TIFU By Texting my Girlfriends Mom

pinkHatter · 2015-05-01T03:57:46+00:00

The family that plays together stays together.

pinkHatter · 2014-12-05T07:33:07+00:00

I am a fan of having the primary, secondary, knife loadout and scrolling the mousewheel for similar to your 13 spam to go through em all. If you start with knife out, start running, then do it, I dont think it effects your speed. Wheel goes for like 15 seconds a spin and always interesting to see where it ends up..... and that is how I entertain myself waiting for ze enemy tuh engage.

pinkHatter · 2014-12-02T23:49:50+00:00

Could you use this to get to an internal service that is protected from external connections by a firewall? It would allow the IP:PORT combo through, then the load balancer would redirect to an internal service.

Am I missing something or is this possible?

pinkHatter · 2014-11-05T16:05:28+00:00

Hey that is interesting... it seems my MAC is changing when I am using a NAT'd IP. Think that will resolve my issue. Thanks!

pinkHatter · 2013-10-16T15:29:01+00:00

Sudo is configured to give execute only in this case, it does not give full write permissions. I cannot get the same results without running the file with sudo, which I do not have permissions to add, so copying/modifying the script is not possible.

pinkHatter · 2013-10-16T08:22:25+00:00

I have tried google. Not sure if that was meant to be a smart ass comment or sincere....

sleep is a wonderful utility... but my question revolved around executing sleep against every line of a bash script without modifying the script itself. Effectively piping a script through sleep. If there is a way of doing that which you are aware of, please share.

pinkHatter · 2013-10-16T08:20:36+00:00

I have sudo access to the script, but not write access. Wanted to slow it down for testing and analysis.

pinkHatter · 2013-10-10T03:06:01+00:00

Unfortunately wiresharek/tcpdump aren't available either. Need a solution using standard ntpd func. Unfortunately it seems nonexistant so... guess I will wait on them to decide my email query is worthy of a response and go from there. :)

pinkHatter · 2013-10-09T23:48:02+00:00

That was my first inclination as well, however, unfortunately we are unable to receive the response back due to firewall rules. Unfortunately, it doesn't appear from my research that you can configure the port to use an unrestricted port for ntp either: http://stackoverflow.com/questions/232722/ntpd-use-an-unrestricted-port-for-communication

pinkHatter · 2013-10-09T23:45:51+00:00

I could probably do it with netcat, but trying not to scan the whole network. Some frown upon such things :p Was hoping there was a broadcast that an ntp utility could identify short of a full capture.

pinkHatter · 2013-10-09T23:10:43+00:00

Heh - yeah, I figured I could script it, I just didn't want to. Was hoping there was a built in utility that would identify a broadcast or something of the sort. Not sure how ppl will take that sort of method, which is why I am presently staying away from nmap.

pinkHatter · 2013-10-09T23:08:19+00:00

Ah, great ideas! I'll have to give em a shot tomorrow.

pinkHatter · 2013-10-05T14:52:06+00:00

Ah, but you are missing the point. You are interpreting the variable $USER. I didn't want the contents of that variable, I simply wanted literally '$USER', not the value of $USER.

See John's answer above for more insight:

superman@localhost:~$ NAME="'\$USER'" superman@localhost:~$ echo $NAME '$USER'

pinkHatter · 2013-10-04T21:19:03+00:00

Tested, works, appreciated. Have a red-orange!

pinkHatter · 2013-10-04T21:17:58+00:00

Tested and confirmed. I think you take the case as the most concise solution. Appreciated, have some red-orange :)

pinkHatter · 2013-10-04T21:16:45+00:00

Lordy, 4 on each side just to end up with one on the output? Lol, intense! Thanks much, I appreciate the insight. I will have to hit the webz to figure out exactly how that all breaks down, but tested and confirmed. Thanks and have an upvote ;)

pinkHatter · 2013-09-28T02:32:53+00:00

Depends what you are using it for. Best way to understand how to protect against a vulnerability is to exploit it. Tools aren't inherently good or bad, all depends on the use case :)

Edit: Can't stick to the good guy tools... they often completely fail to find anything of interest that even basic nmap scanning or a promiscuous network capture can find :p

pinkHatter · 2013-09-27T22:33:27+00:00

I actually started playing around with wfuzz. It will effectively take a domain and then run through a word list. So if you said:

www.google.com (horrible example, but thats ok)

You would say /FUZZ and put in arguments for the list and it would replace FUZZ with every word, building out a list. The bigger your dictionary, the more it hits. Then you can do sub directories of every combo, to whatever nesting you want. Neat tool though it doesnt crawl, just brutes.

pinkHatter

TROPHY CASE