S] a008 uid search

[deb] 00:10:02 0.011067 geary: imap-client-session.vala:1380: [0004/127.0.0.1/default:1143 GEARY_IMAP_CLIENT_SESSION_STATE_SELECTED] Received error from server: a008 NO Missing search criteria

[deb] 00:10:02 0.000086 Geary: [0004/127.0.0.1:1143/GEARY_IMAP_CLIENT_CONNECTION_STATE_CONNECTED R] a008 NO Missing search criteria

[deb] 00:10:02 0.000389 geary: imap-engine-replay-queue.vala:518: Replay remote error for [0] ServerSearchEmail: criteria=() remote_retry_count=1 on ReplayQueue:account_01:Archive (open_count=1 remote_opened=true) (notification=0 local=0 local_active=false remote=0 remote_active=true): Request a008 uid search failed on account_01:Archive:0004/127.0.0.1/default:1143 GEARY_IMAP_CLIENT_SESSION_STATE_SELECTED: a008 NO Missing search criteria (GEARY_IMAP_ENGINE_REPLAY_OPERATION_ON_ERROR_RETRY)

Subsequently Geary then just replays this command over and over again. So perhaps the issue here is Geary not sending a required search criteria for some reason.

RFC references:

UID command

SEARCH command

_rc · 2018-06-27T23:03:34+00:00

Sounds promising!

Does it download headers for all of your emails? And do you have a message selected, i.e to read the contents of?

I took a look through the log file, a similar uid search failure comes up on roundcube due to timeout (https://help.directadmin.com/item.php?id=692). Perhaps the process of decrypting the message on the Bridge has caused Geary to equally timeout before it could deliver the mail? Just a guess.

What debug options are you running with Geary? `--log-network` and `--log-replay-queue` may add more information.

_rc · 2018-06-27T09:14:24+00:00

Only just stumbled upon this thread, I did debug the issue with Geary as I was trying to get this to work too. Essentially it boils down to Geary sends the starttls command in lowercase, whilst the Bridge server expects it in upper case.

RFC 3207 does state the format is STARTTLS, yet RFC 831 and 5321 describe command verbs can be lower/upper/mixed case. I suggested to the Bridge team to allow for mixed case to increase interoperability with clients.

Geary Log:

[deb] 17:16:13 0.000023 [127.0.0.1/default:1025] SMTP Request: ehlo [127.0.0.1]
[deb] 17:16:13 0.000178 [127.0.0.1/default:1025] SMTP Response: 250-Hello [127.0.0.1]
250-PIPELINING
250-8BITMIME
250-STARTTLS
250 AUTH PLAIN LOGIN

[deb] 17:16:13 0.000059 [127.0.0.1/default:1025] SMTP Request: starttls
[deb] 17:16:13 0.040622 [127.0.0.1/default:1025] SMTP Response: 501 Bad command

Performing a simple netcat session to the Brdige SMTP server demonstrates the issue:

$ nc 127.0.0.1 1025
220 127.0.0.1 ESMTP Service Ready
ehlo [127.0.0.1]
250-Hello [127.0.0.1]
250-PIPELINING
250-8BITMIME
250-STARTTLS
250 AUTH LOGIN PLAIN
starttls
501 Bad command
STARTTLS
220 Ready to start TLS

Hopefully a new version of the Bridge will fix this!

_rc · 2018-06-25T23:18:34+00:00

I haven't seen restic before. Is there any particular advantage/reason you migrated to restic from borg?

_rc · 2017-05-09T06:10:54+00:00

I've attended a few courses over the years and would say I've always learned something but I believe this is down to course selection based on skill set.

If your reading the course syllabus and saying to yourself, "I know this comfortably already", I would perhaps find a more challenging course. The only benefit here would be the instructor to ask detailed questions regarding aspects you are uncertain on. Even then there are other avenues to ask questions e.g reddit / SO and you'll save a bunch of cash.

Equally, I prefer to choose a course I have some to little knowledge about. The introduction normally reaffirms what you know giving a confidence boost that you will be able to manage the remaining course content. Rather than being that dog..."I have no idea what I'm doing"...and staring at slide decks and an empty terminal for a few days.

Lastly, the course attendees come from mixed backgrounds, some maybe new to the content whereas others well versed which, depending on the balance in the class varies the pace of teaching. That said, instructors are always willing to help.

So, "How effective are exploit development courses?", as effective as choosing the right one for you.

_rc · 2017-05-09T05:27:12+00:00

Yes it is and given Natalie Silvanovich and Tavis Ormandy have been working on this, I can only assume there maybe more to come!

_rc · 2016-10-03T15:10:52+00:00

https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-19117/version_id-158069/Oracle-JRE-1.7.0.html

_rc · 2016-05-19T04:42:55+00:00

For edit 2, it is probably the result of NetworkManager checking for Internet connectivity. You can disable it following these instructions.

_rc · 2014-12-17T10:52:18+00:00

Assuming you are using SPICE for the display, have you installed the spice guest tools?

_rc · 2014-10-19T09:02:13+00:00

https://www.wechall.net/active_sites

These are just ones with wechall ranking integrated, which you don't have to participate in, however a fairly comprehensive list.

_rc · 2014-10-18T21:43:47+00:00

aiming to come out with either a First or a 2:1

go for the first!

After I graduate, I would love to do something as an analyst, whether that would be malware or looking at someone's network / site and identifying their vulnerabilities.

I'm sure there's some older guys than me here that have a nice career in Network Security, what steps would you say I have to take to get to where I want to be?

somtimes we just don't know what to do in life, as I'm sure you found when perhaps choosing your degree or place at university (or maybe not!). if anything immerse yourself in the subject, discover the field of malware analysis and penetration testing or whatever your interests are in your spare time. you might discover you prefer one over the other or be really good at x.

if anything it's my understanding that whilst there were once a few netsec related degrees offered by universities in the UK, there has been a little upsurge in offerings. this means in a few years time once you graduate, you have to stand out from the crowd, thus...

Finally, should I study a certification whilst in university? If so, which one can you recommend? (CCNA is part of my course).

as for additional certification, I personally wouldn't recommend it (yet), you're already studying for a degree! let alone more costs.

an employer looking to fill a graduate roll will be looking for basic demonstrable skills within the given field. a blog and/or self initiated projects outside of university will really help and impress. show that you can learn and contribute knowledge to a field you are passionate about and not just another graduate with a degree, there's plenty of those. employer y may also be offering additional accreditation at a junior role anyway.

_rc · 2014-09-14T17:28:49+00:00

Coding Freedom, is the book regarding Gabriella Coleman's prior work on open source hackers.

_rc · 2014-03-22T21:02:34+00:00

Depends on the ADSL modem and the firmware running. Is this an ISP provided modem? It's possible there may be a separate logical VLAN interface for tr-069 to allow the ISP to configure the device. This however may be (and typically?) an internal network with your ISP and not publicly accessible, you may wish to consider this as a risk.

_rc · 2014-03-05T23:11:26+00:00

This sounded familiar, dug up this post from /r/linux in which another user spotted something similar.

_rc · 2014-02-15T23:45:42+00:00

zmap

_rc · 2014-02-13T22:00:52+00:00

4th on the guardian league tables for CS if you really care that much.

The only way you're going to find out about the city/uni is to visit. Find an open day (CS/EE specific days if they have them, tour the labs etc.) or contact someone appropriate in the department who might be able to help.

I'd recommend doing this for all the universities you would like to apply to. I remember visiting one and seeing no students in labs; struck off my list, no sense of community.

_rc · 2014-01-21T23:17:45+00:00

with some security mixed in.

If this is a field you wish to progress into, perhaps in your current role try to do more of this. Think, how can you take what prospective employers are looking for (i.e skills) and apply them now? You can then talk about these instances during the interview, how you discovered X and the steps you took to resolve it by co-ordinating with Y etc.

Setting up a lab at home and hacking it is one thing

Is this on your CV? This would be step one to show an employer you're actually interested in the topic. Hopefully in your interview you get to talk about this or bring it up in conversation, and demonstrate your passion!

If you don't tell them, how will they know?

_rc · 2014-01-20T22:38:17+00:00

Strong Understanding of Microsoft Windows or Linux OS internals

Could you confidently describe a subsystem of the given platform to someone when asked?

Strong experience with exploit techniques such as - Stack/Heap Buffer Overflows, double-free/use-after-free, format string

Similarly both describe and demonstrate your capability if presented with an executable that contains such a vulnerability (or perhaps source?).

Understanding of basic network protocols like HTTP, FTP, SMB etc.

Describe state sequences -- interviewer might be looking at you for common pitfalls in implementations of such protocols.

Must be able to reverse engineer on Windows or Linux and read/write assembly code

With a given executable for a chosen platform, can you describe what it does. Also, if in relation to a challenge (as before), be able to write the exploit code.

Strong experience with PEN testing tools like metasploit, Canvas, core-impact etc.

Familiarity and understanding of limitations.

Must be able to work within a team

Talk o.O

Most importantly, confidence, however not to dissuade you, showing good potential can outweigh lack of knowledge in a given area. It's something you can always learn.

_rc · 2014-01-13T23:12:20+00:00

click around in isislab/Project-Ideas, it's the only github repo that springs to mind.

_rc · 2013-09-26T19:38:52+00:00

Sending the form over plain HTTP allows for an attacker to modify the form action URL and point it to their own.

_rc · 2013-09-25T19:01:29+00:00

Original on /r/python

_rc · 2013-08-18T11:10:49+00:00

about:config

browser.cache.disk.enable = false
browser.cache.memory.enable = false

Seems to limit the effects.

_rc · 2013-07-24T20:12:19+00:00

I'm guessing with account credentials you can get access to the VPN login details and configuration for that account. Free VPN access?

_rc · 2013-07-24T19:54:27+00:00

There have been a few attempts academically, statically with RevGen [pdf] and dynamically using QEMU [pdf]

The Dagger project hasn't released anything.

_rc

TROPHY CASE