|
i assume the only reason why anyone would buy a pastebin pro account is so they could write messages on it to prove they owned the bits coin?
|
#
?
Jul 4, 2017 23:25
|
|
|
|
| # ? May 14, 2024 18:37 |
|
|
ate all the Oreos posted:i assume the only reason why anyone would buy a pastebin pro account is so they could write messages on it to prove they owned the bits coin? it's so they can leak winrar keys
|
|
#
?
Jul 4, 2017 23:48
|
|
|
It's pretty clever imo. I think we're going to see a shadowbrokers / guccifer 2.0 style disinformation campaign...
|
|
#
?
Jul 5, 2017 00:06
|
|
|
off the back of that wannacry/petya/whatever garbage a lot of security projects have been approved and funded where i work, one of which is LAPS which i'll be rolling out to our entire server fleet. i think some of ya'll have done the same, any gotchas to be aware of? TIA
|
|
#
?
Jul 5, 2017 04:51
|
|
|
oh yeah actual secfuck: today i found a couple of standalone windows servers in our environment that had their local Guest accounts enabled and they'd been added to the local Administrators group  oh and they also weren't being patched but that pales in comparison. pretty sure it was a former coworker who is responsible for that fuckery but he left about 3 months ago so i cant tear his trachea out.
|
|
#
?
Jul 5, 2017 11:07
|
|
|
cheese-cube posted:oh yeah actual secfuck: today i found a couple of standalone windows servers in our environment that had their local Guest accounts enabled and they'd been added to the local Administrators group 
|
|
#
?
Jul 5, 2017 11:48
|
|
|
i didnt think windows server even had a guest account
|
|
#
?
Jul 5, 2017 12:01
|
|
|
Shinku ABOOKEN posted:i didnt think windows server even had a guest account yeah it does but it's disabled by default out of the box. it does have situational uses but it blows up your surface area if you don't know what you're doing.
|
|
#
?
Jul 5, 2017 12:06
|
|
|
cheese-cube posted:he left about 3 months ago so i cant tear his trachea out. says who?
|
|
#
?
Jul 5, 2017 12:52
|
|
|
cheese-cube posted:he left about 3 months ago so i cant tear his trachea out. Look at this Pessimistic Pete over here, all I'm seeing is that he had a 3 months head start and probably didn't even realize that he needed to run.
|
|
#
?
Jul 5, 2017 13:19
|
|
|
What is a meaningful use of the Windows guest account?
|
|
#
?
Jul 5, 2017 15:11
|
|
|
EssOEss posted:What is a meaningful use of the Windows guest account? having guests log into it
|
|
#
?
Jul 5, 2017 15:12
|
|
|
EssOEss posted:What is a meaningful use of the Windows guest account? easy file sharing so any random computer can open \\server\files
|
|
#
?
Jul 5, 2017 15:18
|
|
|
here's a video of the police raid on MEDoc, the company that (likely unwittingly) spread the NotPetya malware https://www.youtube.com/watch?v=TY5f2fmwcDE
|
|
#
?
Jul 5, 2017 15:35
|
|
|
Perplx posted:easy file sharing so any random computer can open \\server\files pretty much that. the servers i was peeping were meant to operate as "guest print servers" that would host print queues and allow unauth anon access to them. guest being member of administrators is not a pre-req for that ofc...
|
|
#
?
Jul 5, 2017 15:41
|
|
|
spankmeister posted:here's a video of the police raid on MEDoc, the company that (likely unwittingly) spread the NotPetya malware i'm the oscilating fan pointing at the rack held in place by what looks light a money counter
|
|
#
?
Jul 5, 2017 16:05
|
|
|
spankmeister posted:here's a video of the police raid on MEDoc, the company that (likely unwittingly) spread the NotPetya malware im the assault rifle and 35lbs of tacticlol garbage necessary for raiding an office full of computer touchers
|
|
#
?
Jul 5, 2017 16:10
|
|
|
communism bitch posted:im the assault rifle and 35lbs of tacticlol garbage necessary for raiding an office full of computer touchers gotta run what ya brung
|
|
#
?
Jul 5, 2017 16:13
|
|
|
can anyone ID that fortinet firewall top-right visible top-right at 0:50? it's looks like some kind of mutant 300D
|
|
#
?
Jul 5, 2017 16:21
|
|
|
i'm the blur on the tech showing off the servers but ignoring the clear reflection of their face
|
|
#
?
Jul 5, 2017 16:26
|
|
|
fortinet apparently give zero fucks about their gear appearing in that vid https://twitter.com/Fortinet/status/882620985874173952 e: actually it's dumb piss who cares
|
|
#
?
Jul 5, 2017 16:36
|
|
|
Possibly a 200B? I used to have one that looked just like that but it's years ago so I'm only guessing.
|
|
#
?
Jul 5, 2017 16:47
|
|
|
pretty sure the B-series hardware still had the matte-black exterior and they didnae switch that up until the C/D series. the specific model is hard to place from that pic because on the left-side it has 2x2 grouped interfaces and on the right it has that expansion area but neither of those features match up with current models.
|
|
#
?
Jul 5, 2017 16:51
|
|
|
cheese-cube posted:pretty sure the B-series hardware still had the matte-black exterior and they didnae switch that up until the C/D series. the specific model is hard to place from that pic because on the left-side it has 2x2 grouped interfaces and on the right it has that expansion area but neither of those features match up with current models. http://m.ebay.com/itm/302365864019
|
|
#
?
Jul 5, 2017 17:27
|
|
|
lol this is good i've been looking for more reasons why im always wrong!
|
|
#
?
Jul 5, 2017 17:30
|
|
|
https://twitter.com/KateLibc/status/882644229901529089 and this is why we're doomed
|
|
#
?
Jul 5, 2017 18:05
|
|
|
JS has been the assembly of the web for a long time.
|
|
#
?
Jul 5, 2017 18:07
|
|
|
cheese-cube posted:pretty much that. the servers i was peeping were meant to operate as "guest print servers" that would host print queues and allow unauth anon access to them. guest being member of administrators is not a pre-req for that ofc... setup step 1:
|
|
#
?
Jul 5, 2017 18:09
|
|
|
Lain Iwakura posted:https://twitter.com/KateLibc/status/882644229901529089 nah not really. it's the crazy container dinguses that will truly doom us. making arbitrary execution infinitely portable with zero safeguards yeah that's something which will end well
|
|
#
?
Jul 5, 2017 18:16
|
|
|
cheese-cube posted:fortinet apparently give zero fucks about their gear appearing in that vid
|
|
#
?
Jul 5, 2017 18:23
|
|
|
yeah im poo poo at everything forever
|
|
#
?
Jul 5, 2017 18:25
|
|
|
What was it?
|
|
#
?
Jul 5, 2017 18:30
|
|
|
Lain Iwakura posted:https://twitter.com/KateLibc/status/882644229901529089 sorry grandma http://i.imgur.com/kqshHqz.gifv
|
|
#
?
Jul 5, 2017 18:36
|
|
|
cheese-cube posted:off the back of that wannacry/petya/whatever garbage a lot of security projects have been approved and funded where i work, one of which is LAPS which i'll be rolling out to our entire server fleet. i think some of ya'll have done the same, any gotchas to be aware of? TIA not really, its gr8.
|
|
#
?
Jul 5, 2017 18:38
|
|
|
Shinku ABOOKEN posted:sorry grandma https://www.youtube.com/watch?v=vfl33Tn0pYc
|
|
#
?
Jul 5, 2017 18:38
|
|
|
SeaborneClink posted:What was it? https://twitter.com/GarbageDotNet/status/882620748023476224 they still have it liked though
|
|
#
?
Jul 5, 2017 18:40
|
|
|
Wiggly Wayne DDS posted:essentially "look at this setup" and linking to https://youtu.be/FUyaItsRInQ
|
|
#
?
Jul 5, 2017 18:53
|
|
|
BangersInMyKnickers posted:not really, its gr8. thanks good to know. that's what i was leaning towards looking at the doco it's super simple. already did the schema extension earlier on, now just need to do ACEs, setup GPOs and get our SCCM dude to package the CSE. way too easy Wiggly Wayne DDS posted:essentially "look at this setup" and linking to cheese-cube posted:yeah im poo poo at everything forever
|
|
#
?
Jul 5, 2017 18:56
|
|
|
if my company ever did this i would hand in my resignation the next day
|
|
#
?
Jul 5, 2017 18:57
|
|
|
|
| # ? May 14, 2024 18:37 |
|
|
cheese-cube posted:off the back of that wannacry/petya/whatever garbage a lot of security projects have been approved and funded where i work, one of which is LAPS which i'll be rolling out to our entire server fleet. i think some of ya'll have done the same, any gotchas to be aware of? TIA It's cake, just don't be retarded and try to deploy the client to a domain controller.
|
|
#
?
Jul 5, 2017 18:58
|
|
