|
|
# ¿ Apr 8, 2016 19:15 |
|
|
# ¿ May 22, 2024 15:29 |
|
Captain Foo posted:Root of thread trust chain posting looks like we found the first vulnerability of this thread lol
|
# ¿ Apr 8, 2016 19:20 |
|
Powercrazy posted:What is the public PGP key of this thread so I know I'm getting an authenticated yospos security fuckup experience? FCKGW
|
# ¿ Apr 8, 2016 19:21 |
|
can someone add me to their gang tag list?
|
# ¿ Apr 9, 2016 23:33 |
|
Subjunctive posted:IDK how long it takes to clear whatever cache of things and stuff, but: thanks subj just gotta wait for the cache to clear
|
# ¿ Apr 10, 2016 20:19 |
|
spankmeister posted:Umm there are 35 trillion 184 billion 372 million 88 thousand 832 /48 blocks in the currently allocated ipv6 address space that's a lot of Internet of poo poo devices to connect
|
# ¿ Apr 11, 2016 18:41 |
|
OSI bean dip posted:Happy Badlock Day!
|
# ¿ Apr 12, 2016 15:51 |
|
moonshine is...... posted:So apparently this is a thing https://deaddrops.com/ a friend of mine told me her techie friend is really into it. So that's fun. a museum I worked at some years back did something like that. I forget how it ended up but it was popular enough e. nice finally saw my gangtags
|
# ¿ Apr 15, 2016 02:47 |
|
Parallel Paraplegic posted:i have pictures of butts permanently tied to my google account, and when i get a new picture google displays it in a gallery and if I accidentally swipe left or right whoops now it's a butt was it 10 gigs of butts?
|
# ¿ Apr 15, 2016 16:04 |
|
no starch press is running a deal with humble bundle to sell a bunch of their ebooks for cheap. it includes Hacking: The Art of Exploitation and Practical Malware Analysis (these two start at the $15 tier but well worth it imho) https://www.humblebundle.com/books/no-starch-hacking-books
|
# ¿ Apr 27, 2016 19:12 |
|
Volmarias posted:Well, what are you going to do? Go with another registrar for .as? volmari.as?
|
# ¿ Apr 28, 2016 14:12 |
|
El Mero Mero posted:I dissected the post I was making and found it was this that was combination of letters within my post that was triggering it: lol everyone post ur best sql injection strings
|
# ¿ Apr 28, 2016 17:14 |
|
Symbolic Butt posted:cjs: thinking about rolling my own crypto :nadim:
|
# ¿ Apr 28, 2016 19:41 |
|
ewiley posted:oh boy where to begin post that image from the Simpsons where the screen door was left unlocked in the secure facility
|
# ¿ Apr 28, 2016 21:15 |
|
BangersInMyKnickers posted:Lol, PHP announce list doesn't validate senders so this gem just came through to everybody lol
|
# ¿ Apr 29, 2016 22:10 |
|
~Coxy posted:and there was at least one ring-O cold boot vulnerability hackbunny posted:lol you jerk
|
# ¿ Apr 30, 2016 14:20 |
|
Phone posted:i've coded gotos in tyool 2016 GOTO gbs;
|
# ¿ Apr 30, 2016 22:23 |
|
I use base5318008
|
# ¿ May 4, 2016 13:23 |
|
Captain Foo posted:lol has evolved into lmao!
|
# ¿ Jul 8, 2016 18:48 |
|
anthonypants posted:i did a security fuckup last night, where i overwrote the root user's authorized_keys file on all the linux servers without looking to see if all of them had stuff in them, because i spot-checked a few servers and most didn't even have an .ssl folder. so i made a key for nessus and configured nessus to use it and went home so is it oracle or Oracle or 0racle?
|
# ¿ Jul 9, 2016 03:25 |
|
thehustler posted:any good pokemon secfuck writeups/blogs yet? blog writers are too busy playing Pokemon games and getting mugged by teens
|
# ¿ Jul 11, 2016 11:00 |
|
pr0zac posted:gently caress ya i can finally talk about this cool. does fb still do invasive tracking even for logged out users
|
# ¿ Jul 11, 2016 14:35 |
|
this is really handy! I might share this with others quote:unrelatedly, my mom just passed away so I've spent most of today trying to get her affairs in order, its kind of ridiculous how easy it is to take over all of someone's internet accounts with only a small amount of personal knowledge, especially once i got into her email and found a chain email questionnaire thing which was basically "answers to every common security question"
|
# ¿ Jul 11, 2016 17:22 |
|
Bhodi posted:environment variables are bad but it's the best of a sometimes necessary solution; there are no good universal credential stores like there are on windows. All stock solutions are compromised the same way, if you have access to that user, you have access to that user's process memory and storage; you can read files and obscure poo poo via 0400 perms but at the end of the day it's all the same security context and since the code is being read and probably stored you can sniff any decryption keys/salts as-needed, the best you can do is obscure and isolate with unique passwords, at least env variables aren't passed into process lists this is a good answer
|
# ¿ Jul 11, 2016 17:24 |
|
daft punk railroad posted:passwords are like underwear: usually lovely dsyp - a cool guy
|
# ¿ Jul 26, 2016 17:54 |
|
oh shi
|
# ¿ Jul 27, 2016 01:51 |
|
Travis is a drat wizard
|
# ¿ Jul 27, 2016 05:45 |
|
Blinkz0rz posted:not to doxx myself but corp communications just emailed the company telling us to look for our logo in the new bourne movie and it gave me a hearty lol are you the bad guys in the movie?
|
# ¿ Jul 30, 2016 13:58 |
|
Jimmy Carter posted:oh sweet the talk about master-keyed systems is up the Chinese lock talk was also pretty interesting
|
# ¿ Jul 30, 2016 14:20 |
|
LeftistMuslimObama posted:lomarf I'm the reaction gif bookmark
|
# ¿ Aug 2, 2016 16:43 |
|
Captain Foo posted:snowden talkin on tweetz0r that the equation group hack is likely russians demonstrating CCNE in order to show that they can prove U.S. responsibility of any attacks sourcing from that server, which he speculates is now being made more public in order to halt escalation of attribution in the DNC hack what's ccne? this whole ordeal is sounding more like a spy novel
|
# ¿ Aug 16, 2016 13:25 |
|
Perplx posted:this privacy doesn't sound pretty good at all
|
# ¿ Aug 16, 2016 22:38 |
|
Parallel Paraplegic posted:I should really get back to reverse engineering that smart plug i have, maybe I can turn my toaster into a bomb carbs are poison so the toaster is already doing its job
|
# ¿ Aug 23, 2016 14:25 |
|
YeOldeButchere posted:dadsec dadsec joke hey Phil, can you make me an account on the Dev server? Phil: *taps you on the head* now you're an account on the Dev server!
|
# ¿ Sep 8, 2016 22:17 |
|
VikingofRock posted:So one of the science organizations that I work for has a bunch of non-public data in a database. To log into this database you use an automatically generated password which is literally your name + a string which is the same for everyone. This string is posted on our (private) wiki, but on the wiki one of the characters in the string is incorrect, which led to me not being able to log in. Upon being informed that the string was off by one character, I asked whether I should fix this on the wiki, and the answer was "no, because it helps security through obscurity". hunter3
|
# ¿ Oct 7, 2016 01:42 |
|
apseudonym posted:Some of us work on TLS stuff atomicthumbs posted:what if we forked SSL into another thread so that this one would only have interesting things in it
|
# ¿ Nov 16, 2016 01:56 |
|
Acer Pilot posted:Do you guys think that if I made my security question "make them spell out the random characters below," the csr might actually enforce it? pro tip: the person answering the phone doesn't care and doesn't flinch at yet another puny caller
|
# ¿ Nov 16, 2016 03:32 |
|
|
# ¿ May 22, 2024 15:29 |
|
Phone posted:some would say that he's living large he ate all the FAT32 partitions
|
# ¿ Nov 17, 2016 21:57 |