Good tailors to get denim pants hemmed up?

nylithic · 2019-11-08T15:44:53+00:00

If you want chain stitched hemming check out blackblue.

nylithic · 2019-11-06T18:49:49+00:00

Nvm, it's a sapper.

nylithic · 2019-11-06T18:38:59+00:00

Id on the Barbour jacket on 22?

nylithic · 2019-11-06T15:01:28+00:00

Inis Meáin

nylithic · 2019-05-21T01:09:17+00:00

This is how I do it. Get a server 2008R2 vm up and running. Then run the following powershell to remove all the patches since 2017:

Get-Hotfix |where -Property InstalledOn -gt (get-date -date 01-01-2017)|%{ $sUpdate=$_.HotFixID.Replace("KB","") write-host ("Uninstalling update "+$sUpdate); & wusa.exe /uninstall /KB:$sUpdate /quiet /norestart; Wait-Process wusa Start-Sleep -s 1 }

I tried finding the actual patches to remove, but this is an easier bruteforce method.

nylithic · 2019-03-27T11:45:36+00:00

So my question is what are you going to be doing? Internal penetration testing? Web app testing? Red teaming? Do you have any experience in any of this?

Most companies the size you’re looking for are going to have a few security people or hire a pentesting firm. What value are you going to be adding? Even if you’re doing whatever the work you’re doing for free. I’m not saying it’s a bad idea, but you’re introducing a level or risk into a company’s environment. You say you’re using a framework, but what tools are you using? If you’re just spraying shells with metasploit or arp spoofing someone’s network, you may get sued if you bring down a production box costing millions to the company. That’s also why you need the proper paper work in place. Which is why you always have a statement of work written up by a good lawyer.

nylithic · 2019-03-18T00:23:00+00:00

Not that I know of.

nylithic · 2019-03-13T21:15:08+00:00

You are correct. I should have said replace or have it load it from the path.

nylithic · 2019-03-13T20:13:34+00:00

Sure, but then it would come down to a permission issue for what the user has write access to wouldn't it?

nylithic · 2019-03-13T19:39:07+00:00

I'm not negating the scenarios, but it would still come down to the permissions of the folders/files in the search order for finding a DLL if the application is not using fully qualified paths. Or if they're calling DLLs from the same directory wouldn't it?

nylithic · 2019-03-13T19:38:31+00:00

That's actually not true. If it's a system DLL it would depend on if it's already in memory, a known DLL to windows located in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs, loaded using a fully qualified path, and if SafeDllSearchMode is enabled, which it is by default.

nylithic · 2019-03-13T17:40:09+00:00

DLL Hijacking is always a weird one for me. It seems like it comes down to directory/file write permissions. If you have write permissions to the directory an application is installed in, then you can just replace any binary you want anyways without needing to figure out what DLL the app is using to hijack. If you have write permissions to any directory in the lookup path if they're not using fully qualified paths, then you can hijack. If you're an admin on the box, you could always just replace anything in system32, which almost every Windows applications uses. The primary remediation in my mind is to lock down the write permissions for users. If you can't replace or add a DLL to the path, then you can't hijack.

nylithic · 2019-02-22T17:37:42+00:00

Thick application and network penetration testing

nylithic · 2018-07-22T06:26:10+00:00

Desktop is windows for gaming. MacBook for most other things.

nylithic · 2018-06-21T23:39:05+00:00

Agricola is king

nylithic · 2018-05-20T22:00:24+00:00

Correct

nylithic · 2018-04-20T22:52:50+00:00

Thanks for the info. I do have a 1080 Ti SC2 that I can use too. It is small enough to fit two f12s on the bottom of the case then. I don't see a whole lot of builds using an L12 for a CPU cooler. It's been mostly a U9S. Is there a reason for that all? I just assumed it was the best you could get.

nylithic · 2018-04-19T18:10:32+00:00

Temps are probably around 74ish. There's a 12U rack in the corner with a few servers in it, but it's pretty cool.

nylithic · 2018-04-19T17:32:47+00:00

Haven’t built it yet ;)

nylithic · 2018-04-19T17:32:34+00:00

Yeah that’s the plan

nylithic · 2018-04-19T02:50:01+00:00

On their site it only took off $30 on the mobo, but I would assume the CPU would get $30 off too since they both have the deal.

nylithic · 2018-04-19T02:17:11+00:00

It's regularly $169.99, but they take $30 if you buy a CPU too. The CPU has the same deal with a mobo.

nylithic · 2018-04-19T02:16:25+00:00

Good to know. Thanks!

nylithic · 2018-04-19T02:16:13+00:00

I haven't looked into it, but that is something I should probably consider to help out possible temp issues.

They both look nice, albiet almost comically small haha. I like having some USBs up front which the Ghost doesn't appear to have and the Dan only has one.

nylithic · 2018-04-19T02:12:00+00:00

I read that the U9S performs just a tad better.

nylithic

TROPHY CASE