|
abigserve posted:this seems hideously unprofessional it's called being horny on main
|
# ? Jan 25, 2019 12:30 |
|
|
# ? May 19, 2024 18:40 |
|
Shame Boy posted:nah they're talking about the second item, not the knot gag. the second item is in fact an ovipositor, complete with egg mold for making your own gelatin eggs It's a bit of a stretch to call DEFCON a "professional" industry conference, but yeah. Still a bit much.
|
# ? Jan 25, 2019 12:38 |
|
Proteus Jones posted:It's a bit of a stretch to call DEFCON a "professional" industry conference, but yeah. Still a bit much. yeah I’m a bit surprised that DEF CON furs is organized enough to have a budget and tax classification but it’s far from the first or last organization I’d expect to see at DEF CON less weird and off putting than the “stripper con” types
|
# ? Jan 25, 2019 13:13 |
Cocoa Crispies posted:yeah the what now
|
|
# ? Jan 25, 2019 13:48 |
|
hackbunny posted:dumpbin (part of visual c++) can do the static part. the nx/dep part is easy, just dump the executable sections: Okay, so maybe you can help validate some theories I have as to what's going on One of my vendors started seeing their code get terminated for SEHOP faults. It got run through their dev shop who determined that because they are compiling with SafeSEH, SEHOP is redundant and they've modified their code to do a SEHOP optout. After reading through the MS documentation on SafeSEH and SEHOP, it seems that they are correct*, with a couple caveats. I dumped the process in question to get all its supporting dll's and ran them through Get-PESecurity and confirmed that everything was being compiled with SafeSEH (and DEP) so that's good, but now the question I keep coming back to is how the hell did this thing manage to those SEHOP errors if it was SafeSEH compiled in the first place. My working theory is some kind of memory leak was resulting in exception handler addresses being overwritten by garbage and since SEHOP does regular walking of the exception handler chain looking for breaks, it caught it before an actual exception was throwing forcing the code to execute that path. This assumes that they are putting exception handler code in addresses flagged as writable which seems like a no-no to me, shouldn't that be immutable code? With SEHOP disabled, I think one of two things are going to happen: 1. Assume they configured the SafeSEH tables correctly, the corruption happens and just stays there until an exception is thrown and it goes down the exception chain to the break where something doesn't match the SafeSEH table and hopefully the program crashes at that point? 2. They populated the SafeSEH table with every/most allocated addresses in the heap to cheat and SafeSEH is only going to catch random crap being overwritten in exception handler addresses and not stop a determined attacker. This is the first time I've dealt with a SEHOP error that wasn't either an immediate crash at startup because the code was compiled with a broken exception handler chain or an actual attack attempt that was correctly terminated by the control and I'm a little out of my depth and trying to give myself a crash course on this stuff.
|
# ? Jan 25, 2019 14:42 |
|
"look, being a furry isn't a weird sex thing, it's just a fun subculture ha ha!" doesn't seem to square with raffling off sex toys but go off kings
|
# ? Jan 25, 2019 14:49 |
|
Proteus Jones posted:It's a bit of a stretch to call DEFCON a "professional" industry conference, but yeah. Still a bit much. i mean don't most people who go do so because work paid for it? i think it sorta counts just based on that to be fair they are managing it fairly well - to see the things you have to hit a "show NSFW prizes" button on their raffle web page - but it definitely feels like a case of the ol' "nerds don't understand why other people might have a problem with sexuality being everywhere all the time"
|
# ? Jan 25, 2019 16:41 |
|
Shame Boy posted:i mean don't most people who go do so because work paid for it? i think it sorta counts just based on that The cost of DEFCON is not out of reach for most people. I paid my own way for years. Then when I worked at $BIG_BANK, they sent me to Black Hat every year and I just stayed the extra days to go to DEFCON and expensed it.
|
# ? Jan 25, 2019 18:50 |
|
cinci zoo sniper posted:the what now flyover dipshits that think Vegas is an adult playground instead of an over stimulating capitalist hell Proteus Jones posted:The cost of DEFCON is not out of reach for most people. I paid my own way for years. Then when I worked at $BIG_BANK, they sent me to Black Hat every year and I just stayed the extra days to go to DEFCON and expensed it. get work to pay for ccc events imo, they’re more fun than black hat
|
# ? Jan 25, 2019 19:16 |
|
Shame Boy posted:nah they're talking about the second item, not the knot gag. the second item is in fact an ovipositor, complete with egg mold for making your own gelatin eggs furries know what they like, I guess
|
# ? Jan 25, 2019 19:30 |
|
fisting by many posted:deleted, must have been a typo or something, I think this is the update The deleted tweet mentioned that some of these devices can be found on Shodan.
|
# ? Jan 25, 2019 20:43 |
|
Cocoa Crispies posted:flyover dipshits that think Vegas is an adult playground instead of an over stimulating capitalist hell yeah as a flyover dipshit vegas sucks. the place is dirty as hell and the populace is disgusting. that said, my first work trip was there for CES and I ended up dropping a grand at the strip club near my hotel. I was so hungover the next day that at CES someone thought I had spilled beer all over myself. (it was just my pores)
|
# ? Jan 26, 2019 00:16 |
|
the question is above my pay grade for now, sorry. I'm not even entirely sure how SEHOP and SafeSEH work, but I'll look into them and see if I can make sense of the issue or at least tell you if your theories are viable in the meantime see if you can get crash dumps for the faults. are the devs familiar with windbg? because running the !address extension on a good dump should answer all their questions
|
# ? Jan 26, 2019 00:34 |
|
|
# ? Jan 26, 2019 21:31 |
|
looool I'm going on vacation and the hotel concierge offered to take care of the ski rentals and lift tickets for me, saying I'd get a link to an online payment gateway. When I took them up on it, this is what they sent, and told me to email back:
|
# ? Jan 26, 2019 22:42 |
|
I should note that this is part of Marriott. You know, the company that just had a massive data breach.
|
# ? Jan 26, 2019 22:44 |
|
that's why they're telling you to fax it, duh.
|
# ? Jan 26, 2019 23:08 |
|
January 11, 2015?
|
# ? Jan 26, 2019 23:21 |
|
https://twitter.com/BSidesLV/status/1088901048985518080?s=19 For those of you planning to attend
|
# ? Jan 28, 2019 03:16 |
|
oh hey my company's sales department got (unsuccessfully) spear phished, neat. i guess that means we're a Real Actual Company now
|
# ? Jan 28, 2019 17:46 |
|
https://twitter.com/x0rz/status/1089101900069384192
|
# ? Jan 28, 2019 18:31 |
|
Im sure this is a dumb question and maybe not specific to this thread but i dont know where else to ask it. Does anyone have any resources/courses for reverse malware and digital forensics? Looking to brush up a bit
|
# ? Jan 28, 2019 19:03 |
|
ZeusCannon posted:Im sure this is a dumb question and maybe not specific to this thread but i dont know where else to ask it. Does anyone have any resources/courses for reverse malware and digital forensics? Looking to brush up a bit The SANS series of courses are pretty decent and sort of the industry standard.
|
# ? Jan 28, 2019 19:13 |
|
Yeah i was looking into those but unlikely to have the wherewithal to pay for something like that so figured id ask if there was anything else that would be suitable to give basics.
|
# ? Jan 28, 2019 19:30 |
|
ZeusCannon posted:Yeah i was looking into those but unlikely to have the wherewithal to pay for something like that so figured id ask if there was anything else that would be suitable to give basics. Oh I see. Well in that case you're probably better off with self-study, by buying a couple of books and starting to reverse-engineer malware samples. Basically if you can't get an employer to pay for them, I wouldn't do it. They're not valuable enough to pay for them yourself imo. Here are two good books about reverse engineering https://nostarch.com/malware https://nostarch.com/idapro2.htm
|
# ? Jan 28, 2019 19:32 |
|
ZeusCannon posted:Yeah i was looking into those but unlikely to have the wherewithal to pay for something like that so figured id ask if there was anything else that would be suitable to give basics. If you can't steal it, you probably aren't going to be very good at it.
|
# ? Jan 28, 2019 19:33 |
|
Haha true enough
|
# ? Jan 28, 2019 20:50 |
|
2019: session management is still a dark art
|
# ? Jan 28, 2019 21:20 |
|
while waiting in the parking lot of my wife's office today i noticed that there was an open, unprotected wifi network... ...called "WiFi_ODBII"
|
# ? Jan 29, 2019 01:12 |
|
https://twitter.com/hshaban/status/1090050364148207627 apple has had some impossibly bad and silly bugs in the last year but this one might take the cake edit: drat the admin login thing was 2017 time has no meaning anymore
|
# ? Jan 29, 2019 01:57 |
|
Shame Boy posted:while waiting in the parking lot of my wife's office today i noticed that there was an open, unprotected wifi network... ol dirty bastard lives!
|
# ? Jan 29, 2019 02:31 |
|
Midjack posted:ol dirty bastard lives! This is probably a transpositional error, they probably meant to name it “OBD II” meaning “On Board Diagnostic II” which is the standard used to communicate engine data. It seems likely that the wireless network is from an “OBD dongle” and connecting to it would not provide access to broader information networks (e.g. the Internet)? H T H !
|
# ? Jan 29, 2019 02:49 |
|
Shame Boy posted:while waiting in the parking lot of my wife's office today i noticed that there was an open, unprotected wifi network... dump the VIN to find the owner
|
# ? Jan 29, 2019 02:50 |
|
CRIP EATIN BREAD posted:dump the VIN to find the owner wifi range and a vin decoder would narrow down to almost the specific car
|
# ? Jan 29, 2019 02:54 |
|
https://twitter.com/waxpancake/status/1090042151910526976
|
# ? Jan 29, 2019 03:21 |
|
rip that qa team
|
# ? Jan 29, 2019 03:31 |
|
how is that even possible?
|
# ? Jan 29, 2019 03:41 |
|
oh. I know what it is. gently caress face idiot jonny ives decided he wanted you to see the live video of who was calling you so to make that work it creates the session setup required for the call even if you don't accept. e: whatever code handles the event for adding a new party to the call is probably below the phone ui so theres no checking to see if the user accepted the call. it assumes that because theres an active call the user picked it up even though the UI automatically picked up in order to display the incoming video. Shaggar fucked around with this message at 03:46 on Jan 29, 2019 |
# ? Jan 29, 2019 03:42 |
|
I wonder if people who normally don't get a lot of facetime calls are suddenly getting a lot of them right now.
|
# ? Jan 29, 2019 04:04 |
|
|
# ? May 19, 2024 18:40 |
|
Shaggar posted:oh. I know what it is. gently caress face idiot jonny ives decided he wanted you to see the live video of who was calling you so to make that work it creates the session setup required for the call even if you don't accept. You mean Google Duo?
|
# ? Jan 29, 2019 04:08 |